| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hinweis von web.de auf Zeus gefunden wurde Trojaner.BankerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.10.2012, 20:53
| #1 |
 |  Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Da ich von Web.de den Hinweis bekam der Trojaner Zeus könnte auf meinem Rechner sein habe ich mit Malewarebytes ein scan durchgeführt (siehe unten) könnt ihr mir sagen ob ich mein Rechner (Laptop) neu aufsetzen muss oder ob ich noch mal Glück gehabt habe. |
|
09.10.2012, 06:23
| #2 |
| /// the machine /// TB-Ausbilder    | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Hi,
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
CREATERESTOREPOINT
__________________ |
|
09.10.2012, 16:56
| #3 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Hi hier die TXTOTL Logfile:
__________________Code:
ATTFilter OTL Extras logfile created on: 09.10.2012 17:19:39 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dennis_2\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,10% Memory free
6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 111,88 Gb Total Space | 2,15 Gb Free Space | 1,92% Space Free | Partition Type: NTFS
Drive D: | 111,00 Gb Total Space | 96,85 Gb Free Space | 87,25% Space Free | Partition Type: NTFS
Drive F: | 3,69 Gb Total Space | 3,68 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: MASTERSREICH | User Name: Dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2594E44C-078C-4AFF-B066-230A6E9F5D4B}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A21D6AA-422D-4D57-BC8A-36BC96FFAA84}" = lport=139 | protocol=6 | dir=in | app=system |
"{518D8EE6-F328-40FC-802E-31B92D2E2007}" = rport=139 | protocol=6 | dir=out | app=system |
"{5536BD33-1D09-4FFE-9B1F-7A0BCE7A6E24}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C9C0452-3E9D-4EF0-A7C4-620B2FEE17BE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{949DEB38-720E-4FA4-984A-06684B29E280}" = lport=138 | protocol=17 | dir=in | app=system |
"{A8774147-24CC-4B83-A493-BD4DFF50E236}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{C691E232-7441-4AAA-B176-D9A1523D97AE}" = rport=138 | protocol=17 | dir=out | app=system |
"{D2690371-557C-4DD8-83F8-A75A6E8DAA2A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E99CF2AD-F735-4CC2-8E85-44CA91BD808A}" = lport=445 | protocol=6 | dir=in | app=system |
"{EE22A237-43F0-4BD9-A9C8-C2EADDE39D56}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A0F4E71-824D-498C-BE09-43EF25998BAB}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{1633AF2B-9328-4160-8B66-6430B6F351D3}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
"{18C91CA0-5626-49DD-9B4F-7DFF43685C51}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{30972822-9177-4F3A-ACA9-FB9E6F608A21}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{53609DDC-0599-43DF-9920-268C31C9CB41}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{89609C86-97C0-410A-8154-D76AC7B03F8D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004C5DA2-2051-4D25-94BA-51CF810C91EB}" = LightScribe System Software 1.12.37.1
"{00AF10C1-44BD-4862-9D7F-24E6BA3E87FD}" = imagine digital freedom - Samsung
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.6300
"{046C92D0-E561-A9CE-26FD-1310F9EC3307}" = Skins
"{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}" = ElsterFormular 2008/2009
"{04983D37-2202-4295-94A2-8B547C66133F}" = Atheros WLAN Client
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{0F2140FC-F592-74EE-4C9F-AB5925C9206A}" = CCC Help Polish
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution III
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1AC740CF-D174-E606-7D64-C89006EFF5F7}" = CCC Help Thai
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20AAF16F-58AA-9815-6DA2-5A9E327EBCD9}" = CCC Help Hungarian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2433BAD7-453F-473D-BE81-455E68940DEB}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 20
"{3027D5A2-B891-769A-0EC1-AE353CB87095}" = Catalyst Control Center Localization Japanese
"{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"{30AFA4D1-DBBB-31D9-43B6-1F309DBFB632}" = Catalyst Control Center Localization Portuguese
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32B08666-1587-435D-988C-7958A04B218A}_is1" = OMSI Addon Manager Version 1.2.4
"{32D6A58F-9659-446C-BBFC-E6F2B41F24DC}" = Samsung Magic Doctor
"{32F5F27A-0B8F-FD96-D716-9CC28A514265}" = Catalyst Control Center Localization Hungarian
"{33D5553C-4603-FFAE-CE7E-3245B9A5F4BD}" = Catalyst Control Center Graphics Previews Vista
"{347562E6-683C-1740-9B93-59F3C9DFA819}" = CCC Help Swedish
"{35F45C14-2925-507F-CD19-B0C3802A1A56}" = ATI Catalyst Install Manager
"{36BEAD11-8577-49AD-9250-E06A50AE87B0}" = Microsoft SOAP Toolkit 2.0 SP2
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{39ED3C48-3A24-BC9F-15FD-789BB728A1AF}" = CCC Help Finnish
"{3AF8FCCD-F51A-4014-9002-F195E1CBC876}" = Logitech QuickCam
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D294F77-AD11-45A5-B56B-E0D9C63C21FF}" = World of Subways Vol. 3
"{3D4EA6D7-D668-5EC3-ED86-838926DD0E3E}" = Catalyst Control Center Graphics Full Existing
"{4073F8AC-0AF5-F1FA-62A3-E910ECD5BE9E}" = Catalyst Control Center Localization Italian
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{45728921-2EF7-B069-7A6B-E758B1B36031}" = CCC Help Japanese
"{495C9BC2-5410-45A3-A436-965C73644CB2}" = TS Convert 3.2
"{49901BB7-9A47-DB26-DD88-0FB132C311E4}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C59E6E3-B084-712F-93C4-DD030BA8382B}" = ccc-core-static
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{573A517B-4ED9-5B89-87A9-0EA47AD2E70B}" = Catalyst Control Center Localization Turkish
"{585FB3C3-03A1-C1A4-E684-26D951F49623}" = Catalyst Control Center Localization Korean
"{5C85747A-91B6-4233-AAF8-063506D0FF4F}" = LG United Mobile Drivers
"{5F2D1D6E-54BE-35FC-98A3-B7499A82AC57}" = CCC Help Norwegian
"{6023D6AB-8703-44F4-A496-86FBF9E4792F}_is1" = Querfurt for OMSI Version 1.1
"{60DDAC19-B97C-7CC2-41EF-9DA9E73417F8}" = Catalyst Control Center Localization Czech
"{628697C2-7F0E-40D2-8020-A147B3090F60}" = MorphVOX Pro
"{63DB5B24-6D91-ED26-CE81-AE4478A4AF17}" = Catalyst Control Center Graphics Full New
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AE58499-EF87-902E-A399-1D3A1E8B7CF8}" = Catalyst Control Center Localization Russian
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6E74CE9F-D1DD-A0CF-CA8F-DCEE81EED03A}" = Catalyst Control Center Localization Thai
"{6F730513-8688-4C3C-90A3-6B9792CE2EF3}" = Easy Battery Manager
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71A51B09-E7D3-11DB-A386-005056C00008}" = Vimicro UVC Camera
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{768F22DC-2D20-4F52-A9A1-5E231FB7F752}" = Logitech Gaming Software 5.04
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{796BD299-B2D0-F06B-F83A-A3FAB7847BDC}" = CCC Help Turkish
"{7B233975-3F27-8A78-EFE7-2017DB517AEC}" = Catalyst Control Center InstallProxy
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C977C15-9D4A-BB45-5CF5-F6816653A66F}" = CCC Help Russian
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{804F1285-8CBF-408D-8CDC-D4D40003B2E4}" = PlayCamera
"{8387CF84-6445-4657-248F-85D823FD1DAA}" = CCC Help Chinese Standard
"{85578405-833F-C4D9-469A-5BD3D5CD9B2D}" = Catalyst Control Center Localization French
"{8649802A-88A1-4F85-A606-4B91821EFE3E}" = Tunebite
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{889CD612-1A61-E9F4-01EB-305E1F13D4CF}" = CCC Help Danish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406}" = iLivid
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{94AD95CF-6E86-360B-FBD8-96E745E9EE78}" = Catalyst Control Center Localization Norwegian
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{956ECA95-F547-80DF-B744-95C15EAA3A01}" = ccc-utility
"{98783FD6-051D-44A8-2F08-22B431C7AC29}" = CCC Help Chinese Traditional
"{9AE850A4-B89D-4875-A159-B1B64D717EFB}" = OMSI - Der Omnibussimulator
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A6B8F23D-1049-5311-B7DE-D315DDB537D6}" = Catalyst Control Center Localization Chinese Standard
"{A74A4848-AF0D-4D12-16AD-51981E99DA58}" = CCC Help French
"{A84DB2DD-084D-30A9-7BB1-5A96AC1A1D2D}" = CCC Help Spanish
"{A91C86A8-E694-FE62-964A-68E460C27525}" = CCC Help Dutch
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B143D835-EBAF-4A39-8B31-1868FF4166C1}" = AVG 2012
"{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}" = PixiePack Codec Pack
"{B497CE99-D8C1-5A26-6C6A-105BA59282BB}" = Catalyst Control Center Localization Dutch
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{C06BA206-9FBC-B8AB-E70B-0AF16B4E042B}" = CCC Help German
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6AF42C2-793E-D705-BA1B-10D909BDFDB2}" = Catalyst Control Center Localization Chinese Traditional
"{C6C27CAE-8F2A-5E3F-47CC-7394107CBBC0}" = Catalyst Control Center Localization Danish
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C9DD05CD-CC28-AEF4-1631-AB3D63EF4358}" = Catalyst Control Center Localization Finnish
"{CA23D4B1-3D23-3BE6-832E-5BE877EC99C4}" = Catalyst Control Center Core Implementation
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2FD95DA-E308-F73D-FE2B-D558DBC93C28}" = Catalyst Control Center Localization Spanish
"{DCC40E9D-B2B7-DF86-BFDE-39246E5323E9}" = Catalyst Control Center Graphics Light
"{DEF12F1C-1C2F-2E12-FE0B-1E6B2E1933BF}" = CCC Help English
"{DF7DBA84-0A55-11D6-A0A6-6A7573736972}" = Polar Precision Performance SW
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{E85932CF-3D2C-BEAF-157B-9B79D163F27A}" = CCC Help Czech
"{E9BEBBC9-DB8E-3D94-94ED-C279F686C3B1}" = Catalyst Control Center Localization Polish
"{ED7CF899-B466-C4DC-58F4-33D157FD9840}" = Catalyst Control Center Localization Greek
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEE02F25-B3D5-8EB0-3FB6-F3D603237D66}" = Catalyst Control Center Localization Swedish
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0F23FB0-B605-D626-ACD0-9D7F4BAB88BB}" = CCC Help Greek
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"{FBBFF451-F9B1-F1E5-D5C2-FAAF0C020658}" = CCC Help Korean
"{FDA7BA48-20D4-9E57-0349-69E9EB371C86}" = Catalyst Control Center Localization German
"{FDE2754E-6923-508A-1218-D482A7FC2F93}" = CCC Help Italian
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"AVG" = AVG 2012
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"Bus-Simulator 2012_is1" = Bus-Simulator 2012
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Internet Security
"ElsterFormular für Privatanwender 12.0.0.5880p" = ElsterFormular für Privatanwender
"ESET Online Scanner" = ESET Online Scanner v3
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.93
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908
"Game Booster_is1" = Game Booster
"ICQToolbar" = ICQ Toolbar
"InstallShield_{308BD058-411C-4AF2-8BF6-A6C7CFD0270D}" = Easy Network Manager 4.0
"InstallShield_{685707A4-911C-468D-BFC4-64A50E5E3A0C}" = Samsung Update Plus
"MAGIX Podcast Maker e-version D" = MAGIX Podcast Maker e-version (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Thunderbird (3.1.5)" = Mozilla Thunderbird (3.1.5)
"MyTomTom" = MyTomTom 3.1.0.530
"OMSI - Addon Querfurt" = OMSI - Addon Querfurt 1.0
"PROHYBRIDR" = 2007 Microsoft Office system
"ProTrain 10 - DELUXE - 1.0" = ProTrain 10 - DELUXE - 1.0
"ProTrain 20 Dortmund - Hannover 1.0" = ProTrain 20 Dortmund - Hannover 1.0
"ProTrain 24 Kassel-Fulda 1.0" = ProTrain 24 Kassel-Fulda 1.0
"ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0" = ProTrain 25 Koblenz - Giessen "Lahntalbahn" 1.0
"ProTrain 38 "Hannover-Kassel" 1.0" = ProTrain 38 "Hannover-Kassel" 1.0
"Renault Karosa Citybus 12M" = Renault Karosa Citybus 12M
"SkiRegionSimulator2012DemoDE_is1" = Skiregion Simulator 2012 Demo
"ST5UNST #1" = Kaminfeuer Titanium Edition
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Train Simulator 1.0" = Microsoft Train Simulator
"TS Convert" = TS Convert Update 3.0
"Uninstall_is1" = Uninstall 1.0.0.1
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"xp-AntiSpy" = xp-AntiSpy 3.97-9
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FBW_549" = FBW_549
"OMSI" = OMSI
"SkyDecks Panel Design, Project CRJ Panel, v1.15" = SkyDecks Panel Design, Project CRJ Panel, v1.15
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 05.10.2012 20:08:48 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 08.10.2012 11:33:13 | Computer Name = MastersReich | Source = WinMgmt | ID = 10
Description =
Error - 08.10.2012 11:35:48 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 08.10.2012 14:56:27 | Computer Name = MastersReich | Source = WinMgmt | ID = 10
Description =
Error - 08.10.2012 14:56:52 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.10.2012 01:15:19 | Computer Name = MastersReich | Source = WinMgmt | ID = 10
Description =
Error - 09.10.2012 01:15:21 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.10.2012 01:15:21 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.10.2012 11:12:30 | Computer Name = MastersReich | Source = WinMgmt | ID = 10
Description =
Error - 09.10.2012 11:12:44 | Computer Name = MastersReich | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\astragon\Bus-Simulator
2012\Bin_High_Win64\BusSimulator2012.exe". Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error encountered while reading event logs.
< End of report >
undOTL Logfile: Code:
ATTFilter OTL logfile created on: 09.10.2012 17:19:39 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dennis_2\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 62,10% Memory free 6,19 Gb Paging File | 4,99 Gb Available in Paging File | 80,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,88 Gb Total Space | 2,15 Gb Free Space | 1,92% Space Free | Partition Type: NTFS Drive D: | 111,00 Gb Total Space | 96,85 Gb Free Space | 87,25% Space Free | Partition Type: NTFS Drive F: | 3,69 Gb Total Space | 3,68 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: MASTERSREICH | User Name: Dennis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.09 17:17:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis_2\Downloads\OTL.exe PRC - [2012.07.31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe PRC - [2012.02.14 04:52:56 | 000,493,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcfgex.exe PRC - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2008.12.19 01:30:20 | 000,323,216 | ---- | M] (Napster) -- C:\Programme\Napster\napster.exe PRC - [2008.11.28 18:26:36 | 000,618,232 | ---- | M] () -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2008.08.19 07:17:04 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008.08.14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\Communications_Helper.exe PRC - [2008.08.14 17:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVCOMSER\LVComSer.exe PRC - [2008.07.08 04:27:00 | 006,273,568 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008.02.12 06:19:52 | 000,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe PRC - [2008.01.21 04:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2007.02.05 16:52:12 | 000,849,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe ========== Modules (No Company Name) ========== MOD - [2011.07.01 16:57:44 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll MOD - [2011.07.01 16:57:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll MOD - [2011.07.01 16:48:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll MOD - [2011.07.01 16:48:39 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll MOD - [2011.07.01 16:31:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2011.07.01 16:30:21 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2011.07.01 16:29:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2011.07.01 16:25:43 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2011.07.01 16:25:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2008.09.01 13:50:49 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3142.27162__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3142.27360__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,266,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3142.27118__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3142.27165__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3142.27323__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3142.27285__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3142.27155__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3142.27255__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3142.27140__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2008.09.01 13:50:34 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3142.27295__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3142.27362__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3142.27296__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2008.09.01 13:50:34 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3142.27133__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3142.27294__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3142.27259__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3142.27167__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3142.27142__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3142.27312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2008.09.01 13:50:33 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3142.27166__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3142.27359__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3142.27279__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3142.27258__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3142.27358__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3142.27174__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3142.27278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2008.09.01 13:50:32 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3142.27283__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:32 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3142.27175__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2008.09.01 13:50:31 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3142.27248__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:31 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3142.27257__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3142.27256__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3142.27257__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3142.27282__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3119.30092__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2008.09.01 13:50:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3119.30081__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3119.30104__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3119.30177__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3119.30120__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3119.30176__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2008.09.01 13:50:31 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2008.09.01 13:50:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3119.30063__90ba9c70f846762e\LOG.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3119.30065__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3119.30127__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2008.09.01 13:50:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3119.30117__90ba9c70f846762e\MOM.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3119.30171__90ba9c70f846762e\DEM.OS.dll MOD - [2008.09.01 13:50:29 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3119.30149__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3119.30067__90ba9c70f846762e\CLI.Foundation.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3119.30096__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3119.30145__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2008.09.01 13:50:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3119.30169__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3119.30118__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3119.30232__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3119.30167__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3119.30141__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3119.30146__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3119.30100__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3119.30089__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3119.30082__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3119.30128__90ba9c70f846762e\DEM.Graphics.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3119.30094__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3119.30139__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3119.30129__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2008.09.01 13:50:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3119.30122__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2008.09.01 13:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3119.30119__90ba9c70f846762e\APM.Foundation.dll MOD - [2008.09.01 13:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3119.30093__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2008.09.01 13:50:24 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3142.27111_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll MOD - [2008.09.01 13:50:24 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3142.27338_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2008.09.01 13:50:23 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3142.27379__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2008.09.01 13:50:23 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3142.27393__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2008.09.01 13:50:23 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3142.27105__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2008.09.01 13:50:22 | 000,999,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3142.27126__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2008.09.01 13:50:22 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3142.27338__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2008.09.01 13:50:22 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3142.27148__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2008.09.01 13:50:22 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3142.27349__90ba9c70f846762e\MOM.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3142.27109__90ba9c70f846762e\ATIDEMOS.dll MOD - [2008.09.01 13:50:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3142.27346__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3142.27111__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2008.09.01 13:50:22 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3142.27108__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2008.09.01 13:50:22 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3119.30123__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3119.30076__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3119.30101__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3119.30085__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2008.09.01 13:50:22 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3142.27348__90ba9c70f846762e\CCC.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3119.30121__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3119.30121__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3119.30113__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3119.30150__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3119.30074__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2008.09.01 13:50:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2008.09.01 13:50:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3142.27108__90ba9c70f846762e\APM.Server.dll MOD - [2008.09.01 13:50:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3142.27106__90ba9c70f846762e\AEM.Server.dll MOD - [2008.08.14 17:13:30 | 000,149,264 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008.08.14 17:13:08 | 000,165,136 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiCordless4001.dll MOD - [2008.08.14 17:13:08 | 000,138,000 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiCordless.dll MOD - [2008.08.14 17:12:10 | 000,167,184 | ---- | M] () -- C:\Programme\Logitech\QuickCam\EFVal.dll MOD - [2008.08.14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\Communications_Helper.exe MOD - [2008.08.14 17:11:48 | 000,345,872 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\DevMngr.dll MOD - [2008.08.08 09:48:22 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008.07.27 20:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:03:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.07.26 08:24:04 | 000,068,120 | ---- | M] () -- C:\Programme\Common Files\logishrd\LVCOMSER\LVCSPS.dll MOD - [2008.03.18 05:21:32 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.08.14 06:59:54 | 006,365,184 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtGui4.dll MOD - [2007.07.12 06:55:52 | 000,131,072 | ---- | M] () -- C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007.07.12 06:55:28 | 001,581,056 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtCore4.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.12.10 19:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SRV - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010.12.10 19:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2008.11.28 18:26:36 | 000,618,232 | ---- | M] () [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2006.10.26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - [2012.10.05 18:41:42 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012.07.26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2010.08.02 16:19:38 | 000,066,816 | ---- | M] (LG Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2010.08.02 16:19:36 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2010.08.02 16:19:34 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2010.08.02 16:19:32 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010.08.02 16:19:28 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010.08.02 16:19:26 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps) DRV - [2010.08.02 16:19:24 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010.08.02 16:19:22 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus) DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009.04.06 13:19:46 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009.01.23 10:49:06 | 000,038,816 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) DRV - [2009.01.13 19:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009.01.13 19:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009.01.13 19:13:36 | 000,031,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2009.01.13 19:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009.01.13 19:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2008.11.28 18:26:37 | 000,097,808 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2008.11.28 18:26:37 | 000,072,720 | ---- | M] (COMODO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\inspect.sys -- (Inspect) DRV - [2008.11.28 18:26:37 | 000,025,104 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2008.09.01 14:07:27 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2008.08.28 07:39:34 | 000,241,664 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008.08.08 10:31:30 | 003,895,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.07.26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008.05.28 10:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008.05.07 10:55:22 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008.04.28 02:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2008.03.21 05:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007.10.12 03:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007.10.12 02:56:00 | 001,279,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2006.11.08 00:02:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32) DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tunebite-firefox-surf-and-catch-extension@audials.com: C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ [2009.02.08 17:25:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.09.10 18:01:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.09.02 11:34:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.11.05 01:17:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.10.02 02:46:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files\AVG\AVG2012\Thunderbird\ [2012.02.07 01:19:22 | 000,000,000 | ---D | M] [2011.10.03 21:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Extensions [2009.04.26 23:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\extensions [2009.04.26 23:00:05 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2012.05.13 15:53:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\6vjf7ovq.default\extensions [2009.09.02 06:34:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Programme\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Tunebite_WebRipPlugin Class) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Programme\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKCU..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 File not found O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files\MyTomTom 3\MyTomTomSA.exe (TomTom) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil11e_Plugin.exe (Adobe Systems, Inc.) O4 - HKCU..\RunOnce: [Report] \AdwCleaner[S1].txt () O4 - Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk = C:\Programme\OMSI Addon Manager\OMSI Addon Manager.exe (Jan Kiesewalter) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08293879-2516-4F52-954A-50A7E3B00BF1}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34B77411-A3C9-42D5-918E-27107C0B0739}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD57838A-40EF-4ADB-BE5E-3F7B739EAC7E}: DhcpNameServer = 192.168.42.129 O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Sec\Wallpapers\wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Windows\Sec\Wallpapers\wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.08 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.10.05 18:40:59 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.05 18:40:59 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes [2012.10.05 18:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.05 18:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.05 18:39:38 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.10.05 18:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.14 04:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.14 04:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.09.10 18:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.09 17:29:59 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C9E77C98-A353-48E3-9E4A-A604B803B792}.job [2012.10.09 17:11:11 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.09 17:11:11 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.09 17:10:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.09 07:21:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.10.09 07:12:26 | 000,000,107 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2012.10.09 07:06:20 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1061286310-3026546113-1237927848-1004UA.job [2012.10.08 21:24:43 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.08 21:24:43 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.08 21:24:43 | 000,150,888 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.08 21:24:43 | 000,122,500 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.08 20:58:02 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1061286310-3026546113-1237927848-1004Core.job [2012.10.05 18:41:42 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.05 18:39:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.04 13:07:11 | 096,450,964 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2012.09.30 18:13:28 | 000,435,203 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2012.09.14 04:36:31 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.09.10 18:01:07 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.09 07:11:57 | 000,000,107 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2012.10.05 18:39:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.14 04:36:31 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.04.27 00:23:05 | 000,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\Input.xml [2012.04.26 23:56:30 | 000,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\Settings.xml [2011.09.17 00:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\Podcast.INI [2011.09.17 00:09:33 | 000,006,537 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.08.09 17:50:27 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2011.04.21 20:42:21 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2011.03.31 18:33:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011.03.31 18:33:06 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011.02.20 00:41:22 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009.01.03 00:07:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2012.07.21 15:55:40 | 000,000,854 | ---- | M] () -- C:\$Recycle.bin\S-1-5-21-1061286310-3026546113-1237927848-1003\$RAFZ5JE\Model\N.o3d [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.02.07 01:22:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\AVG2012 [2011.03.24 19:11:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.28 21:14:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\elsterformular [2011.02.20 00:41:27 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\FreeAudioPack [2011.06.30 00:29:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ICQ [2009.04.16 01:39:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Leadertech [2011.04.11 17:28:40 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\LG Electronics [2009.09.24 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Screaming Bee ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.09.02 11:34:30 | 000,000,000 | -H-D | M] -- C:\$AVG [2008.11.28 17:33:57 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2010.05.03 23:12:33 | 000,000,000 | ---D | M] -- C:\AVGTemp [2009.09.24 00:24:54 | 000,000,000 | ---D | M] -- C:\AV_LOGS [2008.02.08 11:31:20 | 000,000,000 | -HSD | M] -- C:\Boot [2012.09.19 17:32:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2008.11.28 14:49:37 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.28 18:44:12 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft [2012.02.21 02:33:07 | 000,000,000 | ---D | M] -- C:\Graphics [2011.03.31 19:43:56 | 000,000,000 | ---D | M] -- C:\LGP500 [2011.09.17 00:09:56 | 000,000,000 | ---D | M] -- C:\MAGIX [2012.09.07 22:36:20 | 000,000,000 | ---D | M] -- C:\Mozilla Firefox [2008.09.01 14:16:42 | 000,000,000 | RH-D | M] -- C:\MSOCache [2008.09.01 14:00:39 | 000,000,000 | ---D | M] -- C:\MyWorks [2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.10.09 07:11:55 | 000,000,000 | R--D | M] -- C:\Program Files [2012.10.09 07:11:49 | 000,000,000 | -H-D | M] -- C:\ProgramData [2008.11.28 14:49:37 | 000,000,000 | -HSD | M] -- C:\Programme [2009.01.15 22:29:20 | 000,000,000 | ---D | M] -- C:\SkyDecks Panel Design [2012.10.09 17:25:30 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008.11.28 17:33:26 | 000,000,000 | R--D | M] -- C:\Users [2012.10.09 07:11:57 | 000,000,000 | ---D | M] -- C:\Windows [2008.11.28 18:06:55 | 000,000,000 | ---D | M] -- C:\XP Antispy < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %windir%\installer\*. /5 > < %localappdata%\*. /5 > [2012.10.09 07:12:26 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Local\Temp ========== Files - Unicode (All) ========== [2009.02.13 16:52:32 | 000,000,000 | ---D | M](C:\Windows\System32\?etup.features.srv_emc_lotus) -- C:\Windows\System32\Ǝetup.features.srv_emc_lotus [2009.02.13 16:52:32 | 000,000,000 | ---D | C](C:\Windows\System32\?etup.features.srv_emc_lotus) -- C:\Windows\System32\Ǝetup.features.srv_emc_lotus ========== Alternate Data Streams ========== @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:40D3D3E8 < End of report > |
|
09.10.2012, 17:36
| #4 | |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.BankerCombofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.10.2012, 18:58
| #5 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Nun hab ich das Peoblem ddas wenn er Neustartet danach 2 Fenster nacheinander aufploppen und wieder schließen das eine ist blau und das andere ist schwarz was is denn nun ?! |
|
09.10.2012, 18:59
| #6 |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Hast Du Combofix laufen lassen? Logfile?
__________________ --> Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker |
|
09.10.2012, 19:02
| #7 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker ja hab ich ja und als er neu gestartet hat und ich mich wie gewohnt angemeldet habe ploppten die 2 fenster auf die ganze zeit und gingen wieder zu die waren ja von combofix liegt es daran das ich combofix nicht auf dem desktop gespeichert habe? |
|
09.10.2012, 19:09
| #8 |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Könnte sein. Schau mal ob du C:\Combofix.txt findest.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.10.2012, 19:11
| #9 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker kleine Ergänzung nachdem ich nun im gesichrten Modus die Datei auf den Desktop gezogen habe ploppen die fenster nicht merh auf aber wo finde ich die logs? nein hab ich nicht gefunden ich mach es noch mal neu? Geändert von Sunny80 (09.10.2012 um 19:13 Uhr) Grund: ergänzung |
|
09.10.2012, 19:13
| #10 |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Ja, aber bitte nicht im Abgesicherten Modus, sondern im Normal Modus, vom desktop aus.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.10.2012, 19:41
| #11 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker gleiche problem wieder nach dem Neustart ploppen die Fenster wie wild auf und zu ohne das ich was machen kann hab eine txt gefunden ComboFix 12-10-09.01 - Dennis 09.10.2012 20:18:07.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.49.1031.18.3070.2084 [GMT 2:00] ausgeführt von:: C:\Users\Dennis_2\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Geändert von Sunny80 (09.10.2012 um 19:43 Uhr) Grund: fehler |
|
09.10.2012, 20:14
| #12 |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.10.2012, 20:25
| #13 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker 21:21:39.0823 4788 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 21:21:41.0831 4788 ============================================================ 21:21:41.0832 4788 Current date / time: 2012/10/09 21:21:41.0831 21:21:41.0832 4788 SystemInfo: 21:21:41.0832 4788 21:21:41.0832 4788 OS Version: 6.0.6001 ServicePack: 1.0 21:21:41.0832 4788 Product type: Workstation 21:21:41.0832 4788 ComputerName: MASTERSREICH 21:21:41.0835 4788 UserName: Dennis 21:21:41.0835 4788 Windows directory: C:\Windows 21:21:41.0835 4788 System windows directory: C:\Windows 21:21:41.0835 4788 Processor architecture: Intel x86 21:21:41.0835 4788 Number of processors: 2 21:21:41.0835 4788 Page size: 0x1000 21:21:41.0835 4788 Boot type: Normal boot 21:21:41.0835 4788 ============================================================ 21:21:44.0279 4788 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 21:21:44.0319 4788 Drive \Device\Harddisk1\DR1 - Size: 0xEC580000 (3.69 Gb), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 21:21:44.0326 4788 ============================================================ 21:21:44.0326 4788 \Device\Harddisk0\DR0: 21:21:44.0379 4788 MBR partitions: 21:21:44.0380 4788 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0xDFC5000 21:21:44.0380 4788 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF3C5800, BlocksNum 0xDDFF800 21:21:44.0380 4788 \Device\Harddisk1\DR1: 21:21:44.0382 4788 MBR partitions: 21:21:44.0382 4788 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00 21:21:44.0382 4788 ============================================================ 21:21:44.0412 4788 C: <-> \Device\Harddisk0\DR0\Partition1 21:21:44.0563 4788 D: <-> \Device\Harddisk0\DR0\Partition2 21:21:44.0564 4788 ============================================================ 21:21:44.0564 4788 Initialize success 21:21:44.0564 4788 ============================================================ 21:21:56.0254 2916 ============================================================ 21:21:56.0254 2916 Scan started 21:21:56.0254 2916 Mode: Manual; 21:21:56.0254 2916 ============================================================ 21:21:57.0241 2916 ================ Scan system memory ======================== 21:21:57.0241 2916 System memory - ok 21:21:57.0242 2916 ================ Scan services ============================= 21:21:57.0687 2916 [ FCB8C7210F0135E24C6580F7F649C73C ] ACPI C:\Windows\system32\drivers\acpi.sys 21:21:57.0693 2916 ACPI - ok 21:21:57.0730 2916 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 21:21:57.0754 2916 adp94xx - ok 21:21:57.0785 2916 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 21:21:57.0830 2916 adpahci - ok 21:21:57.0858 2916 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 21:21:57.0864 2916 adpu160m - ok 21:21:57.0923 2916 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 21:21:57.0931 2916 adpu320 - ok 21:21:58.0003 2916 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 21:21:58.0005 2916 AeLookupSvc - ok 21:21:58.0083 2916 [ 48EB99503533C27AC6135648E5474457 ] AFD C:\Windows\system32\drivers\afd.sys 21:21:58.0089 2916 AFD - ok 21:21:58.0189 2916 [ 1CFEBA39FC613E45B49D3EDDFBCDA289 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys 21:21:58.0235 2916 AgereSoftModem - ok 21:21:58.0267 2916 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 21:21:58.0271 2916 agp440 - ok 21:21:58.0311 2916 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 21:21:58.0316 2916 aic78xx - ok 21:21:58.0334 2916 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 21:21:58.0336 2916 ALG - ok 21:21:58.0435 2916 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 21:21:58.0438 2916 aliide - ok 21:21:58.0465 2916 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 21:21:58.0469 2916 amdagp - ok 21:21:58.0487 2916 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 21:21:58.0490 2916 amdide - ok 21:21:58.0510 2916 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 21:21:58.0514 2916 AmdK7 - ok 21:21:58.0536 2916 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 21:21:58.0543 2916 AmdK8 - ok 21:21:58.0599 2916 [ 19F9B865832FC563ED8EED449CB4FF31 ] Andbus C:\Windows\system32\DRIVERS\lgandbus.sys 21:21:58.0601 2916 Andbus - ok 21:21:58.0677 2916 [ C896B7DCD81862CB51E5C2EBCF0B50CA ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys 21:21:58.0690 2916 AndDiag - ok 21:21:58.0723 2916 [ 2D4F4EE70EB5A03CFFAA50E6D6B67BC8 ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys 21:21:58.0726 2916 AndGps - ok 21:21:58.0741 2916 [ 13947A4E2343D1DAE526FB9B8E7898DC ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys 21:21:58.0744 2916 ANDModem - ok 21:21:58.0797 2916 [ 3F2EBD9A12A81CDAA8B2C29847368FA4 ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag.sys 21:21:58.0799 2916 AndNetDiag - ok 21:21:58.0851 2916 [ 20F51E572867722C64B24DCAD48D0FA8 ] AndNetGps C:\Windows\system32\DRIVERS\lgandnetgps.sys 21:21:58.0854 2916 AndNetGps - ok 21:21:58.0875 2916 [ 459FFE40C02ED587D2E1A5D414C97D6D ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem.sys 21:21:58.0878 2916 ANDNetModem - ok 21:21:58.0949 2916 [ 154D65E5463EC008B73AEEDC247C12EF ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis.sys 21:21:58.0953 2916 andnetndis - ok 21:21:59.0023 2916 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 21:21:59.0025 2916 Appinfo - ok 21:21:59.0119 2916 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 21:21:59.0123 2916 arc - ok 21:21:59.0148 2916 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 21:21:59.0154 2916 arcsas - ok 21:21:59.0208 2916 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 21:21:59.0211 2916 AsyncMac - ok 21:21:59.0247 2916 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys 21:21:59.0249 2916 atapi - ok 21:21:59.0338 2916 [ DCDFC3A5A8B239055AAB6BD975ADA889 ] athr C:\Windows\system32\DRIVERS\athr.sys 21:21:59.0383 2916 athr - ok 21:21:59.0473 2916 [ 2A38746A3D08D922869C196A232DA8CF ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe 21:21:59.0484 2916 Ati External Event Utility - ok 21:21:59.0710 2916 [ 51E640BC8E8152C50EEAD215B18C6CBB ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 21:21:59.0842 2916 atikmdag - ok 21:21:59.0869 2916 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys 21:21:59.0871 2916 AtiPcie - ok 21:21:59.0935 2916 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 21:21:59.0941 2916 AudioEndpointBuilder - ok 21:21:59.0959 2916 [ 42076E29AAFA0830A2C5D4E310F58DD1 ] Audiosrv C:\Windows\System32\Audiosrv.dll 21:21:59.0965 2916 Audiosrv - ok 21:22:00.0067 2916 AVG Security Toolbar Service - ok 21:22:00.0337 2916 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe 21:22:00.0413 2916 AVGIDSAgent - ok 21:22:00.0502 2916 [ 1074F787080068C71303B61FAE7E7CA4 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys 21:22:00.0506 2916 AVGIDSDriver - ok 21:22:00.0521 2916 [ 61A7E0B02F82CFF3DB2445BBE50B3589 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfilterx.sys 21:22:00.0523 2916 AVGIDSFilter - ok 21:22:00.0565 2916 [ D63D83659EEDF60B3A3E620281A888E5 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys 21:22:00.0567 2916 AVGIDSHX - ok 21:22:00.0617 2916 [ BAF975B72062F53D327788E99D64197E ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys 21:22:00.0619 2916 AVGIDSShim - ok 21:22:00.0721 2916 [ DCB09125C8B4766A88C86914B65487C1 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys 21:22:00.0727 2916 Avgldx86 - ok 21:22:00.0790 2916 [ CCDD61545AAEA265977E4B1EFDC74E8C ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys 21:22:00.0792 2916 Avgmfx86 - ok 21:22:00.0826 2916 [ 1FD90B28D2C3100BF4500199C8AD6358 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys 21:22:00.0828 2916 Avgrkx86 - ok 21:22:00.0881 2916 [ C0BC3B2E3FD625E7F55E1FF863E94592 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys 21:22:00.0888 2916 Avgtdix - ok 21:22:00.0960 2916 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe 21:22:00.0964 2916 avgwd - ok 21:22:01.0011 2916 [ 08015D34F6FDD0B355805BAD978497C3 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys 21:22:01.0015 2916 bcm4sbxp - ok 21:22:01.0065 2916 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe 21:22:01.0068 2916 BcmSqlStartupSvc - ok 21:22:01.0090 2916 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 21:22:01.0093 2916 Beep - ok 21:22:01.0128 2916 [ 8582E233C346AEFE759833E8A30DD697 ] BFE C:\Windows\System32\bfe.dll 21:22:01.0186 2916 BFE - ok 21:22:01.0249 2916 [ 02ED7B4DBC2A3232A389106DA7515C3D ] BITS C:\Windows\system32\qmgr.dll 21:22:01.0266 2916 BITS - ok 21:22:01.0303 2916 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 21:22:01.0327 2916 blbdrive - ok 21:22:01.0372 2916 [ 8153396D5551276227FA146900F734E6 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 21:22:01.0375 2916 bowser - ok 21:22:01.0397 2916 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 21:22:01.0401 2916 BrFiltLo - ok 21:22:01.0447 2916 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 21:22:01.0450 2916 BrFiltUp - ok 21:22:01.0484 2916 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 21:22:01.0487 2916 Browser - ok 21:22:01.0533 2916 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 21:22:01.0540 2916 Brserid - ok 21:22:01.0565 2916 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 21:22:01.0571 2916 BrSerWdm - ok 21:22:01.0602 2916 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 21:22:01.0605 2916 BrUsbMdm - ok 21:22:01.0664 2916 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 21:22:01.0680 2916 BrUsbSer - ok 21:22:01.0720 2916 [ DA7B195275BDA7F8FCF79B40E0F45DDE ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 21:22:01.0741 2916 BthEnum - ok 21:22:01.0773 2916 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 21:22:01.0777 2916 BTHMODEM - ok 21:22:01.0820 2916 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 21:22:01.0841 2916 BthPan - ok 21:22:01.0882 2916 [ 73D53F8E90550BA81E2CF44A0873B410 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 21:22:01.0901 2916 BTHPORT - ok 21:22:01.0952 2916 [ 58EE7F5E68310BC8D4E7CEBD8358C12E ] BthServ C:\Windows\System32\bthserv.dll 21:22:01.0955 2916 BthServ - ok 21:22:01.0993 2916 [ 32045A4BB143BBC5BAB1298C4E9E309A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 21:22:01.0997 2916 BTHUSB - ok 21:22:02.0051 2916 [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 21:22:02.0057 2916 btwaudio - ok 21:22:02.0105 2916 [ 195872E48A7FB01F8BC9B800F70F4054 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys 21:22:02.0128 2916 btwavdt - ok 21:22:02.0167 2916 [ 0724E7D6C9B6A289EDDDA33FA8176E80 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 21:22:02.0173 2916 btwrchid - ok 21:22:02.0352 2916 catchme - ok 21:22:02.0435 2916 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 21:22:02.0486 2916 cdfs - ok 21:22:02.0592 2916 [ 1EC25CEA0DE6AC4718BF89F9E1778B57 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 21:22:02.0604 2916 cdrom - ok 21:22:02.0678 2916 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] CertPropSvc C:\Windows\System32\certprop.dll 21:22:02.0680 2916 CertPropSvc - ok 21:22:02.0721 2916 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 21:22:02.0723 2916 circlass - ok 21:22:02.0818 2916 [ 465745561C832B29F7C48B488AAB3842 ] CLFS C:\Windows\system32\CLFS.sys 21:22:02.0824 2916 CLFS - ok 21:22:02.0947 2916 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:22:02.0963 2916 clr_optimization_v2.0.50727_32 - ok 21:22:03.0059 2916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:22:03.0082 2916 clr_optimization_v4.0.30319_32 - ok 21:22:03.0139 2916 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 21:22:03.0153 2916 CmBatt - ok 21:22:03.0245 2916 [ 9668A73FBD2FD687915E133B79E6C591 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 21:22:03.0257 2916 cmdAgent - ok 21:22:03.0292 2916 [ 896DC31580B2BEF5F6C00F6217A14442 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys 21:22:03.0296 2916 cmdGuard - ok 21:22:03.0338 2916 [ C4D1F0D9C7DFC584A50F0F77BB54CD2B ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys 21:22:03.0340 2916 cmdHlp - ok 21:22:03.0380 2916 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 21:22:03.0406 2916 cmdide - ok 21:22:03.0450 2916 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 21:22:03.0452 2916 Compbatt - ok 21:22:03.0464 2916 COMSysApp - ok 21:22:03.0508 2916 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 21:22:03.0510 2916 crcdisk - ok 21:22:03.0552 2916 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 21:22:03.0575 2916 Crusoe - ok 21:22:03.0677 2916 [ 6DE363F9F99334514C46AEC02D3E3678 ] CryptSvc C:\Windows\system32\cryptsvc.dll 21:22:03.0681 2916 CryptSvc - ok 21:22:03.0767 2916 [ 301AE00E12408650BADDC04DBC832830 ] DcomLaunch C:\Windows\system32\rpcss.dll 21:22:03.0783 2916 DcomLaunch - ok 21:22:03.0841 2916 [ A3E9FA213F443AC77C7746119D13FEEC ] DfsC C:\Windows\system32\Drivers\dfsc.sys 21:22:03.0844 2916 DfsC - ok 21:22:04.0038 2916 [ FA3463F25F9CC9C3BCF1E7912FEFF099 ] DFSR C:\Windows\system32\DFSR.exe 21:22:04.0113 2916 DFSR - ok 21:22:04.0175 2916 [ 43A988A9C10333476CB5FB667CBD629D ] Dhcp C:\Windows\System32\dhcpcsvc.dll 21:22:04.0181 2916 Dhcp - ok 21:22:04.0224 2916 [ 64109E623ABD6955C8FB110B592E68B7 ] disk C:\Windows\system32\drivers\disk.sys 21:22:04.0227 2916 disk - ok 21:22:04.0286 2916 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D ] Dnscache C:\Windows\System32\dnsrslvr.dll 21:22:04.0291 2916 Dnscache - ok 21:22:04.0375 2916 [ 5AF620A08C614E24206B79E8153CF1A8 ] dot3svc C:\Windows\System32\dot3svc.dll 21:22:04.0380 2916 dot3svc - ok 21:22:04.0431 2916 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 21:22:04.0436 2916 DPS - ok 21:22:04.0460 2916 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 21:22:04.0463 2916 drmkaud - ok 21:22:04.0542 2916 [ 85F33880B8CFB554BD3D9CCDB486845A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 21:22:04.0552 2916 DXGKrnl - ok 21:22:04.0611 2916 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 21:22:04.0614 2916 E1G60 - ok 21:22:04.0651 2916 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 21:22:04.0655 2916 EapHost - ok 21:22:04.0700 2916 [ DD2CD259D83D8B72C02C5F2331FF9D68 ] Ecache C:\Windows\system32\drivers\ecache.sys 21:22:04.0704 2916 Ecache - ok 21:22:04.0757 2916 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 21:22:04.0762 2916 ehRecvr - ok 21:22:04.0800 2916 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 21:22:04.0803 2916 ehSched - ok 21:22:04.0838 2916 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 21:22:04.0841 2916 ehstart - ok 21:22:04.0935 2916 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 21:22:04.0942 2916 elxstor - ok 21:22:04.0994 2916 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C ] EMDMgmt C:\Windows\system32\emdmgmt.dll 21:22:05.0005 2916 EMDMgmt - ok 21:22:05.0040 2916 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 21:22:05.0043 2916 ErrDev - ok 21:22:05.0135 2916 [ 3CB3343D720168B575133A0A20DC2465 ] EventSystem C:\Windows\system32\es.dll 21:22:05.0142 2916 EventSystem - ok 21:22:05.0172 2916 [ 0D858EB20589A34EFB25695ACAA6AA2D ] exfat C:\Windows\system32\drivers\exfat.sys 21:22:05.0180 2916 exfat - ok 21:22:05.0222 2916 [ 3C489390C2E2064563727752AF8EAB9E ] fastfat C:\Windows\system32\drivers\fastfat.sys 21:22:05.0236 2916 fastfat - ok 21:22:05.0271 2916 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 21:22:05.0274 2916 fdc - ok 21:22:05.0313 2916 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 21:22:05.0316 2916 fdPHost - ok 21:22:05.0345 2916 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 21:22:05.0349 2916 FDResPub - ok 21:22:05.0371 2916 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 21:22:05.0374 2916 FileInfo - ok 21:22:05.0413 2916 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 21:22:05.0418 2916 Filetrace - ok 21:22:05.0465 2916 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 21:22:05.0468 2916 flpydisk - ok 21:22:05.0510 2916 [ 05EA53AFE985443011E36DAB07343B46 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 21:22:05.0514 2916 FltMgr - ok 21:22:05.0641 2916 [ C9BE08664611DDAF98E2331E9288B00B ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 21:22:05.0659 2916 FontCache3.0.0.0 - ok 21:22:05.0710 2916 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 21:22:05.0714 2916 Fs_Rec - ok 21:22:05.0762 2916 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 21:22:05.0765 2916 gagp30kx - ok 21:22:05.0895 2916 [ D9F1113D9401185245573350712F92FC ] gpsvc C:\Windows\System32\gpsvc.dll 21:22:05.0908 2916 gpsvc - ok 21:22:05.0963 2916 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 21:22:05.0973 2916 HdAudAddService - ok 21:22:06.0005 2916 [ C87B1EE051C0464491C1A7B03FA0BC99 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 21:22:06.0007 2916 HDAudBus - ok 21:22:06.0059 2916 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 21:22:06.0062 2916 HidBth - ok 21:22:06.0109 2916 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 21:22:06.0112 2916 HidIr - ok 21:22:06.0164 2916 [ 8FA640195279ACE21BEA91396A0054FC ] hidserv C:\Windows\System32\hidserv.dll 21:22:06.0168 2916 hidserv - ok 21:22:06.0223 2916 [ 854CA287AB7FAF949617A788306D967E ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 21:22:06.0226 2916 HidUsb - ok 21:22:06.0249 2916 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 21:22:06.0256 2916 hkmsvc - ok 21:22:06.0291 2916 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 21:22:06.0305 2916 HpCISSs - ok 21:22:06.0396 2916 [ 96E241624C71211A79C84F50A8E71CAB ] HTTP C:\Windows\system32\drivers\HTTP.sys 21:22:06.0404 2916 HTTP - ok 21:22:06.0468 2916 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 21:22:06.0470 2916 i2omp - ok 21:22:06.0508 2916 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 21:22:06.0512 2916 i8042prt - ok 21:22:06.0597 2916 [ 496DB78E6A0C4C44023D9A92B4A7AC31 ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys 21:22:06.0665 2916 ialm - ok 21:22:06.0693 2916 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 21:22:06.0719 2916 iaStorV - ok 21:22:06.0808 2916 [ 7A95A3AD931B97FEC5067E40636CE37F ] ICQ Service C:\Program Files\ICQ6Toolbar\ICQ Service.exe 21:22:06.0813 2916 ICQ Service - ok 21:22:06.0899 2916 [ 7B630ACAED64FEF0C3E1CF255CB56686 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 21:22:06.0943 2916 idsvc - ok 21:22:06.0972 2916 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 21:22:06.0977 2916 iirsp - ok 21:22:07.0034 2916 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC ] IKEEXT C:\Windows\System32\ikeext.dll 21:22:07.0092 2916 IKEEXT - ok 21:22:07.0163 2916 [ ECCDC208295929FD034CA950C1877C33 ] Inspect C:\Windows\system32\DRIVERS\inspect.sys 21:22:07.0166 2916 Inspect - ok 21:22:07.0306 2916 [ B0878F280FA335AC67F056A9BFE06E04 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 21:22:07.0342 2916 IntcAzAudAddService - ok 21:22:07.0396 2916 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 21:22:07.0400 2916 intelide - ok 21:22:07.0419 2916 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 21:22:07.0423 2916 intelppm - ok 21:22:07.0485 2916 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 21:22:07.0490 2916 IPBusEnum - ok 21:22:07.0514 2916 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:22:07.0518 2916 IpFilterDriver - ok 21:22:07.0575 2916 [ 6A35D233693EDC29A12742049BC5E37F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 21:22:07.0582 2916 iphlpsvc - ok 21:22:07.0594 2916 IpInIp - ok 21:22:07.0641 2916 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 21:22:07.0666 2916 IPMIDRV - ok 21:22:07.0712 2916 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 21:22:07.0730 2916 IPNAT - ok 21:22:07.0758 2916 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 21:22:07.0762 2916 IRENUM - ok 21:22:07.0800 2916 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 21:22:07.0802 2916 isapnp - ok 21:22:07.0845 2916 [ F247EEC28317F6C739C16DE420097301 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 21:22:07.0850 2916 iScsiPrt - ok 21:22:07.0892 2916 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 21:22:07.0932 2916 iteatapi - ok 21:22:07.0958 2916 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 21:22:07.0963 2916 iteraid - ok 21:22:07.0991 2916 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 21:22:07.0993 2916 kbdclass - ok 21:22:08.0029 2916 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 21:22:08.0032 2916 kbdhid - ok 21:22:08.0068 2916 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] KeyIso C:\Windows\system32\lsass.exe 21:22:08.0073 2916 KeyIso - ok 21:22:08.0115 2916 [ EBC507F129DF8F0E0CA270DCFC0CF87F ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys 21:22:08.0117 2916 KMDFMEMIO - ok 21:22:08.0242 2916 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 21:22:08.0251 2916 KSecDD - ok 21:22:08.0296 2916 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 21:22:08.0320 2916 KtmRm - ok 21:22:08.0378 2916 [ 1925E63C91CF1610AE41BFD539062079 ] LanmanServer C:\Windows\System32\srvsvc.dll 21:22:08.0386 2916 LanmanServer - ok 21:22:08.0427 2916 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 21:22:08.0437 2916 LanmanWorkstation - ok 21:22:08.0523 2916 [ 4DD47B5AF0B24871EBB9EFC012A7474E ] LgBttPort C:\Windows\system32\DRIVERS\lgbtport.sys 21:22:08.0525 2916 LgBttPort - ok 21:22:08.0570 2916 [ 1D038CA6C529203087A990E5E97887B4 ] lgbusenum C:\Windows\system32\DRIVERS\lgbtbus.sys 21:22:08.0572 2916 lgbusenum - ok 21:22:08.0623 2916 [ 26F1976A330195D62A6224C76968CF0D ] LGVMODEM C:\Windows\system32\DRIVERS\lgvmodem.sys 21:22:08.0626 2916 LGVMODEM - ok 21:22:08.0706 2916 [ C215E09622118383B236DD56C2065183 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 21:22:08.0709 2916 LightScribeService - ok 21:22:08.0783 2916 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 21:22:08.0786 2916 lltdio - ok 21:22:08.0832 2916 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 21:22:08.0876 2916 lltdsvc - ok 21:22:08.0919 2916 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 21:22:08.0924 2916 lmhosts - ok 21:22:08.0960 2916 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 21:22:08.0966 2916 LSI_FC - ok 21:22:09.0004 2916 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 21:22:09.0009 2916 LSI_SAS - ok 21:22:09.0060 2916 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 21:22:09.0065 2916 LSI_SCSI - ok 21:22:09.0090 2916 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 21:22:09.0093 2916 luafv - ok 21:22:09.0215 2916 [ 38440FE1A65B1FE3D246C5C4CAD22F53 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe 21:22:09.0220 2916 LVCOMSer - ok 21:22:09.0269 2916 [ A6919138F29AE45E90E99FA94737E04C ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys 21:22:09.0271 2916 LVPr2Mon - ok 21:22:09.0333 2916 [ 28BD0E4B6C050B591B8CB35B9AD284E6 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe 21:22:09.0336 2916 LVPrcSrv - ok 21:22:09.0401 2916 [ BE5E104BE263921D6842C555DB6A5C23 ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys 21:22:09.0403 2916 LVUSBSta - ok 21:22:09.0467 2916 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys 21:22:09.0470 2916 MBAMSwissArmy - ok 21:22:09.0526 2916 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 21:22:09.0533 2916 Mcx2Svc - ok 21:22:09.0572 2916 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 21:22:09.0575 2916 megasas - ok 21:22:09.0623 2916 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 21:22:09.0631 2916 MegaSR - ok 21:22:09.0683 2916 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 21:22:09.0688 2916 MMCSS - ok 21:22:09.0736 2916 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 21:22:09.0738 2916 Modem - ok 21:22:09.0789 2916 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 21:22:09.0791 2916 monitor - ok 21:22:09.0827 2916 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 21:22:09.0829 2916 mouclass - ok 21:22:09.0846 2916 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 21:22:09.0852 2916 mouhid - ok 21:22:09.0880 2916 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 21:22:09.0883 2916 MountMgr - ok 21:22:09.0937 2916 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 21:22:09.0940 2916 mpio - ok 21:22:09.0968 2916 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 21:22:09.0971 2916 mpsdrv - ok 21:22:10.0033 2916 [ D1639BA315B0D79DEC49A4B0E1FB929B ] MpsSvc C:\Windows\system32\mpssvc.dll 21:22:10.0043 2916 MpsSvc - ok 21:22:10.0070 2916 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 21:22:10.0073 2916 Mraid35x - ok 21:22:10.0098 2916 [ AE3DE84536B6799D2267443CEC8EDBB9 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 21:22:10.0106 2916 MRxDAV - ok 21:22:10.0162 2916 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 21:22:10.0165 2916 mrxsmb - ok 21:22:10.0249 2916 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:22:10.0254 2916 mrxsmb10 - ok 21:22:10.0289 2916 [ 5C80D8159181C7ABF1B14BA703B01E0B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:22:10.0292 2916 mrxsmb20 - ok 21:22:10.0344 2916 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 21:22:10.0346 2916 msahci - ok 21:22:10.0375 2916 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 21:22:10.0379 2916 msdsm - ok 21:22:10.0407 2916 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 21:22:10.0423 2916 MSDTC - ok 21:22:10.0459 2916 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 21:22:10.0462 2916 Msfs - ok 21:22:10.0497 2916 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 21:22:10.0499 2916 msisadrv - ok 21:22:10.0530 2916 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 21:22:10.0550 2916 MSiSCSI - ok 21:22:10.0562 2916 msiserver - ok 21:22:10.0584 2916 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 21:22:10.0587 2916 MSKSSRV - ok 21:22:10.0672 2916 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 21:22:10.0674 2916 MSPCLOCK - ok 21:22:10.0695 2916 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 21:22:10.0697 2916 MSPQM - ok 21:22:10.0754 2916 [ B5614AECB05A9340AA0FB55BF561CC63 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 21:22:10.0757 2916 MsRPC - ok 21:22:10.0781 2916 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 21:22:10.0783 2916 mssmbios - ok 21:22:10.0848 2916 MSSQL$MSSMLBIZ - ok 21:22:10.0918 2916 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe 21:22:10.0924 2916 MSSQLServerADHelper - ok 21:22:11.0007 2916 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 21:22:11.0009 2916 MSTEE - ok 21:22:11.0026 2916 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C ] Mup C:\Windows\system32\Drivers\mup.sys 21:22:11.0029 2916 Mup - ok 21:22:11.0119 2916 [ C43B25863FBD65B6D2A142AF3AE320CA ] napagent C:\Windows\system32\qagentRT.dll 21:22:11.0165 2916 napagent - ok 21:22:11.0220 2916 [ 3C21CE48FF529BB73DADB98770B54025 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 21:22:11.0224 2916 NativeWifiP - ok 21:22:11.0295 2916 [ 9BDC71790FA08F0A0B5F10462B1BD0B1 ] NDIS C:\Windows\system32\drivers\ndis.sys 21:22:11.0304 2916 NDIS - ok 21:22:11.0337 2916 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 21:22:11.0339 2916 NdisTapi - ok 21:22:11.0373 2916 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 21:22:11.0375 2916 Ndisuio - ok 21:22:11.0409 2916 [ 3D14C3B3496F88890D431E8AA022A411 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 21:22:11.0413 2916 NdisWan - ok 21:22:11.0444 2916 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 21:22:11.0447 2916 NDProxy - ok 21:22:11.0475 2916 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 21:22:11.0478 2916 NetBIOS - ok 21:22:11.0514 2916 [ 7C5FEE5B1C5728507CD96FB4A13E7A02 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 21:22:11.0519 2916 netbt - ok 21:22:11.0558 2916 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] Netlogon C:\Windows\system32\lsass.exe 21:22:11.0564 2916 Netlogon - ok 21:22:11.0668 2916 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 21:22:11.0677 2916 Netman - ok 21:22:11.0723 2916 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 21:22:11.0731 2916 netprofm - ok 21:22:11.0809 2916 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:22:11.0815 2916 NetTcpPortSharing - ok 21:22:11.0964 2916 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys 21:22:11.0998 2916 NETw3v32 - ok 21:22:12.0049 2916 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 21:22:12.0052 2916 nfrd960 - ok 21:22:12.0122 2916 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 21:22:12.0129 2916 NlaSvc - ok 21:22:12.0213 2916 [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU C:\Program Files\CDBurnerXP\NMSAccessU.exe 21:22:12.0215 2916 NMSAccessU - ok 21:22:12.0250 2916 [ ECB5003F484F9ED6C608D6D6C7886CBB ] Npfs C:\Windows\system32\drivers\Npfs.sys 21:22:12.0252 2916 Npfs - ok 21:22:12.0277 2916 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 21:22:12.0283 2916 nsi - ok 21:22:12.0311 2916 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 21:22:12.0313 2916 nsiproxy - ok 21:22:12.0424 2916 [ B4EFFE29EB4F15538FD8A9681108492D ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 21:22:12.0441 2916 Ntfs - ok 21:22:12.0476 2916 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 21:22:12.0479 2916 ntrigdigi - ok 21:22:12.0554 2916 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys 21:22:12.0556 2916 NuidFltr - ok 21:22:12.0578 2916 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 21:22:12.0581 2916 Null - ok 21:22:12.0619 2916 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 21:22:12.0623 2916 nvraid - ok 21:22:12.0662 2916 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 21:22:12.0665 2916 nvstor - ok 21:22:12.0705 2916 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 21:22:12.0709 2916 nv_agp - ok 21:22:12.0718 2916 NwlnkFlt - ok 21:22:12.0736 2916 NwlnkFwd - ok 21:22:12.0869 2916 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 21:22:12.0891 2916 odserv - ok 21:22:12.0928 2916 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 21:22:12.0932 2916 ohci1394 - ok 21:22:12.0975 2916 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 21:22:12.0981 2916 ose - ok 21:22:13.0086 2916 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2pimsvc C:\Windows\system32\p2psvc.dll 21:22:13.0101 2916 p2pimsvc - ok 21:22:13.0144 2916 [ 5DE1A3972FD3112C75EB17BDCF454169 ] p2psvc C:\Windows\system32\p2psvc.dll 21:22:13.0160 2916 p2psvc - ok 21:22:13.0194 2916 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 21:22:13.0197 2916 Parport - ok 21:22:13.0221 2916 [ 3B38467E7C3DAED009DFE359E17F139F ] partmgr C:\Windows\system32\drivers\partmgr.sys 21:22:13.0224 2916 partmgr - ok 21:22:13.0294 2916 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 21:22:13.0296 2916 Parvdm - ok 21:22:13.0328 2916 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 21:22:13.0334 2916 PcaSvc - ok 21:22:13.0354 2916 [ 01B94418DEB235DFF777CC80076354B4 ] pci C:\Windows\system32\drivers\pci.sys 21:22:13.0358 2916 pci - ok 21:22:13.0388 2916 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys 21:22:13.0391 2916 pciide - ok 21:22:13.0444 2916 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 21:22:13.0449 2916 pcmcia - ok 21:22:13.0538 2916 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 21:22:13.0554 2916 PEAUTH - ok 21:22:13.0696 2916 [ A7598E897DA639E255AD4188FA398478 ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V32.SYS 21:22:13.0763 2916 PID_PEPI - ok 21:22:13.0932 2916 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 21:22:13.0960 2916 pla - ok 21:22:14.0003 2916 [ 78F975CB6D18265BE6F492EDB2D7BC7B ] PlugPlay C:\Windows\system32\umpnpmgr.dll 21:22:14.0013 2916 PlugPlay - ok 21:22:14.0055 2916 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 21:22:14.0069 2916 PNRPAutoReg - ok 21:22:14.0109 2916 [ 5DE1A3972FD3112C75EB17BDCF454169 ] PNRPsvc C:\Windows\system32\p2psvc.dll 21:22:14.0123 2916 PNRPsvc - ok 21:22:14.0163 2916 [ D82AC5B7DA8FDCCDA1323836516405EC ] Point32 C:\Windows\system32\DRIVERS\point32k.sys 21:22:14.0166 2916 Point32 - ok 21:22:14.0230 2916 [ 3F1110901DA07CC428710460276E28A0 ] PolarUSB C:\Windows\system32\DRIVERS\PolarUSB.sys 21:22:14.0232 2916 PolarUSB - ok 21:22:14.0293 2916 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 21:22:14.0327 2916 PolicyAgent - ok 21:22:14.0371 2916 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 21:22:14.0374 2916 PptpMiniport - ok 21:22:14.0432 2916 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys 21:22:14.0435 2916 Processor - ok 21:22:14.0481 2916 [ B627E4FC8585E8843C5905D4D3587A90 ] ProfSvc C:\Windows\system32\profsvc.dll 21:22:14.0489 2916 ProfSvc - ok 21:22:14.0514 2916 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] ProtectedStorage C:\Windows\system32\lsass.exe 21:22:14.0519 2916 ProtectedStorage - ok 21:22:14.0554 2916 [ BFEF604508A0ED1EAE2A73E872555FFB ] PSched C:\Windows\system32\DRIVERS\pacer.sys 21:22:14.0557 2916 PSched - ok 21:22:14.0705 2916 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 21:22:14.0723 2916 ql2300 - ok 21:22:14.0745 2916 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 21:22:14.0749 2916 ql40xx - ok 21:22:14.0812 2916 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 21:22:14.0821 2916 QWAVE - ok 21:22:14.0866 2916 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 21:22:14.0870 2916 QWAVEdrv - ok 21:22:14.0898 2916 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 21:22:14.0901 2916 RasAcd - ok 21:22:14.0945 2916 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 21:22:14.0953 2916 RasAuto - ok 21:22:14.0980 2916 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 21:22:14.0984 2916 Rasl2tp - ok 21:22:15.0027 2916 [ 6E7C284FC5C4EC07AD164D93810385A6 ] RasMan C:\Windows\System32\rasmans.dll 21:22:15.0036 2916 RasMan - ok 21:22:15.0069 2916 [ 3E9D9B048107B40D87B97DF2E48E0744 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 21:22:15.0072 2916 RasPppoe - ok 21:22:15.0095 2916 [ A7D141684E9500AC928A772ED8E6B671 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 21:22:15.0099 2916 RasSstp - ok 21:22:15.0139 2916 [ 6E1C5D0457622F9EE35F683110E93D14 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 21:22:15.0144 2916 rdbss - ok 21:22:15.0202 2916 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 21:22:15.0204 2916 RDPCDD - ok 21:22:15.0254 2916 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 21:22:15.0260 2916 rdpdr - ok 21:22:15.0279 2916 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 21:22:15.0282 2916 RDPENCDD - ok 21:22:15.0344 2916 [ E1C18F4097A5ABCEC941DC4B2F99DB7E ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 21:22:15.0349 2916 RDPWD - ok 21:22:15.0414 2916 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 21:22:15.0419 2916 RemoteAccess - ok 21:22:15.0467 2916 [ CC4E32400F3C7253400CF8F3F3A0B676 ] RemoteRegistry C:\Windows\system32\regsvc.dll 21:22:15.0475 2916 RemoteRegistry - ok 21:22:15.0551 2916 [ 10536B0AD6F416FC7F1149977C28CCDC ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 21:22:15.0554 2916 RFCOMM - ok 21:22:15.0634 2916 [ 4D05898896EC49CF663DDA61041AB096 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 21:22:15.0640 2916 RichVideo - ok 21:22:15.0700 2916 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 21:22:15.0706 2916 RpcLocator - ok 21:22:15.0762 2916 [ 301AE00E12408650BADDC04DBC832830 ] RpcSs C:\Windows\system32\rpcss.dll 21:22:15.0776 2916 RpcSs - ok 21:22:15.0820 2916 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 21:22:15.0824 2916 rspndr - ok 21:22:15.0869 2916 [ A911ECAC81F94ADEAFBE8E3F7873EDB0 ] SamSs C:\Windows\system32\lsass.exe 21:22:15.0874 2916 SamSs - ok 21:22:15.0932 2916 [ A9D840FA78F65857EB554229914F855C ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe 21:22:15.0935 2916 Samsung Update Plus - ok 21:22:15.0983 2916 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 21:22:15.0987 2916 sbp2port - ok 21:22:16.0045 2916 [ 11387E32642269C7E62E8B52C060B3C6 ] SCardSvr C:\Windows\System32\SCardSvr.dll 21:22:16.0052 2916 SCardSvr - ok 21:22:16.0101 2916 [ 7B587B8A6D4A99F79D2902D0385F29BD ] Schedule C:\Windows\system32\schedsvc.dll 21:22:16.0124 2916 Schedule - ok 21:22:16.0190 2916 [ 87C2D0377B23E2D8A41093C2F5FB1A5B ] SCPolicySvc C:\Windows\System32\certprop.dll 21:22:16.0193 2916 SCPolicySvc - ok 21:22:16.0268 2916 [ D3FA9FB502AD62001101F495BBBAC42E ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys 21:22:16.0271 2916 SCREAMINGBDRIVER - ok 21:22:16.0331 2916 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 21:22:16.0335 2916 sdbus - ok 21:22:16.0374 2916 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 21:22:16.0382 2916 SDRSVC - ok 21:22:16.0430 2916 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 21:22:16.0432 2916 secdrv - ok 21:22:16.0515 2916 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 21:22:16.0522 2916 seclogon - ok 21:22:16.0557 2916 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll 21:22:16.0564 2916 SENS - ok 21:22:16.0596 2916 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 21:22:16.0599 2916 Serenum - ok 21:22:16.0662 2916 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 21:22:16.0665 2916 Serial - ok 21:22:16.0708 2916 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 21:22:16.0711 2916 sermouse - ok 21:22:16.0765 2916 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 21:22:16.0773 2916 SessionEnv - ok 21:22:16.0794 2916 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 21:22:16.0797 2916 sffdisk - ok 21:22:16.0825 2916 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 21:22:16.0828 2916 sffp_mmc - ok 21:22:16.0869 2916 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 21:22:16.0872 2916 sffp_sd - ok 21:22:16.0914 2916 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 21:22:16.0916 2916 sfloppy - ok 21:22:16.0975 2916 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 21:22:16.0983 2916 SharedAccess - ok 21:22:17.0024 2916 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 21:22:17.0034 2916 ShellHWDetection - ok 21:22:17.0072 2916 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 21:22:17.0075 2916 sisagp - ok 21:22:17.0122 2916 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 21:22:17.0126 2916 SiSRaid2 - ok 21:22:17.0168 2916 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 21:22:17.0172 2916 SiSRaid4 - ok 21:22:17.0286 2916 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 21:22:17.0290 2916 SkypeUpdate - ok 21:22:17.0414 2916 [ 0BA91E1358AD25236863039BB2609A2E ] slsvc C:\Windows\system32\SLsvc.exe 21:22:17.0455 2916 slsvc - ok 21:22:17.0502 2916 [ 7C6DC44CA0BFA6291629AB764200D1D4 ] SLUINotify C:\Windows\system32\SLUINotify.dll 21:22:17.0510 2916 SLUINotify - ok 21:22:17.0527 2916 [ 031E6BCD53C9B2B9ACE111EAFEC347B6 ] Smb C:\Windows\system32\DRIVERS\smb.sys 21:22:17.0531 2916 Smb - ok 21:22:17.0595 2916 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 21:22:17.0602 2916 SNMPTRAP - ok 21:22:17.0651 2916 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 21:22:17.0653 2916 spldr - ok 21:22:17.0743 2916 [ 3665F79026A3F91FBCA63F2C65A09B19 ] Spooler C:\Windows\System32\spoolsv.exe 21:22:17.0752 2916 Spooler - ok 21:22:17.0814 2916 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe 21:22:17.0819 2916 SQLBrowser - ok 21:22:17.0907 2916 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 21:22:17.0910 2916 SQLWriter - ok 21:22:17.0984 2916 [ 2252AEF839B1093D16761189F45AF885 ] srv C:\Windows\system32\DRIVERS\srv.sys 21:22:17.0991 2916 srv - ok 21:22:18.0049 2916 [ B7FF59408034119476B00A81BB53D5D1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 21:22:18.0053 2916 srv2 - ok 21:22:18.0087 2916 [ 2ACCC9B12AF02030F531E6CCA6F8B76E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 21:22:18.0090 2916 srvnet - ok 21:22:18.0142 2916 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 21:22:18.0153 2916 SSDPSRV - ok 21:22:18.0220 2916 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 21:22:18.0228 2916 SstpSvc - ok 21:22:18.0294 2916 [ 7DD08A597BC56051F320DA0BAF69E389 ] stisvc C:\Windows\System32\wiaservc.dll 21:22:18.0307 2916 stisvc - ok 21:22:18.0352 2916 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 21:22:18.0355 2916 swenum - ok 21:22:18.0410 2916 [ B36C7CDB86F7F7A8E884479219766950 ] swprv C:\Windows\System32\swprv.dll 21:22:18.0421 2916 swprv - ok 21:22:18.0444 2916 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 21:22:18.0447 2916 Symc8xx - ok 21:22:18.0489 2916 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 21:22:18.0493 2916 Sym_hi - ok 21:22:18.0541 2916 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 21:22:18.0545 2916 Sym_u3 - ok 21:22:18.0570 2916 [ 451E8037E2EB6DA6BDF0A66F65D1810B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 21:22:18.0575 2916 SynTP - ok 21:22:18.0669 2916 [ 8710A92D0024B03B5FB9540DF1F71F1D ] SysMain C:\Windows\system32\sysmain.dll 21:22:18.0683 2916 SysMain - ok 21:22:18.0730 2916 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 21:22:18.0739 2916 TabletInputService - ok 21:22:18.0813 2916 [ 680916BB09EE0F3A6ACA7C274B0D633F ] TapiSrv C:\Windows\System32\tapisrv.dll 21:22:18.0824 2916 TapiSrv - ok 21:22:18.0904 2916 [ EA02D11234C29E3AF778081498072131 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys 21:22:18.0907 2916 tbhsd - ok 21:22:18.0960 2916 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 21:22:18.0967 2916 TBS - ok 21:22:19.0084 2916 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 21:22:19.0098 2916 Tcpip - ok 21:22:19.0162 2916 [ 782568AB6A43160A159B6215B70BCCE9 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 21:22:19.0178 2916 Tcpip6 - ok 21:22:19.0212 2916 [ D4A2E4A4B011F3A883AF77315A5AE76B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 21:22:19.0214 2916 tcpipreg - ok 21:22:19.0255 2916 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 21:22:19.0257 2916 TDPIPE - ok 21:22:19.0299 2916 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 21:22:19.0302 2916 TDTCP - ok 21:22:19.0343 2916 [ D09276B1FAB033CE1D40DCBDF303D10F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 21:22:19.0346 2916 tdx - ok 21:22:19.0389 2916 [ A048056F5E1A96A9BF3071B91741A5AA ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 21:22:19.0392 2916 TermDD - ok 21:22:19.0465 2916 [ D605031E225AACCBCEB5B76A4F1603A6 ] TermService C:\Windows\System32\termsrv.dll 21:22:19.0478 2916 TermService - ok 21:22:19.0536 2916 [ 1E3FDB80E40A3CE645F229DFBDFB7694 ] Themes C:\Windows\system32\shsvcs.dll 21:22:19.0545 2916 Themes - ok 21:22:19.0583 2916 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 21:22:19.0589 2916 THREADORDER - ok 21:22:19.0684 2916 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 21:22:19.0692 2916 TrkWks - ok 21:22:19.0739 2916 [ 16613A1BAD034D4ECF957AF18B7C2FF5 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 21:22:19.0742 2916 TrustedInstaller - ok 21:22:19.0792 2916 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 21:22:19.0794 2916 tssecsrv - ok 21:22:19.0837 2916 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 21:22:19.0839 2916 tunmp - ok 21:22:19.0874 2916 [ 6042505FF6FA9AC1EF7684D0E03B6940 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 21:22:19.0880 2916 tunnel - ok 21:22:19.0946 2916 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 21:22:19.0950 2916 uagp35 - ok 21:22:20.0042 2916 [ 8B5088058FA1D1CD897A2113CCFF6C58 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 21:22:20.0048 2916 udfs - ok 21:22:20.0085 2916 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 21:22:20.0093 2916 UI0Detect - ok 21:22:20.0125 2916 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 21:22:20.0128 2916 uliagpkx - ok 21:22:20.0159 2916 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 21:22:20.0165 2916 uliahci - ok 21:22:20.0209 2916 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 21:22:20.0213 2916 UlSata - ok 21:22:20.0240 2916 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 21:22:20.0244 2916 ulsata2 - ok 21:22:20.0320 2916 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 21:22:20.0323 2916 umbus - ok 21:22:20.0372 2916 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 21:22:20.0382 2916 upnphost - ok 21:22:20.0438 2916 [ 292A25BB75A568AE2C67169BA2C6365A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 21:22:20.0442 2916 usbaudio - ok 21:22:20.0483 2916 [ AFB10A231254A1920C3BB4A0D02E1CA6 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 21:22:20.0486 2916 usbccgp - ok 21:22:20.0533 2916 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 21:22:20.0536 2916 usbcir - ok 21:22:20.0604 2916 [ 44245742C4ED2EAFD69020583424455B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 21:22:20.0607 2916 usbehci - ok 21:22:20.0675 2916 [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 21:22:20.0678 2916 usbfilter - ok 21:22:20.0721 2916 [ DB39B3F83AF77BCA019D7DF6AADDBDAE ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 21:22:20.0726 2916 usbhub - ok 21:22:20.0820 2916 [ 5FEE2A4AAAEBCD2E6576E7C90959B3FD ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 21:22:20.0823 2916 usbohci - ok 21:22:20.0858 2916 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys 21:22:20.0861 2916 usbprint - ok 21:22:20.0892 2916 [ 87BA6B83C5D19B69160968D07D6E2982 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:22:20.0903 2916 USBSTOR - ok 21:22:20.0957 2916 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 21:22:20.0959 2916 usbuhci - ok 21:22:20.0990 2916 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 21:22:20.0994 2916 usbvideo - ok 21:22:21.0076 2916 [ EE181A08E09DB23CF4A49B46A1E66BB8 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys 21:22:21.0079 2916 usb_rndisx - ok 21:22:21.0137 2916 [ 032A0ACC3909AE7215D524E29D536797 ] UxSms C:\Windows\System32\uxsms.dll 21:22:21.0144 2916 UxSms - ok 21:22:21.0191 2916 [ B13BC395B9D6116628F5AF47E0802AC4 ] vds C:\Windows\System32\vds.exe 21:22:21.0204 2916 vds - ok 21:22:21.0258 2916 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 21:22:21.0261 2916 vga - ok 21:22:21.0312 2916 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 21:22:21.0314 2916 VgaSave - ok 21:22:21.0342 2916 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 21:22:21.0345 2916 viaagp - ok 21:22:21.0369 2916 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 21:22:21.0372 2916 ViaC7 - ok 21:22:21.0401 2916 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 21:22:21.0403 2916 viaide - ok 21:22:21.0466 2916 [ EFD61FCCF1AA0F02744A333A32C3CF85 ] VMC302 C:\Windows\system32\Drivers\VMC302.sys 21:22:21.0472 2916 VMC302 - ok 21:22:21.0499 2916 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 21:22:21.0502 2916 volmgr - ok 21:22:21.0605 2916 [ 98F5FFE6316BD74E9E2C97206C190196 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 21:22:21.0612 2916 volmgrx - ok 21:22:21.0691 2916 [ D8B4A53DD2769F226B3EB374374987C9 ] volsnap C:\Windows\system32\drivers\volsnap.sys 21:22:21.0697 2916 volsnap - ok 21:22:21.0733 2916 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 21:22:21.0737 2916 vsmraid - ok 21:22:21.0947 2916 [ D5FB73D19C46ADE183F968E13F186B23 ] VSS C:\Windows\system32\vssvc.exe 21:22:21.0968 2916 VSS - ok 21:22:22.0063 2916 [ 1CF9206966A8458CDA9A8B20DF8AB7D3 ] W32Time C:\Windows\system32\w32time.dll 21:22:22.0074 2916 W32Time - ok 21:22:22.0158 2916 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 21:22:22.0161 2916 WacomPen - ok 21:22:22.0191 2916 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 21:22:22.0195 2916 Wanarp - ok 21:22:22.0203 2916 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 21:22:22.0206 2916 Wanarpv6 - ok 21:22:22.0330 2916 [ F3A5C2E1A6533192B070D06ECF6BE796 ] wcncsvc C:\Windows\System32\wcncsvc.dll 21:22:22.0343 2916 wcncsvc - ok 21:22:22.0374 2916 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 21:22:22.0382 2916 WcsPlugInService - ok 21:22:22.0412 2916 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 21:22:22.0415 2916 Wd - ok 21:22:22.0528 2916 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 21:22:22.0538 2916 Wdf01000 - ok 21:22:22.0621 2916 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 21:22:22.0629 2916 WdiServiceHost - ok 21:22:22.0638 2916 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 21:22:22.0647 2916 WdiSystemHost - ok 21:22:22.0696 2916 [ CF9A5F41789B642DB967021DE06A2713 ] WebClient C:\Windows\System32\webclnt.dll 21:22:22.0706 2916 WebClient - ok 21:22:22.0822 2916 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 21:22:22.0831 2916 Wecsvc - ok 21:22:22.0869 2916 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 21:22:22.0877 2916 wercplsupport - ok 21:22:22.0920 2916 [ FD1965AAA112C6818A30AB02742D0461 ] WerSvc C:\Windows\System32\WerSvc.dll 21:22:22.0948 2916 WerSvc - ok 21:22:23.0020 2916 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 21:22:23.0031 2916 WinDefend - ok 21:22:23.0045 2916 WinHttpAutoProxySvc - ok 21:22:23.0133 2916 [ 00B79A7C984678F24CF052E5BEB3A2F5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 21:22:23.0137 2916 Winmgmt - ok 21:22:23.0222 2916 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 21:22:23.0245 2916 WinRM - ok 21:22:23.0336 2916 [ 275F4346E569DF56CFB95243BD6F6FF0 ] Wlansvc C:\Windows\System32\wlansvc.dll 21:22:23.0350 2916 Wlansvc - ok 21:22:23.0423 2916 [ 59C90BC8317BD3F6E5559A4DEAF35090 ] WmBEnum C:\Windows\system32\drivers\WmBEnum.sys 21:22:23.0426 2916 WmBEnum - ok 21:22:23.0484 2916 [ 999A4539AD634A741AFD357E290BD461 ] WmFilter C:\Windows\system32\drivers\WmFilter.sys 21:22:23.0487 2916 WmFilter - ok 21:22:23.0547 2916 [ A24BE0CF44CD82C5C4EABF1A1F891D4D ] WmHidLo C:\Windows\system32\drivers\WmHidLo.sys 21:22:23.0550 2916 WmHidLo - ok 21:22:23.0594 2916 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 21:22:23.0597 2916 WmiAcpi - ok 21:22:23.0649 2916 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 21:22:23.0653 2916 wmiApSrv - ok 21:22:23.0841 2916 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 21:22:23.0855 2916 WMPNetworkSvc - ok 21:22:23.0918 2916 [ 0B8C64B13776F17537F0705FE62799C6 ] WmVirHid C:\Windows\system32\drivers\WmVirHid.sys 21:22:23.0921 2916 WmVirHid - ok 21:22:23.0996 2916 [ 8D388AEB1A12C1192AA9B4EBCEABCBA6 ] WmXlCore C:\Windows\system32\drivers\WmXlCore.sys 21:22:23.0999 2916 WmXlCore - ok 21:22:24.0053 2916 [ 5D94CD167751294962BA238D82DD1BB8 ] WPCSvc C:\Windows\System32\wpcsvc.dll 21:22:24.0062 2916 WPCSvc - ok 21:22:24.0116 2916 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 21:22:24.0125 2916 WPDBusEnum - ok 21:22:24.0166 2916 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 21:22:24.0169 2916 WpdUsb - ok 21:22:24.0332 2916 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 21:22:24.0345 2916 WPFFontCache_v0400 - ok 21:22:24.0424 2916 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 21:22:24.0426 2916 ws2ifsl - ok 21:22:24.0463 2916 [ 683DD16B590372F2C9661D277F35E49C ] wscsvc C:\Windows\system32\wscsvc.dll 21:22:24.0471 2916 wscsvc - ok 21:22:24.0482 2916 WSearch - ok 21:22:24.0738 2916 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll 21:22:24.0776 2916 wuauserv - ok 21:22:24.0822 2916 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 21:22:24.0825 2916 WUDFRd - ok 21:22:24.0884 2916 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll 21:22:24.0894 2916 wudfsvc - ok 21:22:24.0991 2916 [ F603B2714642AE5C5BF6C4639DE4DADD ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 21:22:24.0998 2916 yukonwlh - ok 21:22:25.0116 2916 ================ Scan global =============================== 21:22:25.0170 2916 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 21:22:25.0238 2916 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 21:22:25.0294 2916 [ F42F8855CB5C22E203C6672B124F17FD ] C:\Windows\system32\winsrv.dll 21:22:25.0358 2916 [ 2B336AB6286D6C81FA02CBAB914E3C6C ] C:\Windows\system32\services.exe 21:22:25.0367 2916 [Global] - ok 21:22:25.0370 2916 ================ Scan MBR ================================== 21:22:25.0394 2916 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0 21:22:26.0430 2916 \Device\Harddisk0\DR0 - ok 21:22:26.0447 2916 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 21:22:26.0466 2916 \Device\Harddisk1\DR1 - ok 21:22:26.0467 2916 ================ Scan VBR ================================== 21:22:26.0489 2916 [ A49CA96974837B3D5F27EE0239556365 ] \Device\Harddisk0\DR0\Partition1 21:22:26.0492 2916 \Device\Harddisk0\DR0\Partition1 - ok 21:22:26.0516 2916 [ 66C6D08E43626EB5F7B9BDAF43D45F0A ] \Device\Harddisk0\DR0\Partition2 21:22:26.0540 2916 \Device\Harddisk0\DR0\Partition2 - ok 21:22:26.0578 2916 [ 0D56EAB96874A40C0921CF2BF4BAA964 ] \Device\Harddisk1\DR1\Partition1 21:22:26.0582 2916 \Device\Harddisk1\DR1\Partition1 - ok 21:22:26.0583 2916 ============================================================ 21:22:26.0583 2916 Scan finished 21:22:26.0583 2916 ============================================================ 21:22:26.0613 4888 Detected object count: 0 21:22:26.0613 4888 Actual detected object count: 0 |
|
10.10.2012, 06:47
| #14 |
| /// the machine /// TB-Ausbilder | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker Malwarebytes' Anti-Malware
Und poste bitte ein frisches OTL logfile.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.10.2012, 16:33
| #15 |
| | Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker 10.10.2012 17:17:47 mbam-log-2012-10-10 (17-17-47).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 172790 Laufzeit: 8 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL Logfile: Code:
ATTFilter OTL logfile created on: 10.10.2012 17:37:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dennis_2\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 64,41% Memory free 6,21 Gb Paging File | 5,00 Gb Available in Paging File | 80,51% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 111,88 Gb Total Space | 6,87 Gb Free Space | 6,14% Space Free | Partition Type: NTFS Drive D: | 111,00 Gb Total Space | 96,85 Gb Free Space | 87,25% Space Free | Partition Type: NTFS Drive F: | 3,69 Gb Total Space | 3,68 Gb Free Space | 100,00% Space Free | Partition Type: FAT32 Computer Name: MASTERSREICH | User Name: Dennis | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.09 17:17:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dennis_2\Desktop\OTL.exe PRC - [2012.09.07 22:35:56 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Mozilla Firefox\firefox.exe PRC - [2012.07.31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe PRC - [2012.02.14 04:52:56 | 000,493,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcfgex.exe PRC - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe PRC - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe PRC - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe PRC - [2009.01.21 14:19:54 | 000,092,168 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\Gaming Software\LWEMon.exe PRC - [2008.12.19 01:30:20 | 000,323,216 | ---- | M] (Napster) -- C:\Programme\Napster\napster.exe PRC - [2008.11.28 18:26:36 | 000,618,232 | ---- | M] () -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe PRC - [2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe PRC - [2008.08.19 07:17:04 | 000,679,936 | ---- | M] (SAMSUNG Electronics) -- C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2008.08.14 17:15:46 | 002,407,184 | ---- | M] () -- C:\Programme\Logitech\QuickCam\Quickcam.exe PRC - [2008.08.14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\Communications_Helper.exe PRC - [2008.08.14 17:11:14 | 000,447,248 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe PRC - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe PRC - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) -- C:\Programme\Common Files\logishrd\LVCOMSER\LVComSer.exe PRC - [2008.07.08 04:27:00 | 006,273,568 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe PRC - [2008.04.25 14:31:34 | 000,565,248 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2008.04.17 08:26:46 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Programme\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008.02.12 06:19:52 | 000,723,496 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2008.01.21 04:23:29 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007.07.05 00:41:42 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2007.02.05 16:52:12 | 000,849,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft IntelliPoint\ipoint.exe ========== Modules (No Company Name) ========== MOD - [2012.09.07 22:35:55 | 002,244,064 | ---- | M] () -- C:\Mozilla Firefox\mozjs.dll MOD - [2011.07.01 16:57:44 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0a1195c6b5fab213527364c9e8b26ef0\System.Web.ni.dll MOD - [2011.07.01 16:57:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll MOD - [2011.07.01 16:48:45 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll MOD - [2011.07.01 16:48:39 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll MOD - [2011.07.01 16:31:14 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2011.07.01 16:30:21 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2011.07.01 16:29:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2011.07.01 16:25:43 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2011.07.01 16:25:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2008.09.16 21:18:06 | 000,132,608 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll MOD - [2008.09.01 13:50:49 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3142.27162__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3142.27360__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,266,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3142.27118__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3142.27165__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3142.27323__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3142.27285__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3142.27155__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll MOD - [2008.09.01 13:50:49 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3142.27255__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll MOD - [2008.09.01 13:50:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3142.27140__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll MOD - [2008.09.01 13:50:34 | 000,356,352 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3142.27295__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3142.27362__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3142.27296__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll MOD - [2008.09.01 13:50:34 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3142.27133__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:34 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3142.27294__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3142.27259__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3142.27167__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3142.27142__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3142.27312__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll MOD - [2008.09.01 13:50:33 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3142.27166__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3142.27359__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3142.27279__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:33 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3142.27258__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3142.27358__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3142.27174__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll MOD - [2008.09.01 13:50:33 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3142.27278__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll MOD - [2008.09.01 13:50:32 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3142.27283__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:32 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3142.27175__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll MOD - [2008.09.01 13:50:31 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3142.27248__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:31 | 000,376,832 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3142.27257__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll MOD - [2008.09.01 13:50:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3142.27256__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3142.27257__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3142.27282__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll MOD - [2008.09.01 13:50:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3119.30092__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll MOD - [2008.09.01 13:50:31 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3119.30081__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3119.30104__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3119.30177__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3119.30120__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll MOD - [2008.09.01 13:50:31 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3119.30176__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll MOD - [2008.09.01 13:50:31 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll MOD - [2008.09.01 13:50:30 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3119.30063__90ba9c70f846762e\LOG.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3119.30065__90ba9c70f846762e\NEWAEM.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3119.30127__90ba9c70f846762e\DEM.OS.I0602.dll MOD - [2008.09.01 13:50:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3119.30117__90ba9c70f846762e\MOM.Foundation.dll MOD - [2008.09.01 13:50:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3119.30171__90ba9c70f846762e\DEM.OS.dll MOD - [2008.09.01 13:50:29 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3119.30149__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3119.30067__90ba9c70f846762e\CLI.Foundation.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3119.30096__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3119.30145__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll MOD - [2008.09.01 13:50:29 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3119.30169__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3119.30118__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3119.30232__90ba9c70f846762e\CLI.Foundation.XManifest.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3119.30167__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3119.30141__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3119.30146__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3119.30100__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3119.30089__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3119.30082__90ba9c70f846762e\CLI.Component.Client.Shared.dll MOD - [2008.09.01 13:50:29 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3119.30130__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3119.30128__90ba9c70f846762e\DEM.Graphics.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3119.30094__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3119.30139__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll MOD - [2008.09.01 13:50:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3119.30129__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll MOD - [2008.09.01 13:50:28 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3119.30144__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3119.30148__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3119.30122__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll MOD - [2008.09.01 13:50:28 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll MOD - [2008.09.01 13:50:28 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3119.30119__90ba9c70f846762e\APM.Foundation.dll MOD - [2008.09.01 13:50:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3119.30093__90ba9c70f846762e\AEM.Server.Shared.dll MOD - [2008.09.01 13:50:24 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory.resources\2.0.3142.27111_de_90ba9c70f846762e\CLI.Component.SkinFactory.resources.dll MOD - [2008.09.01 13:50:24 | 000,005,120 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.3142.27338_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll MOD - [2008.09.01 13:50:23 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3142.27379__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll MOD - [2008.09.01 13:50:23 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3142.27393__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll MOD - [2008.09.01 13:50:23 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3142.27105__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll MOD - [2008.09.01 13:50:22 | 000,999,424 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3142.27126__90ba9c70f846762e\CLI.Component.Dashboard.dll MOD - [2008.09.01 13:50:22 | 000,417,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3142.27338__90ba9c70f846762e\CLI.Component.Systemtray.dll MOD - [2008.09.01 13:50:22 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3142.27148__90ba9c70f846762e\CLI.Component.Wizard.dll MOD - [2008.09.01 13:50:22 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3142.27349__90ba9c70f846762e\MOM.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3142.27109__90ba9c70f846762e\ATIDEMOS.dll MOD - [2008.09.01 13:50:22 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3142.27346__90ba9c70f846762e\LOG.Foundation.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3142.27111__90ba9c70f846762e\CLI.Component.SkinFactory.dll MOD - [2008.09.01 13:50:22 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3142.27108__90ba9c70f846762e\CLI.Component.Runtime.dll MOD - [2008.09.01 13:50:22 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3119.30123__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3119.30076__90ba9c70f846762e\CLI.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3119.30101__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3119.30085__90ba9c70f846762e\LOG.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll MOD - [2008.09.01 13:50:22 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3142.27348__90ba9c70f846762e\CCC.Implementation.dll MOD - [2008.09.01 13:50:22 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3119.30121__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3119.30121__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3119.30113__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3119.30150__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll MOD - [2008.09.01 13:50:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3119.30074__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll MOD - [2008.09.01 13:50:22 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll MOD - [2008.09.01 13:50:22 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll MOD - [2008.09.01 13:50:21 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3142.27108__90ba9c70f846762e\APM.Server.dll MOD - [2008.09.01 13:50:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3142.27106__90ba9c70f846762e\AEM.Server.dll MOD - [2008.08.14 17:23:22 | 000,118,032 | ---- | M] () -- C:\Programme\Logitech\QuickCam\LAppRes.DLL MOD - [2008.08.14 17:15:46 | 002,407,184 | ---- | M] () -- C:\Programme\Logitech\QuickCam\Quickcam.exe MOD - [2008.08.14 17:13:30 | 000,149,264 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiVOIPDevicePlugin.dll MOD - [2008.08.14 17:13:08 | 000,165,136 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiCordless4001.dll MOD - [2008.08.14 17:13:08 | 000,138,000 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\LogiCordless.dll MOD - [2008.08.14 17:12:10 | 000,167,184 | ---- | M] () -- C:\Programme\Logitech\QuickCam\EFVal.dll MOD - [2008.08.14 17:11:48 | 000,565,008 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\Communications_Helper.exe MOD - [2008.08.14 17:11:48 | 000,345,872 | ---- | M] () -- C:\Programme\Common Files\logishrd\LComMgr\DevMngr.dll MOD - [2008.08.08 09:48:22 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll MOD - [2008.07.27 20:03:08 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll MOD - [2008.07.27 20:03:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2008.07.26 08:24:04 | 000,068,120 | ---- | M] () -- C:\Programme\Common Files\logishrd\LVCOMSER\LVCSPS.dll MOD - [2008.03.18 05:21:32 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll MOD - [2007.08.14 06:59:54 | 006,365,184 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtGui4.dll MOD - [2007.07.12 06:55:52 | 000,131,072 | ---- | M] () -- C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2007.07.12 06:55:28 | 001,581,056 | ---- | M] () -- C:\Programme\Common Files\LightScribe\QtCore4.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Samsung Magic Doctor\HookDllPS2.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\EasySpeedUpManager\HookDllPS2.dll MOD - [2006.08.12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Programme\Samsung\Easy Display Manager\HookDllPS2.dll ========== Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2010.12.10 19:30:50 | 000,086,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.12.10 19:29:30 | 029,293,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$MSSMLBIZ) SRV - [2010.12.10 19:29:30 | 000,238,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser) SRV - [2010.12.10 19:29:30 | 000,044,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper) SRV - [2010.11.21 11:49:24 | 000,247,608 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service) SRV - [2008.11.28 18:26:36 | 000,618,232 | ---- | M] () [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2008.10.20 22:18:26 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU) SRV - [2008.07.26 08:25:36 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv) SRV - [2008.07.26 08:23:42 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Programme\Common Files\logishrd\LVCOMSER\LVComSer.exe -- (LVCOMSer) SRV - [2008.05.13 01:47:20 | 000,077,480 | ---- | M] () [Auto | Stopped] -- C:\Programme\Samsung\Samsung Update Plus\SLUBackgroundService.exe -- (Samsung Update Plus) SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.16 10:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2006.10.26 07:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Dennis\AppData\Local\Temp\catchme.sys -- (catchme) DRV - [2012.10.05 18:41:42 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy) DRV - [2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2012.07.26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX) DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86) DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim) DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter) DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver) DRV - [2010.08.02 16:19:38 | 000,066,816 | ---- | M] (LG Electronics Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetndis.sys -- (andnetndis) DRV - [2010.08.02 16:19:36 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem) DRV - [2010.08.02 16:19:34 | 000,022,272 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetgps.sys -- (AndNetGps) DRV - [2010.08.02 16:19:32 | 000,023,040 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag) DRV - [2010.08.02 16:19:28 | 000,024,960 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem) DRV - [2010.08.02 16:19:26 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps) DRV - [2010.08.02 16:19:24 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag) DRV - [2010.08.02 16:19:22 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus) DRV - [2009.09.29 08:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009.09.29 08:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009.09.29 08:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2009.04.06 13:19:46 | 000,023,064 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009.01.23 10:49:06 | 000,038,816 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd) DRV - [2009.01.13 19:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore) DRV - [2009.01.13 19:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid) DRV - [2009.01.13 19:13:36 | 000,031,240 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmHidLo.sys -- (WmHidLo) DRV - [2009.01.13 19:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter) DRV - [2009.01.13 19:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum) DRV - [2008.11.28 18:26:37 | 000,097,808 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard) DRV - [2008.11.28 18:26:37 | 000,072,720 | ---- | M] (COMODO) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\inspect.sys -- (Inspect) DRV - [2008.11.28 18:26:37 | 000,025,104 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp) DRV - [2008.09.01 14:07:27 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2008.08.28 07:39:34 | 000,241,664 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmc302.sys -- (VMC302) DRV - [2008.08.08 10:31:30 | 003,895,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2008.07.26 08:25:02 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2008.05.28 10:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter) DRV - [2008.05.07 10:55:22 | 000,767,488 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2008.04.28 02:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) DRV - [2008.03.21 05:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2008.01.21 04:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) DRV - [2007.10.12 03:00:44 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2007.10.12 02:56:00 | 001,279,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) DRV - [2006.11.08 00:02:40 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\point32k.sys -- (Point32) DRV - [2006.11.02 09:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\SearchScopes,DefaultScope = IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\tunebite-firefox-surf-and-catch-extension@audials.com: C:\Program Files\RapidSolution\Tunebite\plugins\GeckoBased\tunebite-firefox-surf-and-catch-extension@audials.com\ [2009.02.08 17:25:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012.09.10 18:01:07 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.09.02 11:34:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010.11.05 01:17:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.10.02 02:46:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files\AVG\AVG2012\Thunderbird\ [2012.02.07 01:19:22 | 000,000,000 | ---D | M] [2011.10.03 21:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Extensions [2009.04.26 23:00:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\extensions [2009.04.26 23:00:05 | 000,000,000 | ---D | M] ("Ask Toolbar for Firefox") -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D} [2012.05.13 15:53:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dennis\AppData\Roaming\mozilla\Firefox\Profiles\6vjf7ovq.default\extensions [2009.09.02 06:34:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION O1 HOSTS File: ([2012.10.09 20:37:13 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Programme\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Tunebite_WebRipPlugin Class) - {AA102584-3B97-47e7-B9BC-75D54C110A7D} - C:\Programme\RapidSolution\Tunebite\plugins\IE\TB_WebRipIePlugin.dll (RapidSolution Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [combofix] C:\ComboFix\CF14120.3XE (Microsoft Corporation) O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe () O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe () O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\QuickCam\Quickcam.exe () O4 - HKLM..\Run: [NapsterShell] C:\Program Files\Napster\napster.exe (Napster) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found O4 - HKCU..\Run: [ICQ] "C:\Program Files\ICQ7.2\ICQ.exe" silent loginmode=4 File not found O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKCU..\Run: [MyTomTomSA.exe] C:\Program Files\MyTomTom 3\MyTomTomSA.exe (TomTom) O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKLM..\RunOnce: [combofix] C:\ComboFix\CF14120.3XE (Microsoft Corporation) O4 - HKLM..\RunOnce: [DeleteOnReboot] C:\Windows\DeleteOnReboot.bat () O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnceEx: [flags] Reg Error: Invalid data type. File not found O4 - Startup: C:\Users\Dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OMSI Addon Manager.lnk = C:\Programme\OMSI Addon Manager\OMSI Addon Manager.exe (Jan Kiesewalter) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08293879-2516-4F52-954A-50A7E3B00BF1}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34B77411-A3C9-42D5-918E-27107C0B0739}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD57838A-40EF-4ADB-BE5E-3F7B739EAC7E}: DhcpNameServer = 192.168.42.129 O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll File not found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Sec\Wallpapers\wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Windows\Sec\Wallpapers\wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error. ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.10.09 20:37:11 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.10.09 20:37:11 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Local\temp [2012.10.09 20:18:15 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.10.09 20:14:33 | 000,000,000 | --SD | C] -- C:\ComboFix [2012.10.09 20:13:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW [2012.10.09 18:42:36 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.10.09 18:42:36 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.10.09 18:42:36 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.10.09 18:41:19 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.09 18:40:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.08 21:30:06 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012.10.05 18:40:59 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.05 18:40:59 | 000,000,000 | ---D | C] -- C:\Users\Dennis\AppData\Roaming\Malwarebytes [2012.10.05 18:39:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.05 18:39:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.05 18:39:38 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.10.05 18:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.14 04:36:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.09.14 04:36:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012.09.10 18:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.10 17:45:05 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C9E77C98-A353-48E3-9E4A-A604B803B792}.job [2012.10.10 17:07:21 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.10 17:07:20 | 000,004,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.10 17:07:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.10 07:03:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat [2012.10.09 21:58:00 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1061286310-3026546113-1237927848-1004UA.job [2012.10.09 20:58:00 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1061286310-3026546113-1237927848-1004Core.job [2012.10.09 20:37:13 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.10.09 07:12:26 | 000,000,107 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2012.10.08 21:24:43 | 000,686,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.08 21:24:43 | 000,643,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.08 21:24:43 | 000,150,888 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.08 21:24:43 | 000,122,500 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.05 18:41:42 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.10.05 18:39:41 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.04 13:07:11 | 096,450,964 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2012.09.30 18:13:28 | 000,435,203 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2012.09.14 04:36:31 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012.09.10 18:01:07 | 000,000,858 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.09 18:42:36 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.10.09 18:42:36 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.10.09 18:42:36 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.10.09 18:42:36 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.10.09 18:42:36 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.10.09 07:11:57 | 000,000,107 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2012.10.05 18:39:41 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.14 04:36:31 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012.04.27 00:23:05 | 000,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\Input.xml [2012.04.26 23:56:30 | 000,000,000 | ---- | C] () -- C:\Users\Dennis\AppData\Local\Settings.xml [2011.09.17 00:21:22 | 000,000,000 | ---- | C] () -- C:\Windows\Podcast.INI [2011.09.17 00:09:33 | 000,006,537 | ---- | C] () -- C:\Windows\mgxoschk.ini [2011.08.09 17:50:27 | 000,024,576 | ---- | C] () -- C:\Windows\System32\drivers\Marker.exe [2011.04.21 20:42:21 | 000,307,200 | ---- | C] () -- C:\Windows\SetDisplayResolution.exe [2011.03.31 18:33:06 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2011.03.31 18:33:06 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011.02.20 00:41:22 | 000,484,352 | ---- | C] () -- C:\Windows\System32\lame_enc.dll [2009.01.03 00:07:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.03.03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2008.01.21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.02.07 01:22:31 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\AVG2012 [2011.03.24 19:11:14 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.28 21:14:36 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\elsterformular [2011.02.20 00:41:27 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\FreeAudioPack [2011.06.30 00:29:37 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\ICQ [2009.04.16 01:39:58 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Leadertech [2011.04.11 17:28:40 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\LG Electronics [2009.09.24 00:44:48 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Roaming\Screaming Bee ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.09.02 11:34:30 | 000,000,000 | -H-D | M] -- C:\$AVG [2012.10.09 20:18:15 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012.10.09 20:14:34 | 000,000,000 | --SD | M] -- C:\32788R22FWJFW [2010.05.03 23:12:33 | 000,000,000 | ---D | M] -- C:\AVGTemp [2009.09.24 00:24:54 | 000,000,000 | ---D | M] -- C:\AV_LOGS [2008.02.08 11:31:20 | 000,000,000 | -HSD | M] -- C:\Boot [2012.10.09 20:37:24 | 000,000,000 | --SD | M] -- C:\ComboFix [2012.09.19 17:32:18 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2008.11.28 14:49:37 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.09.28 18:44:12 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft [2012.02.21 02:33:07 | 000,000,000 | ---D | M] -- C:\Graphics [2011.03.31 19:43:56 | 000,000,000 | ---D | M] -- C:\LGP500 [2011.09.17 00:09:56 | 000,000,000 | ---D | M] -- C:\MAGIX [2012.09.07 22:36:20 | 000,000,000 | ---D | M] -- C:\Mozilla Firefox [2008.09.01 14:16:42 | 000,000,000 | RH-D | M] -- C:\MSOCache [2008.09.01 14:00:39 | 000,000,000 | ---D | M] -- C:\MyWorks [2008.01.21 04:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.10.09 07:11:55 | 000,000,000 | R--D | M] -- C:\Program Files [2012.10.09 07:11:49 | 000,000,000 | -H-D | M] -- C:\ProgramData [2008.11.28 14:49:37 | 000,000,000 | -HSD | M] -- C:\Programme [2012.10.09 18:42:26 | 000,000,000 | ---D | M] -- C:\Qoobox [2009.01.15 22:29:20 | 000,000,000 | ---D | M] -- C:\SkyDecks Panel Design [2012.10.10 17:43:13 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2008.11.28 17:33:26 | 000,000,000 | R--D | M] -- C:\Users [2012.10.09 20:37:11 | 000,000,000 | ---D | M] -- C:\Windows [2008.11.28 18:06:55 | 000,000,000 | ---D | M] -- C:\XP Antispy < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %windir%\installer\*. /5 > < %localappdata%\*. /5 > [2012.10.09 20:37:11 | 000,000,000 | ---D | M] -- C:\Users\Dennis\AppData\Local\temp ========== Files - Unicode (All) ========== [2009.02.13 16:52:32 | 000,000,000 | ---D | M](C:\Windows\System32\?etup.features.srv_emc_lotus) -- C:\Windows\System32\Ǝetup.features.srv_emc_lotus [2009.02.13 16:52:32 | 000,000,000 | ---D | C](C:\Windows\System32\?etup.features.srv_emc_lotus) -- C:\Windows\System32\Ǝetup.features.srv_emc_lotus ========== Alternate Data Streams ========== @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:40D3D3E8 < End of report > |
|
| Themen zu Hinweis von web.de auf Zeus gefunden wurde Trojaner.Banker |
| aufsetzen, durchgeführt, gefunde, hinweis, java/trojandownloader.agent.nam, laptop, malewarebytes, neu, neu aufsetzen, osx/exploit.smid.b, rechner, scan, troja, trojaner, trojaner zeus, web.de, win32/adware.bundlore, win32/somoto.a, win32/toolbar.searchsuite, win32/toolbar.widgi |
Textbox.
Linear-Darstellung
