Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.12.2012, 19:06   #1
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hallo,

seit über einer Woche, kann ich mit keinem Browser mehr meine Sucherebnise aufrufen. Diese leiten mich gleich immer auf eine andere Seite um, eine Englische, genaueres sehe ich nie, da sie sofort gesperrt wird vom Virenprogramm.
Dies ist aufgetaucht als mein Windows-Sicherheitscenter aufgehört hat zu funkitonieren. Ich kann es nicht mehr anschalten, selbst eine Wiederherstellung ist nicht mehr möglich.
Meine Liebsten haben für mich gegoogelt und so bin ich auf diese Seite aufmerksam geworden, ich hoffe ihr könnt mir helfen.
Selbst die ganzen Virenprogramme, wie Norton, Antimalware und avast haben nichts gefunden, jedoch bin ich mir sicher, das da irgendwas sein muss. Seit diesem Tag nutze ich auch das Online-Banking nicht mehr über diesen PC.

Schon mal ganz großes Dankeschön!!

Liebe Grüße
PinkNina

Alt 19.12.2012, 19:58   #2
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hi,
na das war ja nett von deinen lieben :-)
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 20.12.2012, 10:43   #3
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Danke, hab ich jetzt gemacht und hier ist das Ergebnis:


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12/20/2012 10:46:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pinky\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 71.62% Memory free
6.00 Gb Paging File | 5.08 Gb Available in Paging File | 84.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 101.94 Gb Free Space | 58.99% Space Free | Partition Type: NTFS
Drive D: | 115.20 Gb Total Space | 12.81 Gb Free Space | 11.12% Space Free | Partition Type: NTFS
 
Computer Name: PINKY-MSI | User Name: Pinky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/12/20 10:40:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pinky\Desktop\OTL.exe
PRC - [2012/10/30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/02 12:15:02 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/07/06 12:25:14 | 000,720,704 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
PRC - [2010/07/06 12:23:40 | 001,051,968 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/08/01 01:36:14 | 002,680,160 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
PRC - [2009/07/31 21:23:22 | 000,354,128 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe
PRC - [2009/07/31 05:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2009/07/24 17:52:08 | 002,068,480 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/15 23:02:58 | 000,348,160 | ---- | M] () -- C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe
PRC - [2009/07/10 06:05:00 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009/07/10 06:04:30 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2009/06/18 05:19:00 | 000,497,536 | ---- | M] (ELAN Microelectronic Corp.) -- C:\Program Files\Elantech\ETDCtrl.exe
PRC - [2009/06/08 22:34:58 | 000,660,808 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
PRC - [2009/06/05 03:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009/06/03 23:33:14 | 000,308,552 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
PRC - [2008/07/24 19:24:24 | 000,083,272 | ---- | M] (TOSHIBA CORPORATION.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/11/16 11:09:59 | 011,833,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\616b25e9ad3de7ab58c67f200e21dbac\System.Web.ni.dll
MOD - [2012/11/16 11:09:02 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012/11/16 09:06:34 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012/11/16 09:06:07 | 001,591,808 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012/11/16 09:04:05 | 005,452,800 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012/11/16 09:03:51 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012/11/16 09:03:20 | 007,988,736 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012/11/16 09:02:51 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010/11/13 01:02:22 | 000,434,176 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010/11/13 00:19:04 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009/09/26 19:59:19 | 001,732,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3478.18702__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:19 | 000,339,968 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3478.18684__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:19 | 000,204,800 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3478.18704__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:19 | 000,077,824 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3478.18756__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:19 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3478.18737__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:19 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3478.18698__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:19 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3478.18727__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:19 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3478.18693__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:18 | 000,950,272 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3478.18802__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,782,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3478.18730__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,573,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3478.18705__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,491,520 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3478.18776__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:18 | 000,409,600 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3478.18751__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:18 | 000,331,776 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3478.18742__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,307,200 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3478.18709__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:18 | 000,196,608 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3478.18704__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,118,784 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3478.18775__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3478.18742__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009/09/26 19:59:18 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3478.18734__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,081,920 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3478.18729__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:18 | 000,073,728 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3478.18692__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3478.18741__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:18 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3478.18776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:18 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3478.18775__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:18 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3478.18708__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:18 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3478.18734__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:17 | 000,393,216 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3478.18728__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:17 | 000,360,448 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3478.18724__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:17 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3478.18736__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:17 | 000,270,336 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009/09/26 19:59:17 | 000,098,304 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,094,208 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009/09/26 19:59:17 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3478.18728__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:17 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,053,248 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,049,152 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009/09/26 19:59:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3478.18729__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009/09/26 19:59:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3478.18735__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009/09/26 19:59:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009/09/26 19:59:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009/09/26 19:59:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009/09/26 19:59:17 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009/09/26 19:59:16 | 000,651,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3478.18800__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009/09/26 19:59:16 | 000,552,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3478.18764__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009/09/26 19:59:16 | 000,405,504 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3478.18698__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009/09/26 19:59:16 | 000,106,496 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3478.18770__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009/09/26 19:59:16 | 000,065,536 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3478.18769__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009/09/26 19:59:16 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3478.18683__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009/09/26 19:59:16 | 000,057,344 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3478.18681__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009/09/26 19:59:16 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009/09/26 19:59:16 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3478.18781__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009/09/26 19:59:16 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009/09/26 19:59:16 | 000,036,864 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009/09/26 19:59:16 | 000,028,672 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009/09/26 19:59:16 | 000,024,576 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009/09/26 19:59:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009/09/26 19:59:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009/09/26 19:59:16 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009/09/26 19:59:16 | 000,016,384 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009/09/26 19:59:16 | 000,007,168 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3478.18679__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009/09/26 19:59:15 | 001,212,416 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3478.18688__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009/09/26 19:59:15 | 000,061,440 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\APM.Server\2.0.3478.18680__90ba9c70f846762e\APM.Server.dll
MOD - [2009/09/26 19:59:15 | 000,045,056 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\AEM.Server\2.0.3478.18679__90ba9c70f846762e\AEM.Server.dll
MOD - [2009/09/26 19:59:15 | 000,040,960 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009/09/26 19:59:15 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009/09/26 19:59:15 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009/09/26 19:59:15 | 000,020,480 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009/09/26 19:59:15 | 000,019,456 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3478.18770__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009/07/15 23:02:58 | 000,348,160 | ---- | M] () -- C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe
MOD - [2006/09/14 07:20:24 | 000,126,464 | ---- | M] () -- C:\Program Files\WinRAR 3.61 Multi\rarext.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012/12/13 13:48:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/06 12:20:23 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/11 20:36:32 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/07/24 13:19:43 | 000,435,008 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010/07/06 12:23:40 | 001,051,968 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010/07/06 12:20:38 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/07/31 05:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Running] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009/07/10 06:04:30 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009/07/09 23:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/05 03:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012/12/11 16:38:29 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\gfibto.sys -- (gfibto)
DRV - [2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/10/30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/10/15 17:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012/08/23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 15:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/06/05 18:40:30 | 000,722,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2010/02/24 13:41:50 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/29 04:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2009/07/29 02:38:00 | 000,049,016 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2009/07/28 04:09:28 | 000,055,680 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2009/07/24 19:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2009/07/13 23:13:45 | 001,068,032 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2009/07/10 06:40:02 | 004,994,048 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009/07/08 05:38:34 | 000,168,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2009/06/24 11:23:12 | 000,159,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2009/06/24 03:59:10 | 000,167,424 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009/06/19 17:58:08 | 000,009,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2009/06/19 17:57:20 | 000,079,872 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2009/06/19 17:56:48 | 000,042,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2009/06/17 19:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tosporte.sys -- (tosporte)
DRV - [2009/05/14 02:40:38 | 004,231,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/04/25 14:06:40 | 000,017,920 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.searchqu.com/410
IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Searchqu Web Search"
FF - prefs.js..browser.search.order.1: "Searchqu Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.6
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/12/13 11:07:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/11 16:38:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/11 10:57:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/12/07 19:25:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/11 16:38:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/11 10:57:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/12/07 19:25:30 | 000,000,000 | ---D | M]
 
[2011/11/11 18:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pinky\AppData\Roaming\mozilla\Extensions
[2012/12/13 10:42:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pinky\AppData\Roaming\mozilla\Firefox\Profiles\vug5t5ch.default\extensions
[2011/11/11 18:51:25 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Pinky\AppData\Roaming\mozilla\Firefox\Profiles\vug5t5ch.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2012/12/11 16:38:01 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Users\Pinky\AppData\Roaming\mozilla\Firefox\Profiles\vug5t5ch.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/11/23 13:52:36 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/12/19 09:29:48 | 000,000,950 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\icqplugin-1.xml
[2010/10/29 16:21:08 | 000,000,950 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\icqplugin-2.xml
[2010/12/11 13:42:07 | 000,000,950 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\icqplugin-3.xml
[2011/03/03 15:04:55 | 000,000,950 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\icqplugin-4.xml
[2011/02/22 18:55:04 | 000,001,034 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\icqplugin.xml
[2011/11/11 18:51:13 | 000,002,520 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\SearchResults.xml
[2010/06/10 11:43:11 | 000,003,915 | ---- | M] () -- C:\Users\Pinky\AppData\Roaming\mozilla\firefox\profiles\vug5t5ch.default\searchplugins\sweetim.xml
[2012/12/06 12:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012/12/13 11:07:03 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/12/06 12:20:24 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/11 08:40:57 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/29 18:43:56 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/07/11 08:40:57 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/11 08:40:57 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/11 18:51:13 | 000,002,520 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012/07/11 08:40:57 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/11 08:40:57 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\SEARCH~1\DATAMN~1.EXE (Bandoo Media, inc)
O4 - HKLM..\Run: [EasyFace Agent] C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE3D039C-347E-41C7-8F29-61E921620B0C}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{b7ccf718-af35-11e1-aa95-0024216d56f5}\Shell - "" = AutoRun
O33 - MountPoints2\{b7ccf718-af35-11e1-aa95-0024216d56f5}\Shell\AutoRun\command - "" = E:\setup.exe /autorun
O33 - MountPoints2\{b7ccf718-af35-11e1-aa95-0024216d56f5}\Shell\directx\command - "" = E:\DirectX\dxsetup.exe
O33 - MountPoints2\{b7ccf718-af35-11e1-aa95-0024216d56f5}\Shell\setup\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/12/20 10:40:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pinky\Desktop\OTL.exe
[2012/12/13 11:07:21 | 000,361,032 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSP.sys
[2012/12/13 11:07:21 | 000,021,256 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswFsBlk.sys
[2012/12/13 11:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/12/13 11:07:20 | 000,044,784 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswRdr2.sys
[2012/12/13 11:07:19 | 000,054,232 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswTdi.sys
[2012/12/13 11:07:17 | 000,738,504 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswSnx.sys
[2012/12/13 11:07:15 | 000,058,680 | ---- | C] (AVAST Software) -- C:\windows\System32\drivers\aswMonFlt.sys
[2012/12/13 11:06:55 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2012/12/13 11:06:54 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\System32\aswBoot.exe
[2012/12/13 11:06:35 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/12/13 11:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/12/11 16:45:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2012/12/11 16:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012/12/11 16:39:24 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2012/12/11 16:38:29 | 000,044,424 | ---- | C] (GFI Software) -- C:\windows\System32\sbbd.exe
[2012/12/11 16:38:29 | 000,013,560 | ---- | C] (GFI Software) -- C:\windows\System32\drivers\gfibto.sys
[2012/12/11 16:37:49 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2012/12/11 16:37:14 | 000,000,000 | ---D | C] -- C:\Users\Pinky\AppData\Roaming\LavasoftStatistics
[2012/12/11 16:37:03 | 000,000,000 | ---D | C] -- C:\Users\Pinky\AppData\Roaming\Ad-Aware Antivirus
[2012/12/10 21:16:33 | 000,000,000 | ---D | C] -- C:\Users\Pinky\AppData\Local\Ashampoo
[2012/12/10 21:14:47 | 000,000,000 | ---D | C] -- C:\Program Files\Ashampoo
[2012/12/07 19:25:30 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012/12/06 12:20:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/11/23 20:25:24 | 000,000,000 | ---D | C] -- C:\Users\Pinky\AppData\Local\{0738718A-73ED-466C-9BDB-810DAC5417A6}
[2012/11/23 13:36:02 | 000,000,000 | ---D | C] -- C:\Users\Pinky\2012_11_23
[2012/11/22 19:49:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/22 19:49:55 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012/11/22 19:49:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
 
========== Files - Modified Within 30 Days ==========
 
[2012/12/20 10:43:57 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/20 10:43:57 | 000,017,600 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/20 10:43:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/12/20 10:40:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pinky\Desktop\OTL.exe
[2012/12/20 10:35:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/12/20 10:35:33 | 2415,255,552 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/19 13:41:38 | 000,657,910 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/12/19 13:41:38 | 000,619,146 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/12/19 13:41:38 | 000,131,250 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/12/19 13:41:38 | 000,107,466 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/12/13 11:07:21 | 000,002,121 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/13 11:07:15 | 000,002,577 | ---- | M] () -- C:\windows\System32\config.nt
[2012/12/12 20:10:58 | 003,777,400 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/12/11 16:38:29 | 000,044,424 | ---- | M] (GFI Software) -- C:\windows\System32\sbbd.exe
[2012/12/11 16:38:29 | 000,013,560 | ---- | M] (GFI Software) -- C:\windows\System32\drivers\gfibto.sys
[2012/12/10 20:55:56 | 000,072,822 | ---- | M] () -- C:\windows\System32\ieuinit.inf
[2012/11/22 19:49:56 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
 
========== Files Created - No Company Name ==========
 
[2012/12/13 11:07:21 | 000,002,121 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/12/10 20:55:56 | 000,072,822 | ---- | C] () -- C:\windows\System32\ieuinit.inf
[2011/09/05 17:27:13 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll
[2011/09/05 17:27:13 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2011/04/19 11:41:31 | 000,001,940 | ---- | C] () -- C:\Users\Pinky\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/09/20 14:03:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/07 18:50:44 | 000,000,000 | ---- | C] () -- C:\Users\Pinky\cbe.cf4ad58012a4dad1ac9
[2010/08/07 18:50:02 | 000,000,016 | ---- | C] () -- C:\Users\Pinky\persistent_state
[2010/06/13 14:04:22 | 000,004,608 | ---- | C] () -- C:\Users\Pinky\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/13 14:03:38 | 000,000,088 | RHS- | C] () -- C:\ProgramData\454541F5D4.sys
[2010/06/13 14:03:37 | 000,002,828 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/12/11 16:53:21 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Ad-Aware Antivirus
[2012/07/09 09:28:26 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Canon
[2010/11/11 19:34:11 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/28 16:43:04 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\DVDVideoSoft
[2011/05/24 09:18:27 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/11/11 18:51:13 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\FreeAudioPack
[2010/11/17 13:05:21 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Gogii
[2010/11/14 09:21:02 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Intenium
[2011/05/28 15:27:52 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Opera
[2011/12/03 16:52:30 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\PhotoScape
[2011/12/09 17:16:30 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Samsung
[2010/11/11 19:33:21 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/04/08 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Thunderbird
[2010/08/19 14:28:55 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Tific
[2010/11/24 16:50:55 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\TOMI2.THE GATES OF FATE
[2010/07/24 13:19:15 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\TuneUp Software
[2011/10/26 17:14:48 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\Ulead Systems
[2010/06/10 10:27:18 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\URSoft
[2012/12/11 12:06:44 | 000,000,000 | ---D | M] -- C:\Users\Pinky\AppData\Roaming\UseNeXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010/06/09 15:27:26 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011/06/28 20:30:57 | 000,000,000 | ---D | M] -- C:\11ff3608f3ade0ec4b61
[2010/12/16 17:57:58 | 000,000,000 | ---D | M] -- C:\33c7e3854883ca98816b0adf
[2009/07/29 01:44:13 | 000,000,000 | -HSD | M] -- C:\Boot
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012/05/14 12:44:55 | 000,000,000 | ---D | M] -- C:\e8949085f606f10db2
[2011/11/11 19:06:52 | 000,000,000 | ---D | M] -- C:\FLAC To MP3
[2009/09/26 19:44:50 | 000,000,000 | ---D | M] -- C:\Intel
[2010/09/15 08:50:43 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/12/13 11:06:35 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/12/13 11:06:35 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012/12/20 10:49:17 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011/11/11 18:37:03 | 000,000,000 | ---D | M] -- C:\tmp
[2010/06/09 15:16:09 | 000,000,000 | R--D | M] -- C:\Users
[2012/12/13 11:06:55 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009/07/14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009/07/14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009/07/14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009/07/14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010/11/20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009/07/14 05:53:46 | 000,029,098 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU(40).TXT
[2009/07/14 05:53:46 | 000,032,632 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2012/06/12 16:47:00 | 000,000,884 | ---- | C] () -- C:\windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009/06/05 02:54:36 | 000,408,600 | ---- | M] (Intel Corporation) MD5=1D004CB1DA6323B1F55CAEF7F94B61D9 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/06/05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/06/05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\drivers\iaStor.sys
[2009/06/05 02:43:16 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_4f144d6467fc7c22\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2012/06/05 18:40:30 | 000,722,416 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/10 06:05:28 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\windows\system32\ATIDEMGX.dll
 
< %USERPROFILE%\*.* >
[2010/08/07 18:50:44 | 000,000,000 | ---- | M] () -- C:\Users\Pinky\cbe.cf4ad58012a4dad1ac9
[2012/12/20 10:48:13 | 003,670,016 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat
[2012/12/20 10:48:13 | 000,262,144 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat.LOG1
[2010/06/09 15:16:10 | 000,000,000 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat.LOG2
[2010/09/30 21:33:40 | 000,065,536 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{10f3fd23-ccb0-11df-8755-0024216d56f5}.TM.blf
[2010/09/30 21:33:40 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{10f3fd23-ccb0-11df-8755-0024216d56f5}.TMContainer00000000000000000001.regtrans-ms
[2010/09/30 21:33:40 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{10f3fd23-ccb0-11df-8755-0024216d56f5}.TMContainer00000000000000000002.regtrans-ms
[2010/09/30 17:28:33 | 000,065,536 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{4ee366a3-cc94-11df-b05c-0024216d56f5}.TM.blf
[2010/09/30 17:28:33 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{4ee366a3-cc94-11df-b05c-0024216d56f5}.TMContainer00000000000000000001.regtrans-ms
[2010/09/30 17:28:33 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\ntuser.dat{4ee366a3-cc94-11df-b05c-0024216d56f5}.TMContainer00000000000000000002.regtrans-ms
[2010/06/09 16:49:43 | 000,065,536 | -HS- | M] () -- C:\Users\Pinky\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/06/09 16:49:43 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/06/09 16:49:43 | 000,524,288 | -HS- | M] () -- C:\Users\Pinky\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010/06/09 15:16:10 | 000,000,020 | -HS- | M] () -- C:\Users\Pinky\ntuser.ini
[2010/08/07 18:50:02 | 000,000,016 | ---- | M] () -- C:\Users\Pinky\persistent_state
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 95 bytes -> C:\ProgramData\TEMP:B3D74A13
@Alternate Data Stream - 154 bytes -> C:\ProgramData\TEMP:1CE11B51

< End of report >
         
--- --- ---


Die Extras.Txt:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12/20/2012 10:46:09 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pinky\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.15 Gb Available Physical Memory | 71.62% Memory free
6.00 Gb Paging File | 5.08 Gb Available in Paging File | 84.68% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 172.79 Gb Total Space | 101.94 Gb Free Space | 58.99% Space Free | Partition Type: NTFS
Drive D: | 115.20 Gb Total Space | 12.81 Gb Free Space | 11.12% Space Free | Partition Type: NTFS
 
Computer Name: PINKY-MSI | User Name: Pinky | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Mit Corel PaintShop Pro X4 durchsuchen] -- "c:\Program Files\Corel\Corel PaintShop Pro X4\Corel PaintShop Pro.exe" "%L" (Corel, Inc.)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{360C69E1-F57D-4BAE-9011-83A98D5D915C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{37F19CD0-4587-4BF8-A118-8C464AA0CA25}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{501B7634-B943-47C5-A9A3-B76B6BB08FC2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{70E0B8BC-669F-4DD7-9860-E8D0BE348113}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{8A2068A3-FA74-472A-BC82-8030440229B1}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{A66EC08F-82ED-49F0-AA2B-B437141535B2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{CA06E756-0C1F-4DD8-AA11-48B76AFABA17}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01071A32-EBC6-4285-A945-B06D87165C33}" = protocol=6 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{070F9F5F-A9CB-496E-9642-7BC40A4EE960}" = protocol=6 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{072F3D83-815B-4072-86B8-BFF4E61E404D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{1ED22B5C-EBA6-4108-A5F9-DC3D4E981ACB}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 
"{2343FE9A-1963-4187-BA1E-FE508F5C676E}" = protocol=17 | dir=in | app=c:\program files\windows searchqu toolbar\datamngr\toolbar\dtuser.exe | 
"{27E0FBFE-6667-4A66-AB0C-6042A799517D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{327BBD1D-6602-4A1C-BD22-D1FA559C3EDC}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{3CA1A1CC-18C4-4FE2-A75C-F6BF3A4B70EB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{3D0A000F-B113-49A2-B57F-D673F4D9EB97}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{45C78FC4-5451-432F-858E-20D51D60485E}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{50A06091-78A5-45C2-8317-9950A6CEAD7E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{65555BCA-2B6B-4461-85E4-13EE18B19D9C}" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 
"{6C05C825-604B-49DE-B02E-517B3B340D56}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{739B3015-7177-4E8C-B7D2-8F9EB3C1D649}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{7DAD93A8-43B9-4838-8E9C-9BFA0E982125}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{8300BEE3-0F43-4032-9A09-7DD1BA785261}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe | 
"{980D7202-02B8-4369-8EB8-5C4D8FBB002C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{9F6C0395-4553-4554-9C57-185D4992E71E}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | 
"{A173ACF9-B458-44A1-ABCC-D09F4DB4EA0F}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{A1C5C385-8BD7-4D79-927D-AB5911ED83D1}" = protocol=6 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe | 
"{A3C1ABD0-32F1-4BE7-BDE5-6FD77E93A463}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{AA569CFE-1087-4A08-A1CA-5A711825306C}" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 
"{B73955C7-4FE5-4A9A-A1F4-13AAF7A7799F}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | 
"{BA759586-6F47-4910-88B9-F0015F7DC1D7}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{BF9E51C7-958D-4EB1-965A-C861476E8241}" = protocol=17 | dir=in | app=c:\program files\microsoft games\zoo tycoon 2\zt.exe | 
"{C531BA63-3351-461E-A451-A038DEE87FB1}" = protocol=17 | dir=in | app=c:\program files\opera\pluginwrapper\opera_plugin_wrapper.exe | 
"{C76D4873-6C07-4065-A42F-DFC2F25095D0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{E5B58A57-8F0C-491B-91A6-00258B8493F5}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{E87632AB-AB24-43D3-93D9-9BF44025F9D6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{00580795-581C-4587-B9F2-37320D7AB37F}" = Corel PaintShop Pro X4
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00580795-581C-4587-B9F2-37320D7AB37F}" = ICA
"{006CAAEF-CA96-4181-AC22-FE56D61432E4}" = PSPPContent
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{00AE1A2D-7BC2-4359-A0EC-E19F36E391BB}" = Corel PaintShop Pro X4
"{00BEE329-BAAB-49FF-9B66-55E4B12B9ADD}" = IPM_PSP_COM
"{00D13418-7DDF-4D3D-A237-E297B103BB6B}" = Setup
"{00D74A7A-F7AD-4D00-ABD2-0973836292C7}" = PSPPHelp
"{0187A501-2FF6-6D6B-B184-BA6A032C4AF4}" = Catalyst Control Center Core Implementation
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = MSI Software Install
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A960933-4D39-4495-A3F5-E5149943D761}" = EasyFace Logon
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B475977-CCA0-B0EB-B4CC-FC128E55DF65}" = Catalyst Control Center Graphics Full Existing
"{0C07E086-F067-2750-9EBF-CC73A2BEA0A1}" = CCC Help Portuguese
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{180FE2CC-0FAD-85C4-C987-9BD3CB2A1044}" = Catalyst Control Center InstallProxy
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1AF922C4-C111-83C5-73EC-684E78C2C093}" = CCC Help Hungarian
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C39C407-37B1-45EF-4792-7B796A8EC014}" = Catalyst Control Center Localization All
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33BD9689-83E9-D8E3-9A13-3E42476087B8}" = CCC Help Italian
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38140CA0-7632-2601-BB62-D0F9BAF28781}" = CCC Help French
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{469D7228-FA20-320C-4AC8-3E9C84CBBC3E}" = CCC Help Spanish
"{49FBD89B-044F-2DE7-8992-56B86A5E0926}" = Catalyst Control Center Graphics Full New
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{588E49B4-095D-986B-C28C-5262FA721902}" = CCC Help German
"{5C1E13D7-496E-59E9-822D-C9D09964AD46}" = ATI Catalyst Install Manager
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5E87AA2F-924A-2B1A-375B-38CA3248E26B}" = CCC Help Russian
"{62F6ED58-8248-2FCE-057B-8F30872BDA23}" = CCC Help Chinese Standard
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{754A1DBC-3DFA-4DB8-BC50-6A3B073AD1F4}" = MSI S-Bar Utilities
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7EC0AB45-D838-BCFB-644F-4D57B0D8B7DE}" = CCC Help English
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91003CC2-9F3C-973F-FD11-AC8FE08542B6}" = CCC Help Korean
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{96B046CC-39DD-9AB1-51E9-39EB224C0641}" = CCC Help Polish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC90219-7C80-B6B3-CBB8-62ACCC081952}" = CCC Help Chinese Traditional
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}" = iTunes
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C9295533-FEDF-F3D7-A6CD-DB463E81A37B}" = Catalyst Control Center Graphics Light
"{C9C6CF79-89BF-12F2-F47A-28D948C6E5EB}" = ccc-core-static
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF436A67-211E-D9DF-D587-817A5E611F85}" = CCC Help Czech
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4F27E8F-434B-0182-7324-60E5EDADC159}" = ccc-utility
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = MSI EasyViewer
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2BB4DC9-B4C2-8E40-7948-C99678ADF096}" = Catalyst Control Center Graphics Previews Vista
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB096FBD-F771-CF4A-4DA4-B4EDBEF44516}" = CCC Help Turkish
"{FC2822D9-926E-4F55-B2A2-C49A0588802E}" = ArcSoft Print Creations
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Elantech" = ETDWare PS/2-x86 7.0.5.5_WHQL
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = MSI EasyViewer
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Opera 12.11.1661" = Opera 12.11
"PhotoScape" = PhotoScape
"SearchCore for Browsers" = SearchCore for Browsers
"Searchqu 410 MediaBar" = Windows Searchqu Toolbar
"TuneUp Utilities" = TuneUp Utilities
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 1.1.1
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"YU2010_is1" = Your Uninstaller! 2010
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/1/2012 10:39:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/1/2012 10:39:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 21623517
 
Error - 6/1/2012 10:39:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 21623517
 
Error - 6/5/2012 12:00:12 PM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/5/2012 12:00:12 PM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9257599
 
Error - 6/5/2012 12:00:12 PM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9257599
 
Error - 6/5/2012 2:23:58 PM | Computer Name = Pinky-msi | Source = Application Hang | ID = 1002
Description = Programm zt.exe, Version 20.10.0.26 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: b60    Startzeit: 
01cd434442c9ed6f    Endzeit: 173    Anwendungspfad: C:\Program Files\Microsoft Games\Zoo
 Tycoon 2\zt.exe    Berichts-ID:   
 
Error - 6/11/2012 10:56:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 6/11/2012 10:56:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2090
 
Error - 6/11/2012 10:56:08 AM | Computer Name = Pinky-msi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2090
 
[ System Events ]
Error - 12/19/2012 10:35:49 AM | Computer Name = Pinky-msi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12/19/2012 2:36:38 PM | Computer Name = Pinky-msi | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12/19/2012 2:36:38 PM | Computer Name = Pinky-msi | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12/19/2012 2:37:11 PM | Computer Name = Pinky-msi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
Error - 12/19/2012 3:29:45 PM | Computer Name = Pinky-msi | Source = DCOM | ID = 10010
Description = 
 
Error - 12/19/2012 3:29:45 PM | Computer Name = Pinky-msi | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 12/19/2012 3:29:46 PM | Computer Name = Pinky-msi | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12/20/2012 5:35:38 AM | Computer Name = Pinky-msi | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 12/20/2012 5:35:38 AM | Computer Name = Pinky-msi | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 12/20/2012 5:36:48 AM | Computer Name = Pinky-msi | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   cdrom
 
 
< End of report >
         
--- --- ---
__________________

Alt 20.12.2012, 12:19   #4
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hi,
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.12.2012, 15:18   #5
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Ok hab ich gemacht, der hat jetzt drei Dinge gefunden, wie kann ich den Log hier reinsetzen? Stell mich grad echt blöde an


Alt 20.12.2012, 15:23   #6
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Öffne bitte c: TDSS-Killer-Datum-Version.txt und poste deren Inhalt.
__________________
--> Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr

Alt 20.12.2012, 15:42   #7
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



So hier, habs gefunden

Teil 1
Zitat:
16:12:56.0136 6104 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:12:56.0510 6104 ============================================================
16:12:56.0510 6104 Current date / time: 2012/12/20 16:12:56.0510
16:12:56.0510 6104 SystemInfo:
16:12:56.0510 6104
16:12:56.0510 6104 OS Version: 6.1.7601 ServicePack: 1.0
16:12:56.0510 6104 Product type: Workstation
16:12:56.0510 6104 ComputerName: PINKY-MSI
16:12:56.0510 6104 UserName: Pinky
16:12:56.0510 6104 Windows directory: C:\windows
16:12:56.0510 6104 System windows directory: C:\windows
16:12:56.0510 6104 Processor architecture: Intel x86
16:12:56.0510 6104 Number of processors: 1
16:12:56.0510 6104 Page size: 0x1000
16:12:56.0510 6104 Boot type: Normal boot
16:12:56.0510 6104 ============================================================
16:12:57.0555 6104 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:12:57.0555 6104 ============================================================
16:12:57.0555 6104 \Device\Harddisk0\DR0:
16:12:57.0555 6104 MBR partitions:
16:12:57.0555 6104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x15997000
16:12:57.0555 6104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16DC9800, BlocksNum 0xE664800
16:12:57.0555 6104 ============================================================
16:12:57.0602 6104 C: <-> \Device\Harddisk0\DR0\Partition1
16:12:57.0789 6104 D: <-> \Device\Harddisk0\DR0\Partition2
16:12:57.0789 6104 ============================================================
16:12:57.0789 6104 Initialize success
16:12:57.0789 6104 ============================================================
16:14:13.0527 3344 ============================================================
16:14:13.0527 3344 Scan started
16:14:13.0527 3344 Mode: Manual; SigCheck; TDLFS;
16:14:13.0527 3344 ============================================================
16:14:14.0385 3344 ================ Scan system memory ========================
16:14:14.0385 3344 System memory - ok
16:14:14.0401 3344 ================ Scan services =============================
16:14:14.0713 3344 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:14:14.0994 3344 1394ohci - ok
16:14:15.0134 3344 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:14:15.0587 3344 ACDaemon - ok
16:14:15.0711 3344 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:14:15.0758 3344 ACPI - ok
16:14:15.0821 3344 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:14:15.0883 3344 AcpiPmi - ok
16:14:16.0039 3344 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:14:16.0070 3344 AdobeARMservice - ok
16:14:16.0164 3344 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:14:16.0195 3344 AdobeFlashPlayerUpdateSvc - ok
16:14:16.0289 3344 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:14:16.0335 3344 adp94xx - ok
16:14:16.0367 3344 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:14:16.0413 3344 adpahci - ok
16:14:16.0445 3344 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:14:16.0491 3344 adpu320 - ok
16:14:16.0538 3344 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:14:16.0632 3344 AeLookupSvc - ok
16:14:16.0694 3344 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:14:16.0757 3344 AFD - ok
16:14:16.0819 3344 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:14:16.0850 3344 agp440 - ok
16:14:16.0913 3344 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:14:16.0944 3344 aic78xx - ok
16:14:17.0022 3344 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:14:17.0100 3344 ALG - ok
16:14:17.0162 3344 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:14:17.0209 3344 aliide - ok
16:14:17.0256 3344 [ E3836DCF317E75D31698B0584DEEC313 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:14:17.0349 3344 AMD External Events Utility - ok
16:14:17.0381 3344 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:14:17.0427 3344 amdagp - ok
16:14:17.0474 3344 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:14:17.0505 3344 amdide - ok
16:14:17.0568 3344 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:14:17.0630 3344 AmdK8 - ok
16:14:17.0646 3344 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:14:17.0708 3344 AmdPPM - ok
16:14:17.0786 3344 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
16:14:17.0817 3344 amdsata - ok
16:14:17.0849 3344 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:14:17.0895 3344 amdsbs - ok
16:14:17.0927 3344 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:14:17.0973 3344 amdxata - ok
16:14:18.0036 3344 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:14:18.0129 3344 AppID - ok
16:14:18.0192 3344 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:14:18.0285 3344 AppIDSvc - ok
16:14:18.0332 3344 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:14:18.0426 3344 Appinfo - ok
16:14:18.0535 3344 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:14:18.0566 3344 Apple Mobile Device - ok
16:14:18.0613 3344 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:14:18.0660 3344 arc - ok
16:14:18.0675 3344 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:14:18.0738 3344 arcsas - ok
16:14:18.0785 3344 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:14:18.0816 3344 ArcSoftKsUFilter - ok
16:14:18.0878 3344 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:14:18.0909 3344 aswFsBlk - ok
16:14:18.0972 3344 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:14:19.0019 3344 aswMonFlt - ok
16:14:19.0034 3344 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:14:19.0081 3344 aswRdr - ok
16:14:19.0128 3344 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:14:19.0190 3344 aswSnx - ok
16:14:19.0284 3344 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:14:19.0331 3344 aswSP - ok
16:14:19.0377 3344 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:14:19.0424 3344 aswTdi - ok
16:14:19.0440 3344 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:14:19.0549 3344 AsyncMac - ok
16:14:19.0611 3344 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:14:19.0658 3344 atapi - ok
16:14:19.0877 3344 [ C17C77E84B11B5E01F32DD6B98930F36 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:14:20.0173 3344 atikmdag - ok
16:14:20.0267 3344 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:14:20.0391 3344 AudioEndpointBuilder - ok
16:14:20.0423 3344 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:14:20.0516 3344 Audiosrv - ok
16:14:20.0625 3344 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:14:20.0657 3344 avast! Antivirus - ok
16:14:20.0719 3344 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:14:20.0797 3344 AxInstSV - ok
16:14:20.0859 3344 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:14:20.0937 3344 b06bdrv - ok
16:14:21.0000 3344 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:14:21.0062 3344 b57nd60x - ok
16:14:21.0156 3344 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:14:21.0234 3344 BDESVC - ok
16:14:21.0281 3344 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:14:21.0374 3344 Beep - ok
16:14:21.0452 3344 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:14:21.0561 3344 BFE - ok
16:14:21.0624 3344 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
16:14:21.0749 3344 BITS - ok
16:14:21.0795 3344 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:14:21.0858 3344 blbdrive - ok
16:14:21.0967 3344 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:14:22.0014 3344 Bonjour Service - ok
16:14:22.0076 3344 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:14:22.0123 3344 bowser - ok
16:14:22.0170 3344 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:14:22.0248 3344 BrFiltLo - ok
16:14:22.0279 3344 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:14:22.0326 3344 BrFiltUp - ok
16:14:22.0404 3344 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:14:22.0451 3344 Browser - ok
16:14:22.0513 3344 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:14:22.0575 3344 Brserid - ok
16:14:22.0607 3344 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:14:22.0653 3344 BrSerWdm - ok
16:14:22.0669 3344 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:14:22.0731 3344 BrUsbMdm - ok
16:14:22.0747 3344 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:14:22.0809 3344 BrUsbSer - ok
16:14:22.0872 3344 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:14:22.0950 3344 BthEnum - ok
16:14:22.0981 3344 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:14:23.0059 3344 BTHMODEM - ok
16:14:23.0075 3344 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:14:23.0137 3344 BthPan - ok
16:14:23.0215 3344 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:14:23.0277 3344 BTHPORT - ok
16:14:23.0340 3344 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:14:23.0449 3344 bthserv - ok
16:14:23.0496 3344 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:14:23.0574 3344 BTHUSB - ok
16:14:23.0621 3344 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:14:23.0730 3344 cdfs - ok
16:14:23.0792 3344 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:14:23.0870 3344 cdrom - ok
16:14:23.0948 3344 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:14:24.0042 3344 CertPropSvc - ok
16:14:24.0089 3344 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:14:24.0151 3344 circlass - ok
16:14:24.0198 3344 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:14:24.0260 3344 CLFS - ok
16:14:24.0385 3344 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:14:24.0432 3344 clr_optimization_v2.0.50727_32 - ok
16:14:24.0588 3344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:14:24.0635 3344 clr_optimization_v4.0.30319_32 - ok
16:14:24.0681 3344 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:14:24.0728 3344 CmBatt - ok
16:14:24.0791 3344 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:14:24.0822 3344 cmdide - ok
16:14:24.0884 3344 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
16:14:24.0962 3344 CNG - ok
16:14:24.0993 3344 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:14:25.0040 3344 Compbatt - ok
16:14:25.0087 3344 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:14:25.0149 3344 CompositeBus - ok
16:14:25.0196 3344 COMSysApp - ok
16:14:25.0243 3344 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:14:25.0290 3344 crcdisk - ok
16:14:25.0352 3344 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
16:14:25.0430 3344 CryptSvc - ok
16:14:25.0493 3344 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:14:25.0602 3344 DcomLaunch - ok
16:14:25.0664 3344 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:14:25.0773 3344 defragsvc - ok
16:14:25.0851 3344 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:14:25.0929 3344 DfsC - ok
16:14:26.0007 3344 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:14:26.0085 3344 Dhcp - ok
16:14:26.0132 3344 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:14:26.0226 3344 discache - ok
16:14:26.0288 3344 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:14:26.0319 3344 Disk - ok
16:14:26.0366 3344 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:14:26.0413 3344 Dnscache - ok
16:14:26.0475 3344 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:14:26.0569 3344 dot3svc - ok
16:14:26.0631 3344 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:14:26.0741 3344 DPS - ok
16:14:26.0803 3344 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:14:26.0850 3344 drmkaud - ok
16:14:26.0912 3344 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:14:26.0975 3344 DXGKrnl - ok
16:14:27.0006 3344 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:14:27.0099 3344 EapHost - ok
16:14:27.0224 3344 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:14:27.0411 3344 ebdrv - ok
16:14:27.0474 3344 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:14:27.0536 3344 EFS - ok
16:14:27.0630 3344 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:14:27.0723 3344 ehRecvr - ok
16:14:27.0770 3344 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:14:27.0833 3344 ehSched - ok
16:14:27.0942 3344 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:14:27.0989 3344 elxstor - ok
16:14:28.0020 3344 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:14:28.0082 3344 ErrDev - ok
16:14:28.0145 3344 [ 7B7E380B39F182E597DF78DC16FA08AE ] ETD C:\windows\system32\DRIVERS\ETD.sys
16:14:28.0223 3344 ETD - ok
16:14:28.0285 3344 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:14:28.0394 3344 EventSystem - ok
16:14:28.0457 3344 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:14:28.0550 3344 exfat - ok
16:14:28.0566 3344 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:14:28.0659 3344 fastfat - ok
16:14:28.0753 3344 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:14:28.0815 3344 Fax - ok
16:14:28.0862 3344 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:14:28.0925 3344 fdc - ok
16:14:28.0971 3344 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:14:29.0081 3344 fdPHost - ok
16:14:29.0112 3344 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:14:29.0221 3344 FDResPub - ok
16:14:29.0252 3344 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:14:29.0299 3344 FileInfo - ok
16:14:29.0315 3344 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:14:29.0408 3344 Filetrace - ok
16:14:29.0455 3344 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:14:29.0517 3344 flpydisk - ok
16:14:29.0564 3344 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:14:29.0627 3344 FltMgr - ok
16:14:29.0705 3344 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
16:14:29.0798 3344 FontCache - ok
16:14:29.0876 3344 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:14:29.0907 3344 FontCache3.0.0.0 - ok
16:14:29.0954 3344 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:14:29.0985 3344 FsDepends - ok
16:14:30.0063 3344 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
16:14:30.0095 3344 fssfltr - ok
16:14:30.0219 3344 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
16:14:30.0313 3344 fsssvc - ok
16:14:30.0422 3344 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\windows\system32\FsUsbExDisk.SYS
16:14:30.0469 3344 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
16:14:30.0469 3344 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
16:14:30.0547 3344 [ 96633419F4A1E37ACB89B45EBCCFE001 ] FsUsbExService C:\windows\system32\FsUsbExService.Exe
16:14:30.0578 3344 FsUsbExService - ok
16:14:30.0641 3344 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:14:30.0672 3344 Fs_Rec - ok
16:14:30.0750 3344 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:14:30.0797 3344 fvevol - ok
16:14:30.0843 3344 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:14:30.0890 3344 gagp30kx - ok
16:14:30.0937 3344 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
16:14:30.0968 3344 GEARAspiWDM - ok
16:14:31.0062 3344 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\windows\system32\drivers\gfibto.sys
16:14:31.0077 3344 gfibto - ok
16:14:31.0171 3344 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:14:31.0280 3344 gpsvc - ok
16:14:31.0343 3344 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:14:31.0374 3344 hcw85cir - ok
16:14:31.0436 3344 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:14:31.0514 3344 HdAudAddService - ok
16:14:31.0561 3344 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:14:31.0623 3344 HDAudBus - ok
16:14:31.0686 3344 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:14:31.0748 3344 HidBatt - ok
16:14:31.0764 3344 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:14:31.0826 3344 HidBth - ok
16:14:31.0842 3344 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:14:31.0889 3344 HidIr - ok
16:14:31.0935 3344 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
16:14:32.0045 3344 hidserv - ok
16:14:32.0107 3344 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:14:32.0169 3344 HidUsb - ok
16:14:32.0216 3344 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:14:32.0294 3344 hkmsvc - ok
16:14:32.0341 3344 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:14:32.0403 3344 HomeGroupListener - ok
16:14:32.0466 3344 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:14:32.0559 3344 HomeGroupProvider - ok
16:14:32.0622 3344 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:14:32.0653 3344 HpSAMD - ok
16:14:32.0762 3344 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:14:32.0856 3344 HTTP - ok
16:14:32.0903 3344 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:14:32.0934 3344 hwpolicy - ok
16:14:32.0996 3344 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:14:33.0074 3344 i8042prt - ok
16:14:33.0168 3344 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:14:33.0215 3344 IAANTMON - ok
16:14:33.0246 3344 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:14:33.0277 3344 iaStor - ok
16:14:33.0339 3344 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:14:33.0402 3344 iaStorV - ok
16:14:33.0495 3344 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:14:33.0558 3344 idsvc - ok
16:14:33.0620 3344 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:14:33.0651 3344 iirsp - ok
16:14:33.0745 3344 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:14:33.0854 3344 IKEEXT - ok
16:14:33.0979 3344 [ 3E604ED68432EBC4EFC1063342E7070B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:14:34.0119 3344 IntcAzAudAddService - ok
16:14:34.0166 3344 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:14:34.0197 3344 intelide - ok
16:14:34.0244 3344 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:14:34.0291 3344 intelppm - ok
16:14:34.0322 3344 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:14:34.0385 3344 IPBusEnum - ok
16:14:34.0416 3344 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:14:34.0478 3344 IpFilterDriver - ok
16:14:34.0572 3344 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:14:34.0650 3344 iphlpsvc - ok
16:14:34.0697 3344 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:14:34.0775 3344 IPMIDRV - ok
16:14:34.0806 3344 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:14:34.0915 3344 IPNAT - ok
16:14:35.0055 3344 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:14:35.0118 3344 iPod Service - ok
16:14:35.0165 3344 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:14:35.0243 3344 IRENUM - ok
16:14:35.0289 3344 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:14:35.0321 3344 isapnp - ok
16:14:35.0352 3344 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:14:35.0399 3344 iScsiPrt - ok
16:14:35.0445 3344 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:14:35.0492 3344 kbdclass - ok
16:14:35.0523 3344 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:14:35.0586 3344 kbdhid - ok
16:14:35.0633 3344 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:14:35.0679 3344 KeyIso - ok
16:14:35.0726 3344 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:14:35.0773 3344 KSecDD - ok
16:14:35.0820 3344 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:14:35.0851 3344 KSecPkg - ok
16:14:35.0898 3344 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:14:36.0023 3344 KtmRm - ok
16:14:36.0101 3344 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
16:14:36.0210 3344 LanmanServer - ok
16:14:36.0272 3344 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:14:36.0381 3344 LanmanWorkstation - ok
16:14:36.0459 3344 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:14:36.0553 3344 lltdio - ok
16:14:36.0600 3344 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:14:36.0693 3344 lltdsvc - ok
16:14:36.0740 3344 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:14:36.0834 3344 lmhosts - ok
16:14:36.0896 3344 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:14:36.0927 3344 LSI_FC - ok
16:14:36.0959 3344 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:14:37.0005 3344 LSI_SAS - ok
16:14:37.0037 3344 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:14:37.0068 3344 LSI_SAS2 - ok
16:14:37.0099 3344 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:14:37.0146 3344 LSI_SCSI - ok
16:14:37.0193 3344 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:14:37.0271 3344 luafv - ok
16:14:37.0333 3344 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:14:37.0380 3344 Mcx2Svc - ok
16:14:37.0411 3344 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:14:37.0458 3344 megasas - ok
16:14:37.0473 3344 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:14:37.0520 3344 MegaSR - ok
16:14:37.0598 3344 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
16:14:37.0645 3344 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
16:14:37.0645 3344 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
16:14:37.0739 3344 Microsoft SharePoint Workspace Audit Service - ok
16:14:37.0770 3344 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:14:37.0879 3344 MMCSS - ok
16:14:37.0926 3344 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:14:38.0019 3344 Modem - ok
16:14:38.0082 3344 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:14:38.0144 3344 monitor - ok
16:14:38.0207 3344 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
16:14:38.0253 3344 mouclass - ok
16:14:38.0269 3344 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:14:38.0347 3344 mouhid - ok
16:14:38.0409 3344 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:14:38.0456 3344 mountmgr - ok
16:14:38.0534 3344 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:14:38.0565 3344 MozillaMaintenance - ok
16:14:38.0612 3344 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:14:38.0643 3344 mpio - ok
16:14:38.0690 3344 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:14:38.0799 3344 mpsdrv - ok
16:14:38.0862 3344 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:14:38.0987 3344 MpsSvc - ok
16:14:39.0033 3344 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:14:39.0111 3344 MRxDAV - ok
16:14:39.0174 3344 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:14:39.0221 3344 mrxsmb - ok
16:14:39.0283 3344 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:14:39.0345 3344 mrxsmb10 - ok
16:14:39.0392 3344 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:14:39.0455 3344 mrxsmb20 - ok
16:14:39.0486 3344 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:14:39.0517 3344 msahci - ok
16:14:39.0564 3344 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:14:39.0626 3344 msdsm - ok
16:14:39.0657 3344 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:14:39.0735 3344 MSDTC - ok
16:14:39.0782 3344 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:14:39.0907 3344 Msfs - ok
16:14:39.0938 3344 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:14:40.0016 3344 mshidkmdf - ok
16:14:40.0047 3344 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:14:40.0094 3344 msisadrv - ok
16:14:40.0141 3344 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:14:40.0250 3344 MSiSCSI - ok
16:14:40.0266 3344 msiserver - ok
16:14:40.0344 3344 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:14:40.0453 3344 MSKSSRV - ok
16:14:40.0469 3344 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:14:40.0547 3344 MSPCLOCK - ok
16:14:40.0562 3344 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:14:40.0625 3344 MSPQM - ok
16:14:40.0671 3344 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:14:40.0703 3344 MsRPC - ok
16:14:40.0734 3344 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:14:40.0765 3344 mssmbios - ok
16:14:40.0765 3344 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:14:40.0827 3344 MSTEE - ok
16:14:40.0843 3344 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:14:40.0874 3344 MTConfig - ok
16:14:40.0890 3344 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:14:40.0921 3344 Mup - ok
16:14:40.0968 3344 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:14:41.0046 3344 napagent - ok
16:14:41.0124 3344 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:14:41.0155 3344 NativeWifiP - ok
16:14:41.0217 3344 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
16:14:41.0264 3344 NDIS - ok
16:14:41.0280 3344 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:14:41.0358 3344 NdisCap - ok
16:14:41.0405 3344 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:14:41.0467 3344 NdisTapi - ok
16:14:41.0514 3344 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:14:41.0576 3344 Ndisuio - ok
16:14:41.0623 3344 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:14:41.0685 3344 NdisWan - ok
16:14:41.0732 3344 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:14:41.0795 3344 NDProxy - ok
16:14:41.0841 3344 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:14:41.0919 3344 NetBIOS - ok
16:14:41.0966 3344 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:14:42.0013 3344 NetBT - ok
16:14:42.0044 3344 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:14:42.0075 3344 Netlogon - ok
16:14:42.0122 3344 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:14:42.0185 3344 Netman - ok
16:14:42.0200 3344 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:14:42.0294 3344 netprofm - ok
16:14:42.0341 3344 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:14:42.0356 3344 NetTcpPortSharing - ok
16:14:42.0512 3344 [ AF1AE2E42B03395560B1CDE03230205C ] NETw5v32 C:\windows\system32\DRIVERS\NETw5v32.sys
16:14:42.0762 3344 NETw5v32 - ok
16:14:42.0824 3344 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:14:42.0855 3344 nfrd960 - ok
16:14:42.0902 3344 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
16:14:42.0980 3344 NlaSvc - ok
16:14:43.0027 3344 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:14:43.0105 3344 Npfs - ok
16:14:43.0152 3344 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:14:43.0245 3344 nsi - ok
16:14:43.0277 3344 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:14:43.0370 3344 nsiproxy - ok
16:14:43.0464 3344 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:14:43.0557 3344 Ntfs - ok
16:14:43.0604 3344 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:14:43.0698 3344 Null - ok
16:14:43.0776 3344 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:14:43.0823 3344 nvraid - ok
16:14:43.0869 3344 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:14:43.0916 3344 nvstor - ok
16:14:43.0947 3344 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:14:43.0994 3344 nv_agp - ok
16:14:44.0041 3344 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:14:44.0103 3344 ohci1394 - ok
16:14:44.0197 3344 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:14:44.0228 3344 ose - ok
16:14:44.0447 3344 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:14:44.0790 3344 osppsvc - ok
16:14:44.0852 3344 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:14:44.0915 3344 p2pimsvc - ok
16:14:44.0930 3344 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:14:44.0993 3344 p2psvc - ok
16:14:45.0039 3344 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:14:45.0055 3344 Parport - ok
16:14:45.0102 3344 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:14:45.0133 3344 partmgr - ok
16:14:45.0149 3344 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:14:45.0195 3344 Parvdm - ok
16:14:45.0242 3344 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:14:45.0289 3344 PcaSvc - ok
16:14:45.0336 3344 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:14:45.0351 3344 pci - ok
16:14:45.0383 3344 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:14:45.0414 3344 pciide - ok
16:14:45.0445 3344 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:14:45.0476 3344 pcmcia - ok
16:14:45.0492 3344 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:14:45.0523 3344 pcw - ok
16:14:45.0570 3344 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:14:45.0648 3344 PEAUTH - ok
16:14:45.0773 3344 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:14:45.0866 3344 pla - ok
16:14:45.0929 3344 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:14:45.0991 3344 PlugPlay - ok
16:14:46.0038 3344 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:14:46.0085 3344 PNRPAutoReg - ok
16:14:46.0131 3344 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:14:46.0163 3344 PNRPsvc - ok
16:14:46.0225 3344 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:14:46.0319 3344 PolicyAgent - ok
16:14:46.0365 3344 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:14:46.0475 3344 Power - ok
16:14:46.0537 3344 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:14:46.0646 3344 PptpMiniport - ok
16:14:46.0693 3344 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:14:46.0755 3344 Processor - ok
16:14:46.0849 3344 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
16:14:46.0896 3344 ProfSvc - ok
16:14:46.0927 3344 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:14:46.0974 3344 ProtectedStorage - ok
16:14:47.0005 3344 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:14:47.0099 3344 Psched - ok
16:14:47.0192 3344 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:14:47.0223 3344 PSI_SVC_2 - ok
16:14:47.0301 3344 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:14:47.0411 3344 ql2300 - ok
16:14:47.0473 3344 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:14:47.0504 3344 ql40xx - ok
16:14:47.0567 3344 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:14:47.0660 3344 QWAVE - ok
16:14:47.0707 3344 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:14:47.0754 3344 QWAVEdrv - ok
16:14:47.0769 3344 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:14:47.0847 3344 RasAcd - ok
16:14:47.0910 3344 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:14:48.0003 3344 RasAgileVpn - ok
16:14:48.0050 3344 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:14:48.0128 3344 RasAuto - ok
16:14:48.0191 3344 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:14:48.0300 3344 Rasl2tp - ok
16:14:48.0378 3344 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:14:48.0487 3344 RasMan - ok
16:14:48.0534 3344 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:14:48.0627 3344 RasPppoe - ok
16:14:48.0643 3344 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:14:48.0721 3344 RasSstp - ok
16:14:48.0783 3344 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:14:48.0877 3344 rdbss - ok
16:14:48.0924 3344 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:14:48.0971 3344 rdpbus - ok
16:14:49.0033 3344 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:14:49.0111 3344 RDPCDD - ok
16:14:49.0158 3344 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:14:49.0236 3344 RDPENCDD - ok
16:14:49.0283 3344 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:14:49.0361 3344 RDPREFMP - ok
16:14:49.0423 3344 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:14:49.0470 3344 RdpVideoMiniport - ok
16:14:49.0517 3344 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:14:49.0563 3344 RDPWD - ok
16:14:49.0641 3344 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:14:49.0688 3344 rdyboost - ok
16:14:49.0719 3344 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:14:49.0829 3344 RemoteAccess - ok
16:14:49.0875 3344 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:14:49.0969 3344 RemoteRegistry - ok
16:14:50.0031 3344 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:14:50.0094 3344 RFCOMM - ok
16:14:50.0141 3344 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:14:50.0250 3344 RpcEptMapper - ok
16:14:50.0297 3344 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:14:50.0375 3344 RpcLocator - ok
16:14:50.0421 3344 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
16:14:50.0515 3344 RpcSs - ok
16:14:50.0562 3344 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:14:50.0687 3344 rspndr - ok
16:14:50.0718 3344 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
16:14:50.0780 3344 RSUSBSTOR - ok
16:14:50.0827 3344 [ 87407B31EA6FF0DC4765258164B98BEA ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIV.sys
16:14:50.0858 3344 RTHDMIAzAudService - ok
16:14:50.0921 3344 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:14:50.0983 3344 RTL8167 - ok
16:14:51.0014 3344 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:14:51.0061 3344 SamSs - ok
16:14:51.0123 3344 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:14:51.0170 3344 sbp2port - ok
16:14:51.0233 3344 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:14:51.0311 3344 SCardSvr - ok
16:14:51.0373 3344 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:14:51.0451 3344 scfilter - ok
16:14:51.0529 3344 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:14:51.0654 3344 Schedule - ok
16:14:51.0685 3344 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:14:51.0763 3344 SCPolicySvc - ok
16:14:51.0825 3344 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\windows\system32\drivers\sdbus.sys
16:14:51.0888 3344 sdbus - ok
16:14:51.0950 3344 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:14:52.0044 3344 SDRSVC - ok
16:14:52.0122 3344 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:14:52.0169 3344 SeaPort - ok
16:14:52.0215 3344 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:14:52.0309 3344 secdrv - ok
16:14:52.0356 3344 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:14:52.0465 3344 seclogon - ok
16:14:52.0512 3344 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
16:14:52.0621 3344 SENS - ok
16:14:52.0668 3344 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:14:52.0715 3344 SensrSvc - ok
16:14:52.0761 3344 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:14:52.0824 3344 Serenum - ok
16:14:52.0871 3344 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:14:52.0933 3344 Serial - ok
16:14:52.0980 3344 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:14:53.0042 3344 sermouse - ok
16:14:53.0136 3344 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:14:53.0245 3344 SessionEnv - ok
16:14:53.0307 3344 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:14:53.0339 3344 sffdisk - ok
16:14:53.0370 3344 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:14:53.0432 3344 sffp_mmc - ok
16:14:53.0479 3344 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:14:53.0526 3344 sffp_sd - ok
16:14:53.0557 3344 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:14:53.0635 3344 sfloppy - ok
16:14:53.0697 3344 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:14:53.0807 3344 SharedAccess - ok
16:14:53.0869 3344 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:14:53.0994 3344 ShellHWDetection - ok
16:14:54.0056 3344 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:14:54.0087 3344 sisagp - ok
16:14:54.0150 3344 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:14:54.0197 3344 SiSRaid2 - ok
16:14:54.0212 3344 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:14:54.0259 3344 SiSRaid4 - ok
16:14:54.0368 3344 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:14:54.0399 3344 SkypeUpdate - ok
16:14:54.0431 3344 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:14:54.0524 3344 Smb - ok
16:14:54.0602 3344 [ 19301C27F3425DC39F6C599F527E507D ] smserial C:\windows\system32\DRIVERS\smserial.sys
16:14:54.0696 3344 smserial - ok
16:14:54.0774 3344 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:14:54.0836 3344 SNMPTRAP - ok
16:14:54.0883 3344 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:14:54.0914 3344 spldr - ok
16:14:54.0992 3344 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
16:14:55.0055 3344 Spooler - ok
16:14:55.0211 3344 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:14:55.0398 3344 sppsvc - ok
16:14:55.0476 3344 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:14:55.0554 3344 sppuinotify - ok
16:14:55.0679 3344 [ A80CD850D69D996C832BEA37E3A6AA1E ] sptd C:\windows\system32\Drivers\sptd.sys
16:14:55.0679 3344 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: A80CD850D69D996C832BEA37E3A6AA1E
16:14:55.0679 3344 sptd ( LockedFile.Multi.Generic ) - warning
16:14:55.0679 3344 sptd - detected LockedFile.Multi.Generic (1)
16:14:55.0741 3344 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:14:55.0788 3344 srv - ok
16:14:55.0835 3344 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:14:55.0897 3344 srv2 - ok
16:14:55.0944 3344 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:14:56.0006 3344 srvnet - ok
16:14:56.0069 3344 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:14:56.0178 3344 SSDPSRV - ok
16:14:56.0209 3344 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:14:56.0303 3344 SstpSvc - ok
16:14:56.0365 3344 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
16:14:56.0412 3344 ss_bbus - ok
16:14:56.0474 3344 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
16:14:56.0505 3344 ss_bmdfl - ok
16:14:56.0552 3344 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
16:14:56.0583 3344 ss_bmdm - ok
16:14:56.0615 3344 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:14:56.0661 3344 stexstor - ok
16:14:56.0755 3344 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:14:56.0833 3344 StiSvc - ok
16:14:56.0895 3344 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:14:56.0942 3344 swenum - ok
16:14:56.0989 3344 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:14:57.0098 3344 swprv - ok
16:14:57.0192 3344 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:14:57.0285 3344 SysMain - ok
16:14:57.0348 3344 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:14:57.0426 3344 TabletInputService - ok
16:14:57.0473 3344 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:14:57.0566 3344 TapiSrv - ok
16:14:57.0613 3344 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:14:57.0722 3344 TBS - ok
16:14:57.0831 3344 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:14:57.0909 3344 Tcpip - ok
16:14:57.0987 3344 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:14:58.0081 3344 TCPIP6 - ok
16:14:58.0143 3344 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:14:58.0206 3344 tcpipreg - ok
16:14:58.0284 3344 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:14:58.0331 3344 TDPIPE - ok
16:14:58.0377 3344 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:14:58.0424 3344 TDTCP - ok
16:14:58.0471 3344 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:14:58.0580 3344 tdx - ok
16:14:58.0611 3344 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:14:58.0658 3344 TermDD - ok
16:14:58.0752 3344 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:14:58.0877 3344 TermService - ok
16:14:58.0923 3344 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:14:58.0970 3344 Themes - ok
16:14:59.0001 3344 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:14:59.0095 3344 THREADORDER - ok
16:14:59.0173 3344 [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:14:59.0204 3344 TOSHIBA Bluetooth Service - ok
16:14:59.0251 3344 [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt C:\windows\system32\drivers\Toshidpt.sys
16:14:59.0282 3344 toshidpt - ok
16:14:59.0313 3344 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
16:14:59.0345 3344 tosporte - ok
16:14:59.0407 3344 [ B168B345FB7073930C31E0D8B85E8353 ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
16:14:59.0438 3344 tosrfbd - ok
16:14:59.0469 3344 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
16:14:59.0501 3344 tosrfbnp - ok
16:14:59.0547 3344 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
16:14:59.0579 3344 Tosrfcom - ok
16:14:59.0610 3344 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
16:14:59.0657 3344 Tosrfhid - ok
16:14:59.0703 3344 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
16:14:59.0735 3344 tosrfnds - ok
16:14:59.0766 3344 [ 8B877E24550E7962DA820C8C354EC33A ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
16:14:59.0813 3344 TosRfSnd - ok
16:14:59.0859 3344 [ 97529D04178BF604C62C5BE4B8BB2129 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
16:14:59.0891 3344 Tosrfusb - ok
16:14:59.0953 3344 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:15:00.0062 3344 TrkWks - ok
16:15:00.0140 3344 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:15:00.0249 3344 TrustedInstaller - ok
16:15:00.0296 3344 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:15:00.0374 3344 tssecsrv - ok
16:15:00.0405 3344 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:15:00.0437 3344 TsUsbFlt - ok
16:15:00.0499 3344 [ D7FD54EE56353C54F17F3534C3E70FF8 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:15:00.0530 3344 TuneUp.Defrag - ok
16:15:00.0608 3344 [ 3B1CFA983BF90C78D9BA215E030F110C ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:15:00.0686 3344 TuneUp.UtilitiesSvc - ok
16:15:00.0733 3344 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:15:00.0764 3344 TuneUpUtilitiesDrv - ok
16:15:00.0842 3344 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:15:00.0920 3344 tunnel - ok
16:15:00.0951 3344 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:15:01.0014 3344 uagp35 - ok
16:15:01.0076 3344 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:15:01.0170 3344 udfs - ok
16:15:01.0248 3344 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:15:01.0326 3344 UI0Detect - ok
16:15:01.0404 3344 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:15:01.0435 3344 uliagpkx - ok
16:15:01.0497 3344 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:15:01.0560 3344 umbus - ok
16:15:01.0607 3344 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:15:01.0669 3344 UmPass - ok
16:15:01.0716 3344 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:15:01.0825 3344 upnphost - ok
16:15:01.0887 3344 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:15:01.0934 3344 usbccgp - ok
16:15:01.0997 3344 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:15:02.0043 3344 usbcir - ok
16:15:02.0075 3344 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:15:02.0121 3344 usbehci - ok
16:15:02.0184 3344 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:15:02.0262 3344 usbhub - ok
16:15:02.0309 3344 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:15:02.0355 3344 usbohci - ok
16:15:02.0387 3344 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:15:02.0449 3344 usbprint - ok
16:15:02.0527 3344 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
16:15:02.0589 3344 usbscan - ok
16:15:02.0683 3344 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:15:02.0745 3344 USBSTOR - ok
16:15:02.0777 3344 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
16:15:02.0855 3344 usbuhci - ok
16:15:02.0933 3344 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:15:02.0995 3344 usbvideo - ok
16:15:03.0042 3344 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:15:03.0151 3344 UxSms - ok
16:15:03.0245 3344 [ 4AD719BE22DAB702DE1477D1017FF53F ] UxTuneUp C:\windows\System32\uxtuneup.dll
16:15:03.0276 3344 UxTuneUp - ok
16:15:03.0307 3344 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:15:03.0354 3344 VaultSvc - ok
16:15:03.0385 3344 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:15:03.0432 3344 vdrvroot - ok
16:15:03.0510 3344 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:15:03.0635 3344 vds - ok
16:15:03.0681 3344 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:15:03.0728 3344 vga - ok
16:15:03.0775 3344 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:15:03.0853 3344 VgaSave - ok
16:15:03.0900 3344 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:15:03.0947 3344 vhdmp - ok
16:15:03.0978 3344 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:15:04.0025 3344 viaagp - ok
16:15:04.0056 3344 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:15:04.0118 3344 ViaC7 - ok
16:15:04.0165 3344 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:15:04.0212 3344 viaide - ok
16:15:04.0243 3344 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:15:04.0290 3344 volmgr - ok
16:15:04.0337 3344 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:15:04.0383 3344 volmgrx - ok
16:15:04.0415 3344 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:15:04.0461 3344 volsnap - ok
16:15:04.0508 3344 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:15:04.0555 3344 vsmraid - ok
16:15:04.0649 3344 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:15:04.0789 3344 VSS - ok
16:15:04.0820 3344 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
16:15:04.0898 3344 vwifibus - ok
16:15:04.0961 3344 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:15:05.0070 3344 W32Time - ok
16:15:05.0148 3344 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:15:05.0179 3344 WacomPen - ok
16:15:05.0226 3344 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:15:05.0319 3344 WANARP - ok
16:15:05.0335 3344 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:15:05.0429 3344 Wanarpv6 - ok
16:15:05.0538 3344 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:15:05.0631 3344 WatAdminSvc - ok
16:15:05.0709 3344 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:15:05.0787 3344 wbengine - ok
16:15:05.0850 3344 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:15:05.0897 3344 WbioSrvc - ok
16:15:05.0959 3344 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:15:06.0006 3344 wcncsvc - ok
16:15:06.0037 3344 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:15:06.0115 3344 WcsPlugInService - ok
16:15:06.0177 3344 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:15:06.0209 3344 Wd - ok
16:15:06.0271 3344 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:15:06.0349 3344 Wdf01000 - ok
16:15:06.0380 3344 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:15:06.0443 3344 WdiServiceHost - ok
16:15:06.0458 3344 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:15:06.0521 3344 WdiSystemHost - ok
16:15:06.0599 3344 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:15:06.0661 3344 WebClient - ok
16:15:06.0708 3344 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:15:06.0817 3344 Wecsvc - ok
16:15:06.0848 3344 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:15:06.0957 3344 wercplsupport - ok
16:15:06.0989 3344 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:15:07.0113 3344 WerSvc - ok
16:15:07.0176 3344 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:15:07.0254 3344 WfpLwf - ok
16:15:07.0301 3344 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:15:07.0332 3344 WIMMount - ok
16:15:07.0441 3344 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:15:07.0535 3344 WinDefend - ok
16:15:07.0566 3344 WinHttpAutoProxySvc - ok
16:15:07.0659 3344 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:15:07.0737 3344 Winmgmt - ok
16:15:07.0831 3344 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:15:07.0956 3344 WinRM - ok
16:15:08.0127 3344 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:15:08.0190 3344 WinUsb - ok
16:15:08.0268 3344 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:15:08.0346 3344 Wlansvc - ok
16:15:08.0439 3344 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:15:08.0471 3344 wlcrasvc - ok
16:15:08.0611 3344 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:15:08.0720 3344 wlidsvc - ok
16:15:08.0767 3344 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:15:08.0829 3344 WmiAcpi - ok
16:15:08.0892 3344 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:15:08.0970 3344 wmiApSrv - ok
16:15:09.0095 3344 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:15:09.0188 3344 WMPNetworkSvc - ok
16:15:09.0235 3344 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:15:09.0313 3344 WPCSvc - ok
16:15:09.0360 3344 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:15:09.0422 3344 WPDBusEnum - ok
16:15:09.0469 3344 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:15:09.0563 3344 ws2ifsl - ok
16:15:09.0625 3344 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
16:15:09.0703 3344 wscsvc - ok
16:15:09.0719 3344 WSearch - ok
16:15:09.0859 3344 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:15:09.0984 3344 wuauserv - ok
16:15:10.0077 3344 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:15:10.0109 3344 WudfPf - ok
16:15:10.0140 3344 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:15:10.0171 3344 WUDFRd - ok
16:15:10.0202 3344 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:15:10.0265 3344 wudfsvc - ok
16:15:10.0311 3344 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:15:10.0405 3344 WwanSvc - ok
16:15:10.0514 3344 ================ Scan global ===============================
16:15:10.0577 3344 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:15:10.0623 3344 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:15:10.0655 3344 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:15:10.0701 3344 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:15:10.0764 3344 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:15:10.0779 3344 [Global] - ok
16:15:10.0779 3344 ================ Scan MBR ==================================
16:15:10.0795 3344 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:15:11.0091 3344 \Device\Harddisk0\DR0 - ok
16:15:11.0107 3344 ================ Scan VBR ==================================
16:15:11.0123 3344 [ 3EB8D73133C33668E78F5C4A967B680A ] \Device\Harddisk0\DR0\Partition1
16:15:11.0123 3344 \Device\Harddisk0\DR0\Partition1 - ok
16:15:11.0169 3344 [ F99BDA1E6F6FA2C6C7E8B56E3959AD46 ] \Device\Harddisk0\DR0\Partition2
16:15:11.0169 3344 \Device\Harddisk0\DR0\Partition2 - ok
16:15:11.0169 3344 ============================================================
16:15:11.0169 3344 Scan finished
16:15:11.0169 3344 ============================================================
16:15:11.0201 5364 Detected object count: 3
16:15:11.0201 5364 Actual detected object count: 3
16:15:30.0779 5364 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
16:15:30.0779 5364 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:15:30.0794 5364 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
16:15:30.0794 5364 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:15:30.0794 5364 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:15:30.0794 5364 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:15:36.0504 3612 =========================================================

Alt 20.12.2012, 15:43   #8
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Teil 2
Zitat:
===
16:15:36.0504 3612 Scan started
16:15:36.0504 3612 Mode: Manual; SigCheck; TDLFS;
16:15:36.0504 3612 ============================================================
16:15:37.0409 3612 ================ Scan system memory ========================
16:15:37.0409 3612 System memory - ok
16:15:37.0424 3612 ================ Scan services =============================
16:15:37.0627 3612 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:15:37.0705 3612 1394ohci - ok
16:15:37.0799 3612 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:15:37.0845 3612 ACDaemon - ok
16:15:37.0908 3612 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:15:37.0955 3612 ACPI - ok
16:15:38.0001 3612 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:15:38.0033 3612 AcpiPmi - ok
16:15:38.0142 3612 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:15:38.0173 3612 AdobeARMservice - ok
16:15:38.0235 3612 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:15:38.0267 3612 AdobeFlashPlayerUpdateSvc - ok
16:15:38.0313 3612 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:15:38.0423 3612 adp94xx - ok
16:15:38.0454 3612 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:15:38.0501 3612 adpahci - ok
16:15:38.0516 3612 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:15:38.0563 3612 adpu320 - ok
16:15:38.0625 3612 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:15:38.0672 3612 AeLookupSvc - ok
16:15:38.0719 3612 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
16:15:38.0766 3612 AFD - ok
16:15:38.0813 3612 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
16:15:38.0859 3612 agp440 - ok
16:15:38.0906 3612 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
16:15:38.0953 3612 aic78xx - ok
16:15:38.0984 3612 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
16:15:39.0031 3612 ALG - ok
16:15:39.0062 3612 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
16:15:39.0093 3612 aliide - ok
16:15:39.0140 3612 [ E3836DCF317E75D31698B0584DEEC313 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:15:39.0187 3612 AMD External Events Utility - ok
16:15:39.0234 3612 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
16:15:39.0265 3612 amdagp - ok
16:15:39.0296 3612 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
16:15:39.0343 3612 amdide - ok
16:15:39.0374 3612 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:15:39.0405 3612 AmdK8 - ok
16:15:39.0452 3612 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:15:39.0483 3612 AmdPPM - ok
16:15:39.0530 3612 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
16:15:39.0577 3612 amdsata - ok
16:15:39.0608 3612 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:15:39.0655 3612 amdsbs - ok
16:15:39.0671 3612 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:15:39.0717 3612 amdxata - ok
16:15:39.0780 3612 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
16:15:39.0842 3612 AppID - ok
16:15:39.0889 3612 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:15:39.0967 3612 AppIDSvc - ok
16:15:40.0029 3612 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
16:15:40.0107 3612 Appinfo - ok
16:15:40.0185 3612 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:15:40.0217 3612 Apple Mobile Device - ok
16:15:40.0263 3612 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
16:15:40.0310 3612 arc - ok
16:15:40.0326 3612 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:15:40.0373 3612 arcsas - ok
16:15:40.0419 3612 [ 857B48965A0503B7AB795D4BFE7CBD8B ] ArcSoftKsUFilter C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
16:15:40.0451 3612 ArcSoftKsUFilter - ok
16:15:40.0482 3612 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
16:15:40.0529 3612 aswFsBlk - ok
16:15:40.0560 3612 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
16:15:40.0591 3612 aswMonFlt - ok
16:15:40.0638 3612 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
16:15:40.0669 3612 aswRdr - ok
16:15:40.0731 3612 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
16:15:40.0794 3612 aswSnx - ok
16:15:40.0841 3612 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\windows\system32\drivers\aswSP.sys
16:15:40.0887 3612 aswSP - ok
16:15:40.0950 3612 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\windows\system32\drivers\aswTdi.sys
16:15:40.0981 3612 aswTdi - ok
16:15:40.0997 3612 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:15:41.0090 3612 AsyncMac - ok
16:15:41.0121 3612 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
16:15:41.0153 3612 atapi - ok
16:15:41.0340 3612 [ C17C77E84B11B5E01F32DD6B98930F36 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:15:41.0449 3612 atikmdag - ok
16:15:41.0574 3612 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:15:41.0636 3612 AudioEndpointBuilder - ok
16:15:41.0652 3612 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
16:15:41.0699 3612 Audiosrv - ok
16:15:41.0792 3612 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:15:41.0808 3612 avast! Antivirus - ok
16:15:41.0855 3612 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
16:15:41.0886 3612 AxInstSV - ok
16:15:41.0933 3612 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
16:15:41.0964 3612 b06bdrv - ok
16:15:41.0995 3612 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
16:15:42.0026 3612 b57nd60x - ok
16:15:42.0073 3612 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
16:15:42.0104 3612 BDESVC - ok
16:15:42.0120 3612 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
16:15:42.0182 3612 Beep - ok
16:15:42.0245 3612 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
16:15:42.0307 3612 BFE - ok
16:15:42.0338 3612 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
16:15:42.0401 3612 BITS - ok
16:15:42.0432 3612 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:15:42.0463 3612 blbdrive - ok
16:15:42.0525 3612 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:15:42.0557 3612 Bonjour Service - ok
16:15:42.0603 3612 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:15:42.0635 3612 bowser - ok
16:15:42.0681 3612 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:15:42.0713 3612 BrFiltLo - ok
16:15:42.0744 3612 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:15:42.0791 3612 BrFiltUp - ok
16:15:42.0837 3612 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
16:15:42.0900 3612 Browser - ok
16:15:42.0931 3612 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:15:42.0978 3612 Brserid - ok
16:15:43.0009 3612 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:15:43.0056 3612 BrSerWdm - ok
16:15:43.0071 3612 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:15:43.0118 3612 BrUsbMdm - ok
16:15:43.0134 3612 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:15:43.0181 3612 BrUsbSer - ok
16:15:43.0227 3612 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:15:43.0259 3612 BthEnum - ok
16:15:43.0274 3612 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:15:43.0290 3612 BTHMODEM - ok
16:15:43.0305 3612 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:15:43.0337 3612 BthPan - ok
16:15:43.0383 3612 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:15:43.0430 3612 BTHPORT - ok
16:15:43.0461 3612 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
16:15:43.0508 3612 bthserv - ok
16:15:43.0555 3612 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:15:43.0571 3612 BTHUSB - ok
16:15:43.0602 3612 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:15:43.0664 3612 cdfs - ok
16:15:43.0711 3612 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:15:43.0742 3612 cdrom - ok
16:15:43.0789 3612 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
16:15:43.0836 3612 CertPropSvc - ok
16:15:43.0851 3612 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:15:43.0883 3612 circlass - ok
16:15:43.0929 3612 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
16:15:43.0961 3612 CLFS - ok
16:15:44.0054 3612 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:15:44.0070 3612 clr_optimization_v2.0.50727_32 - ok
16:15:44.0179 3612 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:15:44.0195 3612 clr_optimization_v4.0.30319_32 - ok
16:15:44.0241 3612 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:15:44.0319 3612 CmBatt - ok
16:15:44.0382 3612 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
16:15:44.0413 3612 cmdide - ok
16:15:44.0491 3612 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\windows\system32\Drivers\cng.sys
16:15:44.0569 3612 CNG - ok
16:15:44.0600 3612 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:15:44.0647 3612 Compbatt - ok
16:15:44.0741 3612 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:15:44.0803 3612 CompositeBus - ok
16:15:44.0819 3612 COMSysApp - ok
16:15:44.0865 3612 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:15:44.0897 3612 crcdisk - ok
16:15:44.0943 3612 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
16:15:44.0975 3612 CryptSvc - ok
16:15:45.0053 3612 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
16:15:45.0115 3612 DcomLaunch - ok
16:15:45.0146 3612 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
16:15:45.0209 3612 defragsvc - ok
16:15:45.0255 3612 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:15:45.0318 3612 DfsC - ok
16:15:45.0380 3612 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
16:15:45.0411 3612 Dhcp - ok
16:15:45.0443 3612 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
16:15:45.0489 3612 discache - ok
16:15:45.0505 3612 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
16:15:45.0536 3612 Disk - ok
16:15:45.0567 3612 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:15:45.0599 3612 Dnscache - ok
16:15:45.0661 3612 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
16:15:45.0708 3612 dot3svc - ok
16:15:45.0755 3612 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
16:15:45.0801 3612 DPS - ok
16:15:45.0833 3612 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:15:45.0864 3612 drmkaud - ok
16:15:45.0895 3612 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:15:45.0942 3612 DXGKrnl - ok
16:15:45.0973 3612 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
16:15:46.0035 3612 EapHost - ok
16:15:46.0145 3612 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
16:15:46.0223 3612 ebdrv - ok
16:15:46.0269 3612 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
16:15:46.0301 3612 EFS - ok
16:15:46.0394 3612 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:15:46.0457 3612 ehRecvr - ok
16:15:46.0488 3612 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
16:15:46.0535 3612 ehSched - ok
16:15:46.0597 3612 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:15:46.0659 3612 elxstor - ok
16:15:46.0691 3612 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
16:15:46.0722 3612 ErrDev - ok
16:15:46.0769 3612 [ 7B7E380B39F182E597DF78DC16FA08AE ] ETD C:\windows\system32\DRIVERS\ETD.sys
16:15:46.0815 3612 ETD - ok
16:15:46.0862 3612 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
16:15:46.0956 3612 EventSystem - ok
16:15:47.0018 3612 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
16:15:47.0096 3612 exfat - ok
16:15:47.0112 3612 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
16:15:47.0205 3612 fastfat - ok
16:15:47.0268 3612 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
16:15:47.0299 3612 Fax - ok
16:15:47.0315 3612 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:15:47.0346 3612 fdc - ok
16:15:47.0377 3612 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
16:15:47.0439 3612 fdPHost - ok
16:15:47.0455 3612 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
16:15:47.0517 3612 FDResPub - ok
16:15:47.0533 3612 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:15:47.0564 3612 FileInfo - ok
16:15:47.0580 3612 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:15:47.0642 3612 Filetrace - ok
16:15:47.0673 3612 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:15:47.0705 3612 flpydisk - ok
16:15:47.0736 3612 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:15:47.0767 3612 FltMgr - ok
16:15:47.0814 3612 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
16:15:47.0861 3612 FontCache - ok
16:15:47.0907 3612 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:15:47.0923 3612 FontCache3.0.0.0 - ok
16:15:47.0954 3612 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:15:47.0985 3612 FsDepends - ok
16:15:48.0032 3612 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
16:15:48.0048 3612 fssfltr - ok
16:15:48.0157 3612 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
16:15:48.0204 3612 fsssvc - ok
16:15:48.0266 3612 [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk C:\windows\system32\FsUsbExDisk.SYS
16:15:48.0297 3612 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
16:15:48.0297 3612 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
16:15:48.0360 3612 [ 96633419F4A1E37ACB89B45EBCCFE001 ] FsUsbExService C:\windows\system32\FsUsbExService.Exe
16:15:48.0391 3612 FsUsbExService - ok
16:15:48.0453 3612 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:15:48.0485 3612 Fs_Rec - ok
16:15:48.0547 3612 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:15:48.0609 3612 fvevol - ok
16:15:48.0641 3612 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:15:48.0687 3612 gagp30kx - ok
16:15:48.0734 3612 [ 5AE3A887ECE5BBB72CFAB273C2FD1CFA ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
16:15:48.0765 3612 GEARAspiWDM - ok
16:15:48.0812 3612 [ 483924F92E55A5F9423201EC635E2CED ] gfibto C:\windows\system32\drivers\gfibto.sys
16:15:48.0843 3612 gfibto - ok
16:15:48.0906 3612 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
16:15:48.0999 3612 gpsvc - ok
16:15:49.0031 3612 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:15:49.0077 3612 hcw85cir - ok
16:15:49.0124 3612 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:15:49.0187 3612 HdAudAddService - ok
16:15:49.0218 3612 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:15:49.0265 3612 HDAudBus - ok
16:15:49.0311 3612 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:15:49.0358 3612 HidBatt - ok
16:15:49.0374 3612 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:15:49.0436 3612 HidBth - ok
16:15:49.0452 3612 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:15:49.0499 3612 HidIr - ok
16:15:49.0530 3612 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
16:15:49.0608 3612 hidserv - ok
16:15:49.0655 3612 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\drivers\hidusb.sys
16:15:49.0686 3612 HidUsb - ok
16:15:49.0748 3612 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
16:15:49.0795 3612 hkmsvc - ok
16:15:49.0811 3612 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:15:49.0857 3612 HomeGroupListener - ok
16:15:49.0904 3612 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:15:49.0951 3612 HomeGroupProvider - ok
16:15:49.0982 3612 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:15:49.0998 3612 HpSAMD - ok
16:15:50.0076 3612 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:15:50.0123 3612 HTTP - ok
16:15:50.0169 3612 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:15:50.0201 3612 hwpolicy - ok
16:15:50.0232 3612 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
16:15:50.0263 3612 i8042prt - ok
16:15:50.0325 3612 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
16:15:50.0357 3612 IAANTMON - ok
16:15:50.0372 3612 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:15:50.0403 3612 iaStor - ok
16:15:50.0450 3612 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:15:50.0481 3612 iaStorV - ok
16:15:50.0575 3612 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:15:50.0622 3612 idsvc - ok
16:15:50.0669 3612 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:15:50.0700 3612 iirsp - ok
16:15:50.0778 3612 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
16:15:50.0871 3612 IKEEXT - ok
16:15:50.0996 3612 [ 3E604ED68432EBC4EFC1063342E7070B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
16:15:51.0137 3612 IntcAzAudAddService - ok
16:15:51.0168 3612 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
16:15:51.0199 3612 intelide - ok
16:15:51.0246 3612 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:15:51.0277 3612 intelppm - ok
16:15:51.0308 3612 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:15:51.0371 3612 IPBusEnum - ok
16:15:51.0386 3612 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:15:51.0449 3612 IpFilterDriver - ok
16:15:51.0495 3612 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:15:51.0542 3612 iphlpsvc - ok
16:15:51.0573 3612 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:15:51.0605 3612 IPMIDRV - ok
16:15:51.0636 3612 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:15:51.0698 3612 IPNAT - ok
16:15:51.0776 3612 [ 178FE38B7740F598391EB2F51AE4CCAC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:15:51.0823 3612 iPod Service - ok
16:15:51.0854 3612 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
16:15:51.0885 3612 IRENUM - ok
16:15:51.0917 3612 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:15:51.0932 3612 isapnp - ok
16:15:51.0963 3612 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:15:51.0995 3612 iScsiPrt - ok
16:15:52.0026 3612 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:15:52.0057 3612 kbdclass - ok
16:15:52.0088 3612 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:15:52.0104 3612 kbdhid - ok
16:15:52.0135 3612 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
16:15:52.0166 3612 KeyIso - ok
16:15:52.0197 3612 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:15:52.0229 3612 KSecDD - ok
16:15:52.0275 3612 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:15:52.0307 3612 KSecPkg - ok
16:15:52.0353 3612 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
16:15:52.0416 3612 KtmRm - ok
16:15:52.0431 3612 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
16:15:52.0494 3612 LanmanServer - ok
16:15:52.0541 3612 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:15:52.0619 3612 LanmanWorkstation - ok
16:15:52.0650 3612 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:15:52.0697 3612 lltdio - ok
16:15:52.0728 3612 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
16:15:52.0790 3612 lltdsvc - ok
16:15:52.0806 3612 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
16:15:52.0853 3612 lmhosts - ok
16:15:52.0899 3612 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:15:52.0915 3612 LSI_FC - ok
16:15:52.0931 3612 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:15:52.0962 3612 LSI_SAS - ok
16:15:52.0977 3612 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:15:53.0009 3612 LSI_SAS2 - ok
16:15:53.0009 3612 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:15:53.0040 3612 LSI_SCSI - ok
16:15:53.0055 3612 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
16:15:53.0102 3612 luafv - ok
16:15:53.0149 3612 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:15:53.0180 3612 Mcx2Svc - ok
16:15:53.0180 3612 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:15:53.0211 3612 megasas - ok
16:15:53.0243 3612 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:15:53.0274 3612 MegaSR - ok
16:15:53.0336 3612 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\Program Files\System Control Manager\MSIService.exe
16:15:53.0352 3612 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
16:15:53.0352 3612 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
16:15:53.0414 3612 Microsoft SharePoint Workspace Audit Service - ok
16:15:53.0461 3612 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
16:15:53.0539 3612 MMCSS - ok
16:15:53.0555 3612 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
16:15:53.0648 3612 Modem - ok
16:15:53.0695 3612 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:15:53.0742 3612 monitor - ok
16:15:53.0789 3612 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\drivers\mouclass.sys
16:15:53.0820 3612 mouclass - ok
16:15:53.0851 3612 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:15:53.0898 3612 mouhid - ok
16:15:53.0960 3612 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:15:53.0992 3612 mountmgr - ok
16:15:54.0054 3612 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:15:54.0085 3612 MozillaMaintenance - ok
16:15:54.0148 3612 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
16:15:54.0179 3612 mpio - ok
16:15:54.0241 3612 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:15:54.0319 3612 mpsdrv - ok
16:15:54.0397 3612 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
16:15:54.0506 3612 MpsSvc - ok
16:15:54.0553 3612 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:15:54.0600 3612 MRxDAV - ok
16:15:54.0662 3612 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:15:54.0694 3612 mrxsmb - ok
16:15:54.0740 3612 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:15:54.0803 3612 mrxsmb10 - ok
16:15:54.0834 3612 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:15:54.0881 3612 mrxsmb20 - ok
16:15:54.0912 3612 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
16:15:54.0943 3612 msahci - ok
16:15:54.0990 3612 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:15:55.0037 3612 msdsm - ok
16:15:55.0084 3612 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
16:15:55.0130 3612 MSDTC - ok
16:15:55.0193 3612 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
16:15:55.0271 3612 Msfs - ok
16:15:55.0302 3612 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:15:55.0380 3612 mshidkmdf - ok
16:15:55.0411 3612 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:15:55.0427 3612 msisadrv - ok
16:15:55.0474 3612 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:15:55.0520 3612 MSiSCSI - ok
16:15:55.0536 3612 msiserver - ok
16:15:55.0552 3612 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:15:55.0614 3612 MSKSSRV - ok
16:15:55.0614 3612 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:15:55.0676 3612 MSPCLOCK - ok
16:15:55.0692 3612 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:15:55.0739 3612 MSPQM - ok
16:15:55.0770 3612 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:15:55.0801 3612 MsRPC - ok
16:15:55.0832 3612 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:15:55.0864 3612 mssmbios - ok
16:15:55.0895 3612 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:15:55.0942 3612 MSTEE - ok
16:15:55.0957 3612 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:15:55.0988 3612 MTConfig - ok
16:15:56.0004 3612 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
16:15:56.0035 3612 Mup - ok
16:15:56.0082 3612 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
16:15:56.0144 3612 napagent - ok
16:15:56.0176 3612 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:15:56.0222 3612 NativeWifiP - ok
16:15:56.0269 3612 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
16:15:56.0316 3612 NDIS - ok
16:15:56.0347 3612 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:15:56.0394 3612 NdisCap - ok
16:15:56.0425 3612 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:15:56.0472 3612 NdisTapi - ok
16:15:56.0534 3612 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:15:56.0581 3612 Ndisuio - ok
16:15:56.0644 3612 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:15:56.0706 3612 NdisWan - ok
16:15:56.0753 3612 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:15:56.0800 3612 NDProxy - ok
16:15:56.0831 3612 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:15:56.0893 3612 NetBIOS - ok
16:15:56.0940 3612 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:15:57.0002 3612 NetBT - ok
16:15:57.0018 3612 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
16:15:57.0049 3612 Netlogon - ok
16:15:57.0080 3612 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
16:15:57.0143 3612 Netman - ok
16:15:57.0174 3612 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
16:15:57.0236 3612 netprofm - ok
16:15:57.0299 3612 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:15:57.0330 3612 NetTcpPortSharing - ok
16:15:57.0455 3612 [ AF1AE2E42B03395560B1CDE03230205C ] NETw5v32 C:\windows\system32\DRIVERS\NETw5v32.sys
16:15:57.0564 3612 NETw5v32 - ok
16:15:57.0658 3612 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:15:57.0689 3612 nfrd960 - ok
16:15:57.0720 3612 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
16:15:57.0767 3612 NlaSvc - ok
16:15:57.0782 3612 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
16:15:57.0845 3612 Npfs - ok
16:15:57.0876 3612 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
16:15:57.0938 3612 nsi - ok
16:15:57.0970 3612 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:15:58.0016 3612 nsiproxy - ok
16:15:58.0094 3612 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:15:58.0172 3612 Ntfs - ok
16:15:58.0204 3612 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
16:15:58.0282 3612 Null - ok
16:15:58.0328 3612 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
16:15:58.0344 3612 nvraid - ok
16:15:58.0391 3612 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
16:15:58.0422 3612 nvstor - ok
16:15:58.0453 3612 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:15:58.0484 3612 nv_agp - ok
16:15:58.0516 3612 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:15:58.0547 3612 ohci1394 - ok
16:15:58.0609 3612 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:15:58.0640 3612 ose - ok
16:15:58.0828 3612 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:15:59.0046 3612 osppsvc - ok
16:15:59.0124 3612 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:15:59.0171 3612 p2pimsvc - ok
16:15:59.0233 3612 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
16:15:59.0280 3612 p2psvc - ok
16:15:59.0327 3612 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:15:59.0374 3612 Parport - ok
16:15:59.0420 3612 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
16:15:59.0452 3612 partmgr - ok
16:15:59.0498 3612 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
16:15:59.0545 3612 Parvdm - ok
16:15:59.0576 3612 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
16:15:59.0639 3612 PcaSvc - ok
16:15:59.0701 3612 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
16:15:59.0748 3612 pci - ok
16:15:59.0795 3612 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
16:15:59.0842 3612 pciide - ok
16:15:59.0888 3612 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:15:59.0935 3612 pcmcia - ok
16:15:59.0966 3612 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
16:16:00.0013 3612 pcw - ok
16:16:00.0060 3612 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:16:00.0154 3612 PEAUTH - ok
16:16:00.0310 3612 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
16:16:00.0388 3612 pla - ok
16:16:00.0434 3612 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:16:00.0466 3612 PlugPlay - ok
16:16:00.0497 3612 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:16:00.0528 3612 PNRPAutoReg - ok
16:16:00.0559 3612 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:16:00.0606 3612 PNRPsvc - ok
16:16:00.0684 3612 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:16:00.0731 3612 PolicyAgent - ok
16:16:00.0793 3612 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
16:16:00.0856 3612 Power - ok
16:16:00.0887 3612 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:16:00.0949 3612 PptpMiniport - ok
16:16:00.0965 3612 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
16:16:00.0996 3612 Processor - ok
16:16:01.0043 3612 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
16:16:01.0074 3612 ProfSvc - ok
16:16:01.0105 3612 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
16:16:01.0136 3612 ProtectedStorage - ok
16:16:01.0168 3612 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:16:01.0230 3612 Psched - ok
16:16:01.0277 3612 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:16:01.0292 3612 PSI_SVC_2 - ok
16:16:01.0355 3612 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:16:01.0417 3612 ql2300 - ok
16:16:01.0448 3612 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:16:01.0480 3612 ql40xx - ok
16:16:01.0526 3612 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
16:16:01.0573 3612 QWAVE - ok
16:16:01.0589 3612 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:16:01.0620 3612 QWAVEdrv - ok
16:16:01.0651 3612 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:16:01.0714 3612 RasAcd - ok
16:16:01.0745 3612 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:16:01.0807 3612 RasAgileVpn - ok
16:16:01.0823 3612 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
16:16:01.0885 3612 RasAuto - ok
16:16:01.0916 3612 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:16:01.0979 3612 Rasl2tp - ok
16:16:02.0041 3612 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
16:16:02.0088 3612 RasMan - ok
16:16:02.0104 3612 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:16:02.0166 3612 RasPppoe - ok
16:16:02.0182 3612 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:16:02.0228 3612 RasSstp - ok
16:16:02.0291 3612 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:16:02.0338 3612 rdbss - ok
16:16:02.0369 3612 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:16:02.0400 3612 rdpbus - ok
16:16:02.0447 3612 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:16:02.0509 3612 RDPCDD - ok
16:16:02.0525 3612 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:16:02.0572 3612 RDPENCDD - ok
16:16:02.0603 3612 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:16:02.0650 3612 RDPREFMP - ok
16:16:02.0696 3612 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:16:02.0712 3612 RdpVideoMiniport - ok
16:16:02.0774 3612 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:16:02.0806 3612 RDPWD - ok
16:16:02.0852 3612 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:16:02.0884 3612 rdyboost - ok
16:16:02.0915 3612 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
16:16:02.0962 3612 RemoteAccess - ok
16:16:03.0008 3612 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:16:03.0071 3612 RemoteRegistry - ok
16:16:03.0118 3612 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:16:03.0149 3612 RFCOMM - ok
16:16:03.0180 3612 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:16:03.0227 3612 RpcEptMapper - ok
16:16:03.0274 3612 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
16:16:03.0305 3612 RpcLocator - ok
16:16:03.0336 3612 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
16:16:03.0398 3612 RpcSs - ok
16:16:03.0430 3612 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:16:03.0476 3612 rspndr - ok
16:16:03.0492 3612 [ 96F8DD546677AA5102150ACC140377B3 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
16:16:03.0523 3612 RSUSBSTOR - ok
16:16:03.0539 3612 [ 87407B31EA6FF0DC4765258164B98BEA ] RTHDMIAzAudService C:\windows\system32\drivers\RtHDMIV.sys
16:16:03.0554 3612 RTHDMIAzAudService - ok
16:16:03.0601 3612 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
16:16:03.0632 3612 RTL8167 - ok
16:16:03.0648 3612 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
16:16:03.0679 3612 SamSs - ok
16:16:03.0726 3612 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:16:03.0742 3612 sbp2port - ok
16:16:03.0788 3612 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
16:16:03.0851 3612 SCardSvr - ok
16:16:03.0913 3612 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:16:03.0960 3612 scfilter - ok
16:16:04.0022 3612 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
16:16:04.0085 3612 Schedule - ok
16:16:04.0116 3612 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
16:16:04.0163 3612 SCPolicySvc - ok
16:16:04.0194 3612 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\windows\system32\drivers\sdbus.sys
16:16:04.0241 3612 sdbus - ok
16:16:04.0303 3612 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:16:04.0334 3612 SDRSVC - ok
16:16:04.0397 3612 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
16:16:04.0444 3612 SeaPort - ok
16:16:04.0490 3612 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:16:04.0568 3612 secdrv - ok
16:16:04.0615 3612 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
16:16:04.0709 3612 seclogon - ok
16:16:04.0740 3612 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
16:16:04.0834 3612 SENS - ok
16:16:04.0865 3612 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
16:16:04.0912 3612 SensrSvc - ok
16:16:04.0943 3612 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:16:04.0990 3612 Serenum - ok
16:16:05.0005 3612 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:16:05.0036 3612 Serial - ok
16:16:05.0068 3612 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:16:05.0083 3612 sermouse - ok
16:16:05.0161 3612 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
16:16:05.0224 3612 SessionEnv - ok
16:16:05.0255 3612 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:16:05.0286 3612 sffdisk - ok
16:16:05.0302 3612 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:16:05.0333 3612 sffp_mmc - ok
16:16:05.0364 3612 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:16:05.0380 3612 sffp_sd - ok
16:16:05.0411 3612 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:16:05.0426 3612 sfloppy - ok
16:16:05.0473 3612 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
16:16:05.0536 3612 SharedAccess - ok
16:16:05.0598 3612 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:16:05.0660 3612 ShellHWDetection - ok
16:16:05.0692 3612 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
16:16:05.0707 3612 sisagp - ok
16:16:05.0738 3612 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:16:05.0770 3612 SiSRaid2 - ok
16:16:05.0785 3612 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:16:05.0801 3612 SiSRaid4 - ok
16:16:05.0863 3612 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:16:05.0879 3612 SkypeUpdate - ok
16:16:05.0894 3612 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
16:16:05.0941 3612 Smb - ok
16:16:05.0988 3612 [ 19301C27F3425DC39F6C599F527E507D ] smserial C:\windows\system32\DRIVERS\smserial.sys
16:16:06.0035 3612 smserial - ok
16:16:06.0082 3612 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:16:06.0113 3612 SNMPTRAP - ok
16:16:06.0128 3612 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
16:16:06.0144 3612 spldr - ok
16:16:06.0206 3612 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
16:16:06.0238 3612 Spooler - ok
16:16:06.0362 3612 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
16:16:06.0456 3612 sppsvc - ok
16:16:06.0581 3612 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:16:06.0628 3612 sppuinotify - ok
16:16:06.0706 3612 [ A80CD850D69D996C832BEA37E3A6AA1E ] sptd C:\windows\system32\Drivers\sptd.sys
16:16:06.0706 3612 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: A80CD850D69D996C832BEA37E3A6AA1E
16:16:06.0706 3612 sptd ( LockedFile.Multi.Generic ) - warning
16:16:06.0706 3612 sptd - detected LockedFile.Multi.Generic (1)
16:16:06.0768 3612 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
16:16:06.0830 3612 srv - ok
16:16:06.0862 3612 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:16:06.0908 3612 srv2 - ok
16:16:06.0940 3612 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:16:06.0986 3612 srvnet - ok
16:16:07.0033 3612 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:16:07.0127 3612 SSDPSRV - ok
16:16:07.0158 3612 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
16:16:07.0252 3612 SstpSvc - ok
16:16:07.0298 3612 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\windows\system32\DRIVERS\ss_bbus.sys
16:16:07.0330 3612 ss_bbus - ok
16:16:07.0376 3612 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\windows\system32\DRIVERS\ss_bmdfl.sys
16:16:07.0423 3612 ss_bmdfl - ok
16:16:07.0454 3612 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\windows\system32\DRIVERS\ss_bmdm.sys
16:16:07.0486 3612 ss_bmdm - ok
16:16:07.0532 3612 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:16:07.0579 3612 stexstor - ok
16:16:07.0642 3612 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
16:16:07.0720 3612 StiSvc - ok
16:16:07.0766 3612 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
16:16:07.0813 3612 swenum - ok
16:16:07.0844 3612 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
16:16:07.0954 3612 swprv - ok
16:16:08.0094 3612 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
16:16:08.0188 3612 SysMain - ok
16:16:08.0266 3612 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
16:16:08.0328 3612 TabletInputService - ok
16:16:08.0390 3612 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
16:16:08.0484 3612 TapiSrv - ok
16:16:08.0531 3612 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
16:16:08.0609 3612 TBS - ok
16:16:08.0671 3612 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:16:08.0734 3612 Tcpip - ok
16:16:08.0765 3612 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:16:08.0827 3612 TCPIP6 - ok
16:16:08.0874 3612 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:16:08.0890 3612 tcpipreg - ok
16:16:08.0952 3612 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:16:08.0983 3612 TDPIPE - ok
16:16:09.0030 3612 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:16:09.0046 3612 TDTCP - ok
16:16:09.0108 3612 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:16:09.0155 3612 tdx - ok
16:16:09.0186 3612 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
16:16:09.0217 3612 TermDD - ok
16:16:09.0295 3612 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
16:16:09.0358 3612 TermService - ok
16:16:09.0389 3612 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
16:16:09.0420 3612 Themes - ok
16:16:09.0451 3612 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
16:16:09.0498 3612 THREADORDER - ok
16:16:09.0545 3612 [ AC88D258F20909EEB91796F490CFBB73 ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
16:16:09.0592 3612 TOSHIBA Bluetooth Service - ok
16:16:09.0607 3612 [ 85B6FF02491B6DB3572B4F93E56CAB7C ] toshidpt C:\windows\system32\drivers\Toshidpt.sys
16:16:09.0638 3612 toshidpt - ok
16:16:09.0670 3612 [ 90AFA1A4451BBBEE87C9F18A665D8121 ] tosporte C:\windows\system32\DRIVERS\tosporte.sys
16:16:09.0685 3612 tosporte - ok
16:16:09.0732 3612 [ B168B345FB7073930C31E0D8B85E8353 ] tosrfbd C:\windows\system32\DRIVERS\tosrfbd.sys
16:16:09.0748 3612 tosrfbd - ok
16:16:09.0763 3612 [ 74392BAB3F0D4810DA8436EC79D6955D ] tosrfbnp C:\windows\system32\Drivers\tosrfbnp.sys
16:16:09.0794 3612 tosrfbnp - ok
16:16:09.0810 3612 [ 1AD9EB1B5ABD0AEEE4084C8153476F1E ] Tosrfcom C:\windows\system32\Drivers\tosrfcom.sys
16:16:09.0826 3612 Tosrfcom - ok
16:16:09.0857 3612 [ A72A3473180F378CC07D342803FFD580 ] Tosrfhid C:\windows\system32\DRIVERS\Tosrfhid.sys
16:16:09.0872 3612 Tosrfhid - ok
16:16:09.0904 3612 [ B2A1A6538245FD69578224BBF2FD4677 ] tosrfnds C:\windows\system32\DRIVERS\tosrfnds.sys
16:16:09.0919 3612 tosrfnds - ok
16:16:09.0935 3612 [ 8B877E24550E7962DA820C8C354EC33A ] TosRfSnd C:\windows\system32\drivers\tosrfsnd.sys
16:16:09.0966 3612 TosRfSnd - ok
16:16:09.0997 3612 [ 97529D04178BF604C62C5BE4B8BB2129 ] Tosrfusb C:\windows\system32\DRIVERS\tosrfusb.sys
16:16:10.0013 3612 Tosrfusb - ok
16:16:10.0044 3612 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
16:16:10.0106 3612 TrkWks - ok
16:16:10.0200 3612 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:16:10.0262 3612 TrustedInstaller - ok
16:16:10.0294 3612 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:16:10.0387 3612 tssecsrv - ok
16:16:10.0434 3612 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:16:10.0481 3612 TsUsbFlt - ok
16:16:10.0543 3612 [ D7FD54EE56353C54F17F3534C3E70FF8 ] TuneUp.Defrag C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
16:16:10.0590 3612 TuneUp.Defrag - ok
16:16:10.0668 3612 [ 3B1CFA983BF90C78D9BA215E030F110C ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
16:16:10.0746 3612 TuneUp.UtilitiesSvc - ok
16:16:10.0840 3612 [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys
16:16:10.0871 3612 TuneUpUtilitiesDrv - ok
16:16:10.0933 3612 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:16:11.0011 3612 tunnel - ok
16:16:11.0058 3612 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:16:11.0089 3612 uagp35 - ok
16:16:11.0152 3612 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:16:11.0230 3612 udfs - ok
16:16:11.0354 3612 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:16:11.0401 3612 UI0Detect - ok
16:16:11.0448 3612 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:16:11.0510 3612 uliagpkx - ok
16:16:11.0542 3612 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
16:16:11.0588 3612 umbus - ok
16:16:11.0620 3612 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:16:11.0651 3612 UmPass - ok
16:16:11.0698 3612 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
16:16:11.0807 3612 upnphost - ok
16:16:11.0869 3612 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:16:11.0900 3612 usbccgp - ok
16:16:11.0947 3612 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:16:11.0994 3612 usbcir - ok
16:16:12.0041 3612 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
16:16:12.0088 3612 usbehci - ok
16:16:12.0134 3612 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:16:12.0181 3612 usbhub - ok
16:16:12.0228 3612 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
16:16:12.0275 3612 usbohci - ok
16:16:12.0306 3612 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:16:12.0368 3612 usbprint - ok
16:16:12.0415 3612 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
16:16:12.0462 3612 usbscan - ok
16:16:12.0524 3612 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:16:12.0571 3612 USBSTOR - ok
16:16:12.0602 3612 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
16:16:12.0649 3612 usbuhci - ok
16:16:12.0696 3612 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:16:12.0743 3612 usbvideo - ok
16:16:12.0790 3612 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
16:16:12.0883 3612 UxSms - ok
16:16:12.0946 3612 [ 4AD719BE22DAB702DE1477D1017FF53F ] UxTuneUp C:\windows\System32\uxtuneup.dll
16:16:12.0977 3612 UxTuneUp - ok
16:16:13.0024 3612 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
16:16:13.0070 3612 VaultSvc - ok
16:16:13.0102 3612 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:16:13.0133 3612 vdrvroot - ok
16:16:13.0211 3612 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
16:16:13.0304 3612 vds - ok
16:16:13.0351 3612 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:16:13.0398 3612 vga - ok
16:16:13.0429 3612 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
16:16:13.0507 3612 VgaSave - ok
16:16:13.0554 3612 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:16:13.0601 3612 vhdmp - ok
16:16:13.0648 3612 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
16:16:13.0679 3612 viaagp - ok
16:16:13.0710 3612 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
16:16:13.0757 3612 ViaC7 - ok
16:16:13.0804 3612 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
16:16:13.0850 3612 viaide - ok
16:16:13.0882 3612 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:16:13.0928 3612 volmgr - ok
16:16:13.0975 3612 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:16:14.0022 3612 volmgrx - ok
16:16:14.0069 3612 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
16:16:14.0116 3612 volsnap - ok
16:16:14.0147 3612 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:16:14.0194 3612 vsmraid - ok
16:16:14.0272 3612 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
16:16:14.0334 3612 VSS - ok
16:16:14.0365 3612 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
16:16:14.0396 3612 vwifibus - ok
16:16:14.0443 3612 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
16:16:14.0506 3612 W32Time - ok
16:16:14.0552 3612 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:16:14.0584 3612 WacomPen - ok
16:16:14.0615 3612 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:16:14.0662 3612 WANARP - ok
16:16:14.0693 3612 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:16:14.0755 3612 Wanarpv6 - ok
16:16:14.0818 3612 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:16:14.0880 3612 WatAdminSvc - ok
16:16:14.0942 3612 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
16:16:15.0005 3612 wbengine - ok
16:16:15.0052 3612 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:16:15.0083 3612 WbioSrvc - ok
16:16:15.0145 3612 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
16:16:15.0192 3612 wcncsvc - ok
16:16:15.0208 3612 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:16:15.0254 3612 WcsPlugInService - ok
16:16:15.0286 3612 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
16:16:15.0317 3612 Wd - ok
16:16:15.0364 3612 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:16:15.0410 3612 Wdf01000 - ok
16:16:15.0442 3612 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
16:16:15.0473 3612 WdiServiceHost - ok
16:16:15.0488 3612 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
16:16:15.0535 3612 WdiSystemHost - ok
16:16:15.0582 3612 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
16:16:15.0629 3612 WebClient - ok
16:16:15.0660 3612 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
16:16:15.0722 3612 Wecsvc - ok
16:16:15.0754 3612 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
16:16:15.0800 3612 wercplsupport - ok
16:16:15.0816 3612 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
16:16:15.0894 3612 WerSvc - ok
16:16:15.0925 3612 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:16:15.0972 3612 WfpLwf - ok
16:16:16.0003 3612 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:16:16.0034 3612 WIMMount - ok
16:16:16.0112 3612 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:16:16.0159 3612 WinDefend - ok
16:16:16.0175 3612 WinHttpAutoProxySvc - ok
16:16:16.0253 3612 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:16:16.0300 3612 Winmgmt - ok
16:16:16.0378 3612 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
16:16:16.0487 3612 WinRM - ok
16:16:16.0565 3612 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:16:16.0612 3612 WinUsb - ok
16:16:16.0674 3612 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
16:16:16.0768 3612 Wlansvc - ok
16:16:16.0846 3612 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:16:16.0877 3612 wlcrasvc - ok
16:16:17.0002 3612 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:16:17.0095 3612 wlidsvc - ok
16:16:17.0158 3612 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:16:17.0189 3612 WmiAcpi - ok
16:16:17.0251 3612 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:16:17.0282 3612 wmiApSrv - ok
16:16:17.0376 3612 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:16:17.0438 3612 WMPNetworkSvc - ok
16:16:17.0470 3612 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
16:16:17.0532 3612 WPCSvc - ok
16:16:17.0579 3612 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:16:17.0641 3612 WPDBusEnum - ok
16:16:17.0688 3612 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:16:17.0766 3612 ws2ifsl - ok
16:16:17.0813 3612 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
16:16:17.0875 3612 wscsvc - ok
16:16:17.0891 3612 WSearch - ok
16:16:18.0031 3612 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
16:16:18.0187 3612 wuauserv - ok
16:16:18.0265 3612 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:16:18.0296 3612 WudfPf - ok
16:16:18.0328 3612 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:16:18.0359 3612 WUDFRd - ok
16:16:18.0390 3612 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:16:18.0421 3612 wudfsvc - ok
16:16:18.0468 3612 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
16:16:18.0515 3612 WwanSvc - ok
16:16:18.0546 3612 ================ Scan global ===============================
16:16:18.0593 3612 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
16:16:18.0624 3612 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:16:18.0655 3612 [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\windows\system32\winsrv.dll
16:16:18.0702 3612 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
16:16:18.0733 3612 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
16:16:18.0749 3612 [Global] - ok
16:16:18.0749 3612 ================ Scan MBR ==================================
16:16:18.0764 3612 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:16:19.0045 3612 \Device\Harddisk0\DR0 - ok
16:16:19.0061 3612 ================ Scan VBR ==================================
16:16:19.0076 3612 [ 3EB8D73133C33668E78F5C4A967B680A ] \Device\Harddisk0\DR0\Partition1
16:16:19.0076 3612 \Device\Harddisk0\DR0\Partition1 - ok
16:16:19.0123 3612 [ F99BDA1E6F6FA2C6C7E8B56E3959AD46 ] \Device\Harddisk0\DR0\Partition2
16:16:19.0123 3612 \Device\Harddisk0\DR0\Partition2 - ok
16:16:19.0139 3612 ============================================================
16:16:19.0139 3612 Scan finished
16:16:19.0139 3612 ============================================================
16:16:19.0154 3580 Detected object count: 3
16:16:19.0154 3580 Actual detected object count: 3

Alt 20.12.2012, 15:44   #9
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hi,
combofix:
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.12.2012, 16:04   #10
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Jetzt hab ich mein Virenprogramm ausgeschaltet und scan gestartet, doch jetzt zeit er mir an das Norton 360 Online noch aktiv ist, jedoch hab ich das Programm schon vor einigen Tagen vom Pc geschmissen. Trotzdem weiter machen?

Alt 20.12.2012, 16:09   #11
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Jepp, trotzdem weiter bitte.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.12.2012, 16:50   #12
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Teil 1
Combofix Logfile:
Code:
ATTFilter
ComboFix 12-12-20.02 - Pinky 20.12.2012  17:28:05.1.1 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3071.1954 [GMT 1:00]
ausgeführt von:: c:\users\Pinky\Desktop\ComboFix.exe
AV: Norton 360 Online *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Online *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Online *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Windows Searchqu Toolbar
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe
c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe
c:\programdata\454541F5D4.sys
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-20 bis 2012-12-20  ))))))))))))))))))))))))))))))
.
.
2012-12-20 16:39 . 2012-12-20 16:39	--------	d-----w-	c:\users\Pinky\AppData\Local\temp
2012-12-20 16:39 . 2012-12-20 16:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-13 10:07 . 2012-10-30 22:51	361032	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-12-13 10:07 . 2012-10-30 22:51	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-12-13 10:07 . 2012-10-15 16:59	44784	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-12-13 10:07 . 2012-10-30 22:51	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-12-13 10:07 . 2012-10-30 22:51	738504	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-12-13 10:07 . 2012-10-30 22:51	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-12-13 10:06 . 2012-10-30 22:51	41224	----a-w-	c:\windows\avastSS.scr
2012-12-13 10:06 . 2012-10-30 22:50	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-12-13 10:06 . 2012-12-13 10:06	--------	d-----w-	c:\programdata\AVAST Software
2012-12-13 10:06 . 2012-12-13 10:06	--------	d-----w-	c:\program files\AVAST Software
2012-12-12 12:12 . 2012-11-22 02:56	2345984	----a-w-	c:\windows\system32\win32k.sys
2012-12-11 15:45 . 2012-12-11 15:45	--------	d-----w-	c:\programdata\Ad-Aware Antivirus
2012-12-11 15:39 . 2012-12-11 15:39	--------	d-----w-	c:\programdata\Lavasoft
2012-12-11 15:39 . 2012-12-13 09:41	--------	d-----w-	c:\program files\Ad-Aware Antivirus
2012-12-11 15:38 . 2012-12-11 15:38	44424	----a-w-	c:\windows\system32\sbbd.exe
2012-12-11 15:38 . 2012-12-11 15:38	13560	----a-w-	c:\windows\system32\drivers\gfibto.sys
2012-12-11 15:37 . 2012-12-13 09:42	--------	d-----w-	c:\program files\adawaretb
2012-12-11 15:37 . 2012-12-11 15:37	--------	d-----w-	c:\users\Pinky\AppData\Roaming\LavasoftStatistics
2012-12-11 15:37 . 2012-12-11 15:53	--------	d-----w-	c:\users\Pinky\AppData\Roaming\Ad-Aware Antivirus
2012-12-10 20:16 . 2012-12-10 20:16	--------	d-----w-	c:\users\Pinky\AppData\Local\Ashampoo
2012-12-10 20:14 . 2012-12-10 20:14	--------	d-----w-	c:\program files\Ashampoo
2012-12-10 19:59 . 2012-12-10 19:59	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-12-10 19:55 . 2012-12-10 19:55	86528	----a-w-	c:\windows\system32\iesysprep.dll
2012-12-10 19:48 . 2012-08-24 17:05	136560	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-12-10 19:48 . 2012-08-24 16:57	247808	----a-w-	c:\windows\system32\schannel.dll
2012-12-10 19:48 . 2012-08-24 17:02	369856	----a-w-	c:\windows\system32\drivers\cng.sys
2012-12-10 19:48 . 2012-08-24 16:57	220160	----a-w-	c:\windows\system32\ncrypt.dll
2012-12-10 19:48 . 2012-08-24 16:56	1039360	----a-w-	c:\windows\system32\lsasrv.dll
2012-12-10 19:48 . 2012-05-04 09:59	514560	----a-w-	c:\windows\system32\qdvd.dll
2012-12-07 18:25 . 2012-12-10 17:50	--------	d-----w-	c:\program files\Mozilla Thunderbird
2012-11-23 12:36 . 2012-11-23 12:36	--------	d-----w-	c:\users\Pinky\2012_11_23
2012-11-22 18:49 . 2012-11-22 18:49	--------	d-----r-	c:\program files\Skype
2012-11-22 18:49 . 2012-11-22 18:49	--------	d-----w-	c:\program files\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 12:48 . 2012-04-05 14:42	697272	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-12-13 12:48 . 2011-05-14 06:54	73656	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-05 08:03 . 2012-11-05 08:04	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-11-05 08:03 . 2012-11-05 08:04	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-11-05 08:03 . 2012-11-05 08:04	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-10-16 07:39 . 2012-11-28 08:17	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-14 12:49	44032	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-14 12:49	193536	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-10-03 16:58 . 2012-11-14 12:50	1293680	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-10-03 16:42 . 2012-11-14 12:50	52224	----a-w-	c:\windows\system32\nlaapi.dll
2012-10-03 16:42 . 2012-11-14 12:50	242176	----a-w-	c:\windows\system32\nlasvc.dll
2012-10-03 16:42 . 2012-11-14 12:50	18944	----a-w-	c:\windows\system32\netevent.dll
2012-10-03 16:42 . 2012-11-14 12:50	175104	----a-w-	c:\windows\system32\netcorehc.dll
2012-10-03 16:42 . 2012-11-14 12:50	156672	----a-w-	c:\windows\system32\ncsi.dll
2012-10-03 16:40 . 2012-11-14 12:50	499712	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-10-03 15:21 . 2012-11-14 12:50	35328	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-09-25 22:47 . 2012-11-14 12:50	78336	----a-w-	c:\windows\system32\synceng.dll
2012-12-06 11:20 . 2012-12-06 11:20	262112	----a-w-	c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

[/QUOTE]

Teil 2
Zitat:
. . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-10 98304] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-18 497536] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-24 7596576] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336] "MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480] "EasyFace Agent"="c:\program files\MSI\EasyFace Logon\KillAutoAP.exe" [2009-07-15 348160] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-1 2680160] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x] S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x] S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - 74132183 *Deregistered* - 74132183 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] GPSvcGroup REG_MULTI_SZ GPSvc . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs UxTuneUp . Inhalt des "geplante Tasks" Ordners . 2012-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:48] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.searchqu.com/410 uInternet Settings,ProxyOverride = *.local IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 192.168.2.1 FF - ProfilePath - c:\users\Pinky\AppData\Roaming\Mozilla\Firefox\Profiles\vug5t5ch.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:de:official FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q= FF - ExtSQL: 2012-12-11 16:38; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Pinky\AppData\Roaming\Mozilla\Firefox\Profiles\vug5t5ch.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack FF - ExtSQL: 2012-12-13 11:13; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) AddRemove-Searchqu 410 MediaBar - c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2012-12-20 17:41:17 ComboFix-quarantined-files.txt 2012-12-20 16:41 . Vor Suchlauf: 11 Verzeichnis(se), 109.159.833.600 Bytes frei Nach Suchlauf: 15 Verzeichnis(se), 108.817.010.688 Bytes frei . - - End Of File - - B8B2595524B1D8B082B98248225C18E7
--- --- ---


Teil 2
Zitat:
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-10 98304]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-18 497536]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-06-24 7596576]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
"MGSysCtrl"="c:\program files\System Control Manager\MGSysCtrl.exe" [2009-07-24 2068480]
"EasyFace Agent"="c:\program files\MSI\EasyFace Logon\KillAutoAP.exe" [2009-07-15 348160]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-1 2680160]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [x]
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 74132183
*Deregistered* - 74132183
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 12:48]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.searchqu.com/410
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\users\Pinky\AppData\Roaming\Mozilla\Firefox\Profiles\vug5t5ch.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/firefox?client=firefox-a&rls=org.mozilla:defficial
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - ExtSQL: 2012-12-11 16:38; jid1-yZwVFzbsyfMrqQ@jetpack; c:\users\Pinky\AppData\Roaming\Mozilla\Firefox\Profiles\vug5t5ch.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF - ExtSQL: 2012-12-13 11:13; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Searchqu 410 MediaBar - c:\program files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstallTB.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-20 17:41:17
ComboFix-quarantined-files.txt 2012-12-20 16:41
.
Vor Suchlauf: 11 Verzeichnis(se), 109.159.833.600 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 108.817.010.688 Bytes frei
.
- - End Of File - - B8B2595524B1D8B082B98248225C18E7

Alt 20.12.2012, 17:17   #13
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 20.12.2012, 19:13   #14
PinkNina
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Scan ist fertig

Zitat:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.12.20.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Pinky :: PINKY-MSI [Administrator]

Schutz: Aktiviert

20.12.2012 18:42:42
mbam-log-2012-12-20 (18-42-42).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 350387
Laufzeit: 1 Stunde(n), 27 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Alt 20.12.2012, 19:14   #15
markusg
/// Malware-holic
 
Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Standard

Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr



Hi,
lade den CCleaner standard:
CCleaner Download - CCleaner 3.25.1872
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr
andere, antimalware, aufgetaucht, aufrufe, avast, browser, dankeschön, e-banking, englische, falsche, geht nicht mehr, gesperrt, großes, hoffe, nicht mehr, nichts, norton, nutze, online-banking, programme, seite, sofort, suchmaschine, suchmaschinen, virenprogramme, wiederherstellung, woche



Ähnliche Themen: Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr


  1. Windows 7: Sicherheitscenter kann nicht aktiviert werden, Avira funktioniert nicht mehr
    Log-Analyse und Auswertung - 24.06.2015 (13)
  2. Windows7, Internet geht nicht mehr bis auf Google Seite, manche Programm gehen nicht
    Log-Analyse und Auswertung - 30.01.2015 (21)
  3. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, Malwarebytes funktioniert nicht
    Log-Analyse und Auswertung - 21.06.2014 (9)
  4. Windows Vista runterladen neuer player für movie4k.to und geht nicht mehr auf google start seite
    Log-Analyse und Auswertung - 25.05.2014 (15)
  5. Windows 7: Windows-Sicherheitscenter und Windows Defender funktionieren nicht mehr, Services.exe verseucht?
    Log-Analyse und Auswertung - 07.01.2014 (8)
  6. Windows-Sicherheitscenter war deaktiviert - nun kann ich Windows-Defender nicht mehr starten
    Log-Analyse und Auswertung - 20.12.2013 (13)
  7. Windows Sicherheitscenter reagiert nicht mehr.Bereinigen nicht möglich
    Log-Analyse und Auswertung - 08.12.2013 (15)
  8. Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden
    Log-Analyse und Auswertung - 06.12.2013 (13)
  9. Windows 7: Sicherheitscenter kann nicht aktiviert werden, Update funktioniert nicht mehr!
    Log-Analyse und Auswertung - 22.11.2013 (19)
  10. Windows Sicherheitscenter lässt sich durch Trojaner nicht mehr aktivieren.
    Log-Analyse und Auswertung - 27.06.2013 (13)
  11. Suchmaschinen leiten auf falsche Seite weiter
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (10)
  12. Suchmaschinen wie z.B Google leiten auf falsche Seite um
    Log-Analyse und Auswertung - 26.10.2012 (13)
  13. Windows Sicherheitscenter und Defender nicht mehr aktivierbar. FakeAlert?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2011 (22)
  14. Windows Sicherheitscenter lässt sich nicht mehr aktivieren, die zweite
    Plagegeister aller Art und deren Bekämpfung - 08.03.2011 (2)
  15. Windows-Sicherheitscenter lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2011 (15)
  16. Windows Update Seite geht nicht
    Log-Analyse und Auswertung - 05.11.2005 (1)
  17. Hilfe WindowsUpdate Seite geht nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 28.09.2004 (13)

Zum Thema Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr - Hallo, seit über einer Woche, kann ich mit keinem Browser mehr meine Sucherebnise aufrufen. Diese leiten mich gleich immer auf eine andere Seite um, eine Englische, genaueres sehe ich nie, - Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr...
Archiv
Du betrachtest: Suchmaschinen leiden falsche Seite um und Windows-Sicherheitscenter geht nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.