| |
| |||||||
Log-Analyse und Auswertung: Fund mit Desinfec'tWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
22.01.2013, 22:03
| #1 |
 |  Fund mit Desinfec't Hallo zusammen, bei einem Scan mit Desinfec't hat es bei mir ein paar Funde gegeben: /media/VistaOS/Program Files/RAR Password Recovery Magic/RarRecover.exe Trojan.Dropper-26189 /media/VistaOS/Windows/winsxs/x86_microsoft-windows-activexproxy_31bf3856ad364e35_6.1.7600.16385_none_11e489934b9dec07/actxprxy.dll Win.Trojan.Agent-114869 /media/VistaOS/Program Files/ASUS/NB Probe/SPM/spmgr.exe Win.Trojan.Zbot-3220 /media/VistaOS/Users/Tobias/AppData/Local/Temp/7zOB74D.tmp/kg.exe Trojan.Generic.4197071 Könnt ihr mir bitte weiterhelfen? Anbei die Logs Danke schonmal für die Mühe! Gruß Tobias |
|
23.01.2013, 17:36
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Fund mit Desinfec't Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
24.01.2013, 00:17
| #3 |
| | Fund mit Desinfec't Hallo cosinus,
__________________erstmal danke dass du mir meiner annimmst! (und sorry dass ich die anderen Logs falsch gepostet hab) Die Logs vom Desinfec't hab ich leider nicht gesichert. Von Avira was ich auf dem Rechner habe wollte ich die Funde exportieren avira blinkt dann ein bisschen rum und das war's. Oder legt Avira die in einem Ordner standardmäßig ab? Falls nicht kann ich zumindest kurz beschreiben was gefunden wurde: Hab nen USB-Stick mit Fotos zurückbekommen und beim Einlegen hat a.) Avira (zum Glück) den Autostart blockiert und b.) 'W32/Sality.AT' darauf gemeldet, worauf ich den Stick formatiert hab. (wurde also nichts ausgeführt). Sind 5 Funde im Ereignis-Log mit diesem Virus. Sonst habe ich nichts Gruß Tobias |
|
24.01.2013, 10:04
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec'tZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.01.2013, 11:49
| #5 |
| | Fund mit Desinfec't Funktioniert wirklich nicht... Nachdem du mir im vorigen Post den Link dazu gegeben hast, wollte ich den Log streng nach Anleitung durchführen. Ergebnis war, dass nach Export (egal wie: durch Klick auf Button, Rechtsklick-Menü oder F3) das Avira-Fenster ein paar Mal geblinkt hat und das war dann auch die einzige Reaktion dies es von sich gegeben hat. Gruß Tobias |
|
24.01.2013, 11:50
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec't Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Fund mit Desinfec't |
|
24.01.2013, 20:38
| #7 |
| | Fund mit Desinfec't Hallo cosinus, also CleanUp-Button und Neustart kam nicht... Hier das Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.24.10
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Tobias :: TOBIAS-PC [administrator]
24.01.2013 20:20:38
mbar-log-2013-01-24 (20-20-38).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 27942
Time elapsed: 15 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Tobias |
|
24.01.2013, 22:45
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec't 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2013, 23:52
| #9 |
| | Fund mit Desinfec't aswMBR.txt: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-24 23:21:27
-----------------------------
23:21:27.100 OS Version: Windows 6.1.7601 Service Pack 1
23:21:27.100 Number of processors: 2 586 0x1706
23:21:27.103 ComputerName: TOBIAS-PC UserName: Tobias
23:21:30.582 Initialize success
23:23:37.775 AVAST engine defs: 13012401
23:23:49.238 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
23:23:49.241 Disk 0 Vendor: ST925032 0303 Size: 238475MB BusType: 3
23:23:49.243 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
23:23:49.247 Disk 1 Vendor: ST925032 0303 Size: 238475MB BusType: 3
23:23:49.276 Disk 0 MBR read successfully
23:23:49.279 Disk 0 MBR scan
23:23:49.285 Disk 0 unknown MBR code
23:23:49.297 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 12001 MB offset 63
23:23:49.310 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 206471 MB offset 24579450
23:23:49.317 Disk 0 Partition - 00 05 Extended 20001 MB offset 447434750
23:23:49.367 Disk 0 Partition 3 00 83 Linux 15905 MB offset 447434752
23:23:49.374 Disk 0 Partition - 00 05 Extended 4096 MB offset 480008192
23:23:49.425 Disk 0 scanning sectors +488396800
23:23:49.550 Disk 0 scanning C:\Windows\system32\drivers
23:24:07.354 Service scanning
23:24:39.868 Modules scanning
23:24:50.508 Disk 0 trace - called modules:
23:24:50.526 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
23:24:50.532 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f23618]
23:24:50.539 3 CLASSPNP.SYS[8bbab59e] -> nt!IofCallDriver -> [0x86130900]
23:24:50.546 5 ACPI.sys[8b4c23d4] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x86145028]
23:24:51.545 AVAST engine scan C:\Windows
23:24:55.819 AVAST engine scan C:\Windows\system32
23:28:30.251 AVAST engine scan C:\Windows\system32\drivers
23:28:50.527 AVAST engine scan C:\Users\Tobias
23:35:55.883 AVAST engine scan C:\ProgramData
23:41:23.619 Scan finished successfully
23:45:44.646 Disk 0 MBR has been saved successfully to "C:\Users\Tobias\Desktop\MBR.dat"
23:45:44.653 The log file has been saved successfully to "C:\Users\Tobias\Desktop\aswMBR.txt"
Code:
ATTFilter 23:46:49.0616 15680 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:46:49.0975 15680 ============================================================
23:46:49.0975 15680 Current date / time: 2013/01/24 23:46:49.0975
23:46:49.0975 15680 SystemInfo:
23:46:49.0975 15680
23:46:49.0976 15680 OS Version: 6.1.7601 ServicePack: 1.0
23:46:49.0976 15680 Product type: Workstation
23:46:49.0976 15680 ComputerName: TOBIAS-PC
23:46:49.0976 15680 UserName: Tobias
23:46:49.0976 15680 Windows directory: C:\Windows
23:46:49.0976 15680 System windows directory: C:\Windows
23:46:49.0976 15680 Processor architecture: Intel x86
23:46:49.0976 15680 Number of processors: 2
23:46:49.0976 15680 Page size: 0x1000
23:46:49.0976 15680 Boot type: Normal boot
23:46:49.0976 15680 ============================================================
23:46:53.0422 15680 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:46:53.0654 15680 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x764A9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050
23:46:53.0656 15680 ============================================================
23:46:53.0656 15680 \Device\Harddisk0\DR0:
23:46:53.0656 15680 MBR partitions:
23:46:53.0656 15680 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x19343B60
23:46:53.0712 15680 \Device\Harddisk1\DR1:
23:46:53.0712 15680 MBR partitions:
23:46:53.0712 15680 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
23:46:53.0712 15680 ============================================================
23:46:53.0782 15680 C: <-> \Device\Harddisk0\DR0\Partition1
23:46:53.0800 15680 D: <-> \Device\Harddisk1\DR1\Partition1
23:46:53.0800 15680 ============================================================
23:46:53.0800 15680 Initialize success
23:46:53.0800 15680 ============================================================
23:47:10.0590 13588 ============================================================
23:47:10.0590 13588 Scan started
23:47:10.0591 13588 Mode: Manual; SigCheck; TDLFS;
23:47:10.0591 13588 ============================================================
23:47:11.0072 13588 ================ Scan system memory ========================
23:47:11.0073 13588 System memory - ok
23:47:11.0073 13588 ================ Scan services =============================
23:47:11.0222 13588 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:47:11.0376 13588 1394ohci - ok
23:47:11.0411 13588 [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883 C:\Windows\system32\DRIVERS\61883.sys
23:47:11.0469 13588 61883 - ok
23:47:11.0517 13588 [ 553BA53445795CBC0D4F9FA37EB855A6 ] acedrv10 C:\Windows\system32\drivers\acedrv10.sys
23:47:11.0546 13588 acedrv10 - ok
23:47:11.0561 13588 [ 8CE00B6A46962A1808B19CD1DAE5170C ] acehlp10 C:\Windows\system32\drivers\acehlp10.sys
23:47:11.0576 13588 acehlp10 - ok
23:47:11.0599 13588 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:47:11.0617 13588 ACPI - ok
23:47:11.0643 13588 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:47:11.0681 13588 AcpiPmi - ok
23:47:11.0722 13588 Adobe Licensing Console - ok
23:47:11.0836 13588 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:47:11.0849 13588 AdobeARMservice - ok
23:47:11.0949 13588 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:47:11.0964 13588 AdobeFlashPlayerUpdateSvc - ok
23:47:12.0044 13588 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:47:12.0066 13588 adp94xx - ok
23:47:12.0081 13588 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:47:12.0100 13588 adpahci - ok
23:47:12.0121 13588 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:47:12.0136 13588 adpu320 - ok
23:47:12.0212 13588 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:47:12.0427 13588 AeLookupSvc - ok
23:47:12.0510 13588 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
23:47:12.0567 13588 AFD - ok
23:47:12.0677 13588 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:47:12.0776 13588 AgereSoftModem - ok
23:47:12.0808 13588 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
23:47:12.0821 13588 agp440 - ok
23:47:12.0891 13588 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
23:47:12.0904 13588 aic78xx - ok
23:47:12.0975 13588 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
23:47:13.0040 13588 ALG - ok
23:47:13.0061 13588 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
23:47:13.0074 13588 aliide - ok
23:47:13.0084 13588 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:47:13.0098 13588 amdagp - ok
23:47:13.0111 13588 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
23:47:13.0131 13588 amdide - ok
23:47:13.0189 13588 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:47:13.0247 13588 AmdK8 - ok
23:47:13.0276 13588 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:47:13.0312 13588 AmdPPM - ok
23:47:13.0351 13588 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:47:13.0365 13588 amdsata - ok
23:47:13.0388 13588 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:47:13.0405 13588 amdsbs - ok
23:47:13.0416 13588 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:47:13.0430 13588 amdxata - ok
23:47:13.0471 13588 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
23:47:13.0536 13588 androidusb - ok
23:47:13.0636 13588 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:47:13.0648 13588 AntiVirSchedulerService - ok
23:47:13.0669 13588 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:47:13.0680 13588 AntiVirService - ok
23:47:13.0715 13588 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
23:47:13.0759 13588 AppID - ok
23:47:13.0835 13588 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:47:13.0881 13588 AppIDSvc - ok
23:47:13.0909 13588 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
23:47:13.0946 13588 Appinfo - ok
23:47:14.0025 13588 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:47:14.0039 13588 arc - ok
23:47:14.0048 13588 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:47:14.0062 13588 arcsas - ok
23:47:14.0204 13588 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
23:47:14.0226 13588 ASLDRService ( UnsignedFile.Multi.Generic ) - warning
23:47:14.0226 13588 ASLDRService - detected UnsignedFile.Multi.Generic (1)
23:47:14.0267 13588 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys
23:47:14.0277 13588 ASMMAP - ok
23:47:14.0286 13588 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:47:14.0402 13588 AsyncMac - ok
23:47:14.0446 13588 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
23:47:14.0459 13588 atapi - ok
23:47:14.0538 13588 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys
23:47:14.0607 13588 athr - ok
23:47:14.0642 13588 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
23:47:14.0678 13588 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
23:47:14.0678 13588 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1)
23:47:14.0742 13588 [ F70D2392158CB68E775F8C4CD3D12FBB ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
23:47:14.0756 13588 ATSWPDRV - ok
23:47:14.0822 13588 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:47:14.0871 13588 AudioEndpointBuilder - ok
23:47:14.0880 13588 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:47:14.0908 13588 Audiosrv - ok
23:47:14.0942 13588 [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc C:\Windows\system32\DRIVERS\avc.sys
23:47:14.0974 13588 Avc - ok
23:47:15.0026 13588 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:47:15.0038 13588 avgntflt - ok
23:47:15.0080 13588 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:47:15.0095 13588 avipbb - ok
23:47:15.0103 13588 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:47:15.0115 13588 avkmgr - ok
23:47:15.0163 13588 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:47:15.0251 13588 AxInstSV - ok
23:47:15.0305 13588 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
23:47:15.0363 13588 b06bdrv - ok
23:47:15.0387 13588 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:47:15.0427 13588 b57nd60x - ok
23:47:15.0532 13588 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
23:47:15.0594 13588 BDESVC - ok
23:47:15.0647 13588 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
23:47:15.0693 13588 Beep - ok
23:47:15.0744 13588 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
23:47:15.0804 13588 BFE - ok
23:47:15.0927 13588 [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe
23:47:15.0946 13588 BingDesktopUpdate - ok
23:47:15.0972 13588 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
23:47:16.0024 13588 BITS - ok
23:47:16.0058 13588 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:47:16.0072 13588 blbdrive - ok
23:47:16.0099 13588 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:47:16.0172 13588 bowser - ok
23:47:16.0218 13588 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:47:16.0267 13588 BrFiltLo - ok
23:47:16.0289 13588 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:47:16.0331 13588 BrFiltUp - ok
23:47:16.0376 13588 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
23:47:16.0425 13588 Browser - ok
23:47:16.0446 13588 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:47:16.0483 13588 Brserid - ok
23:47:16.0534 13588 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:47:16.0552 13588 BrSerWdm - ok
23:47:16.0581 13588 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:47:16.0634 13588 BrUsbMdm - ok
23:47:16.0660 13588 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:47:16.0702 13588 BrUsbSer - ok
23:47:16.0766 13588 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:47:16.0846 13588 BthEnum - ok
23:47:16.0866 13588 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:47:16.0899 13588 BTHMODEM - ok
23:47:16.0943 13588 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:47:16.0973 13588 BthPan - ok
23:47:17.0037 13588 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:47:17.0095 13588 BTHPORT - ok
23:47:17.0171 13588 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
23:47:17.0219 13588 bthserv - ok
23:47:17.0246 13588 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:47:17.0282 13588 BTHUSB - ok
23:47:17.0328 13588 [ F2F7342742180D5060285499DEE50F99 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:47:17.0339 13588 btwaudio - ok
23:47:17.0381 13588 [ 32F59F26A30CFC508DA11DB3EA0F8B77 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:47:17.0392 13588 btwavdt - ok
23:47:17.0507 13588 [ 09CB316DB9D61ED9FC9A7B07A1A301F6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
23:47:17.0526 13588 btwdins - ok
23:47:17.0553 13588 [ ECB98391C756A7B9CFBAE89D9D1235E1 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
23:47:17.0563 13588 btwl2cap - ok
23:47:17.0591 13588 [ 03658734EF7D0F3B3F4636D3E8A38964 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:47:17.0603 13588 btwrchid - ok
23:47:17.0672 13588 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:47:17.0742 13588 cdfs - ok
23:47:17.0787 13588 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:47:17.0822 13588 cdrom - ok
23:47:17.0855 13588 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
23:47:17.0906 13588 CertPropSvc - ok
23:47:17.0979 13588 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:47:18.0029 13588 circlass - ok
23:47:18.0099 13588 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
23:47:18.0117 13588 CLFS - ok
23:47:18.0219 13588 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:47:18.0264 13588 clr_optimization_v2.0.50727_32 - ok
23:47:18.0318 13588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:47:18.0329 13588 clr_optimization_v4.0.30319_32 - ok
23:47:18.0339 13588 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:47:18.0404 13588 CmBatt - ok
23:47:18.0438 13588 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:47:18.0451 13588 cmdide - ok
23:47:18.0521 13588 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
23:47:18.0546 13588 CNG - ok
23:47:18.0595 13588 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:47:18.0608 13588 Compbatt - ok
23:47:18.0652 13588 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:47:18.0697 13588 CompositeBus - ok
23:47:18.0722 13588 COMSysApp - ok
23:47:18.0740 13588 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:47:18.0753 13588 crcdisk - ok
23:47:18.0819 13588 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:47:18.0869 13588 CryptSvc - ok
23:47:18.0947 13588 [ 0C527B30712D735D8CB61B5187C36587 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
23:47:18.0959 13588 dc3d - ok
23:47:18.0991 13588 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:47:19.0044 13588 DcomLaunch - ok
23:47:19.0107 13588 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
23:47:19.0166 13588 defragsvc - ok
23:47:19.0208 13588 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:47:19.0251 13588 DfsC - ok
23:47:19.0305 13588 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:47:19.0318 13588 dg_ssudbus - ok
23:47:19.0357 13588 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:47:19.0405 13588 Dhcp - ok
23:47:19.0467 13588 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
23:47:19.0509 13588 discache - ok
23:47:19.0557 13588 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:47:19.0571 13588 Disk - ok
23:47:19.0592 13588 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:47:19.0647 13588 Dnscache - ok
23:47:19.0672 13588 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
23:47:19.0719 13588 dot3svc - ok
23:47:19.0746 13588 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
23:47:19.0811 13588 DPS - ok
23:47:19.0876 13588 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:47:19.0910 13588 drmkaud - ok
23:47:19.0958 13588 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:47:19.0998 13588 DXGKrnl - ok
23:47:20.0051 13588 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
23:47:20.0097 13588 EapHost - ok
23:47:20.0237 13588 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
23:47:20.0369 13588 ebdrv - ok
23:47:20.0414 13588 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
23:47:20.0463 13588 EFS - ok
23:47:20.0520 13588 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:47:20.0559 13588 ehRecvr - ok
23:47:20.0606 13588 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
23:47:20.0637 13588 ehSched - ok
23:47:20.0725 13588 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:47:20.0747 13588 elxstor - ok
23:47:20.0768 13588 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:47:20.0802 13588 ErrDev - ok
23:47:20.0884 13588 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
23:47:20.0933 13588 EventSystem - ok
23:47:20.0987 13588 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
23:47:21.0034 13588 exfat - ok
23:47:21.0073 13588 [ 920AE11441C78C00C6CF084993C817F8 ] Ext2fs C:\Windows\system32\DRIVERS\ext2fs.sys
23:47:21.0090 13588 Ext2fs - ok
23:47:21.0103 13588 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:47:21.0160 13588 fastfat - ok
23:47:21.0225 13588 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
23:47:21.0292 13588 Fax - ok
23:47:21.0348 13588 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:47:21.0386 13588 fdc - ok
23:47:21.0425 13588 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
23:47:21.0473 13588 fdPHost - ok
23:47:21.0499 13588 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
23:47:21.0557 13588 FDResPub - ok
23:47:21.0575 13588 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:47:21.0588 13588 FileInfo - ok
23:47:21.0638 13588 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:47:21.0686 13588 Filetrace - ok
23:47:21.0804 13588 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
23:47:21.0873 13588 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:47:21.0873 13588 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:47:21.0897 13588 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:47:21.0911 13588 flpydisk - ok
23:47:21.0992 13588 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:47:22.0008 13588 FltMgr - ok
23:47:22.0042 13588 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
23:47:22.0127 13588 FontCache - ok
23:47:22.0216 13588 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:47:22.0225 13588 FontCache3.0.0.0 - ok
23:47:22.0243 13588 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:47:22.0257 13588 FsDepends - ok
23:47:22.0286 13588 [ 17829180DEEBF703EC7F445AC3ABEA99 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:47:22.0297 13588 fssfltr - ok
23:47:22.0380 13588 [ F6717211C1EC2CDDAA81B97B0727C2E9 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23:47:22.0402 13588 fsssvc - ok
23:47:22.0432 13588 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:47:22.0447 13588 Fs_Rec - ok
23:47:22.0486 13588 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:47:22.0505 13588 fvevol - ok
23:47:22.0553 13588 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:47:22.0567 13588 gagp30kx - ok
23:47:22.0642 13588 [ 31B40F40E09513ADDC460F6A297AD474 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
23:47:22.0652 13588 ghaio - ok
23:47:22.0680 13588 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
23:47:22.0789 13588 gpsvc - ok
23:47:22.0934 13588 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:22.0945 13588 gupdate - ok
23:47:22.0956 13588 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:22.0966 13588 gupdatem - ok
23:47:22.0981 13588 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:47:23.0035 13588 hcw85cir - ok
23:47:23.0085 13588 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:47:23.0125 13588 HdAudAddService - ok
23:47:23.0162 13588 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:47:23.0196 13588 HDAudBus - ok
23:47:23.0247 13588 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:47:23.0287 13588 HidBatt - ok
23:47:23.0315 13588 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:47:23.0394 13588 HidBth - ok
23:47:23.0445 13588 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:47:23.0461 13588 HidIr - ok
23:47:23.0520 13588 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
23:47:23.0569 13588 hidserv - ok
23:47:23.0614 13588 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:47:23.0651 13588 HidUsb - ok
23:47:23.0678 13588 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:47:23.0720 13588 hkmsvc - ok
23:47:23.0777 13588 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:47:23.0845 13588 HomeGroupListener - ok
23:47:23.0869 13588 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:47:23.0920 13588 HomeGroupProvider - ok
23:47:23.0972 13588 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:47:23.0986 13588 HpSAMD - ok
23:47:24.0024 13588 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:47:24.0058 13588 HTTP - ok
23:47:24.0080 13588 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:47:24.0093 13588 hwpolicy - ok
23:47:24.0168 13588 [ F02EA43AE8F936124DEBF5B87F12C795 ] hxctlflt C:\Windows\system32\Drivers\hxctlflt.sys
23:47:24.0223 13588 hxctlflt - ok
23:47:24.0262 13588 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:47:24.0276 13588 i8042prt - ok
23:47:24.0328 13588 [ 80C633722DA72E97F3F5B3B11325696D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:47:24.0343 13588 iaStor - ok
23:47:24.0377 13588 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:47:24.0397 13588 iaStorV - ok
23:47:24.0441 13588 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:47:24.0480 13588 idsvc - ok
23:47:24.0508 13588 [ 45D7414BDDA6A6E4C887598EE47FDB16 ] IfsMount C:\Windows\system32\DRIVERS\ifsmount.sys
23:47:24.0521 13588 IfsMount - ok
23:47:24.0574 13588 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:47:24.0587 13588 iirsp - ok
23:47:24.0631 13588 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
23:47:24.0699 13588 IKEEXT - ok
23:47:24.0834 13588 [ 58072F5FD95ECE78F9FA7BDA1210A9E7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:47:24.0908 13588 IntcAzAudAddService - ok
23:47:24.0924 13588 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
23:47:24.0937 13588 intelide - ok
23:47:24.0960 13588 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:47:24.0974 13588 intelppm - ok
23:47:25.0025 13588 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:47:25.0078 13588 IPBusEnum - ok
23:47:25.0100 13588 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:47:25.0147 13588 IpFilterDriver - ok
23:47:25.0219 13588 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:47:25.0297 13588 iphlpsvc - ok
23:47:25.0321 13588 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:47:25.0359 13588 IPMIDRV - ok
23:47:25.0384 13588 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:47:25.0439 13588 IPNAT - ok
23:47:25.0507 13588 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:47:25.0541 13588 IRENUM - ok
23:47:25.0581 13588 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:47:25.0595 13588 isapnp - ok
23:47:25.0610 13588 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:47:25.0628 13588 iScsiPrt - ok
23:47:25.0698 13588 [ 8BCD857C7932AD005D5F9C89329DA2E1 ] itecir C:\Windows\system32\DRIVERS\itecir.sys
23:47:25.0748 13588 itecir - ok
23:47:25.0789 13588 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:47:25.0802 13588 kbdclass - ok
23:47:25.0839 13588 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:47:25.0885 13588 kbdhid - ok
23:47:25.0952 13588 [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
23:47:25.0962 13588 kbfiltr - ok
23:47:25.0988 13588 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
23:47:26.0002 13588 KeyIso - ok
23:47:26.0023 13588 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:47:26.0037 13588 KSecDD - ok
23:47:26.0053 13588 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:47:26.0068 13588 KSecPkg - ok
23:47:26.0134 13588 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
23:47:26.0219 13588 KtmRm - ok
23:47:26.0257 13588 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
23:47:26.0300 13588 LanmanServer - ok
23:47:26.0344 13588 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:47:26.0392 13588 LanmanWorkstation - ok
23:47:26.0499 13588 [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:47:26.0520 13588 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
23:47:26.0520 13588 LightScribeService - detected UnsignedFile.Multi.Generic (1)
23:47:26.0607 13588 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:47:26.0651 13588 lltdio - ok
23:47:26.0698 13588 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:47:26.0745 13588 lltdsvc - ok
23:47:26.0763 13588 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
23:47:26.0815 13588 lmhosts - ok
23:47:26.0848 13588 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:47:26.0862 13588 LSI_FC - ok
23:47:26.0872 13588 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:47:26.0887 13588 LSI_SAS - ok
23:47:26.0898 13588 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:47:26.0912 13588 LSI_SAS2 - ok
23:47:26.0923 13588 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:47:26.0938 13588 LSI_SCSI - ok
23:47:26.0989 13588 [ 23B55D27A0AFB7FE9CBCB20B617CC168 ] Ltn_stk7070P C:\Windows\system32\DRIVERS\Ltn_stk7070P.sys
23:47:27.0050 13588 Ltn_stk7070P - ok
23:47:27.0064 13588 [ 1FA7503D019291C027FEDAE509BC5500 ] Ltn_stkrc C:\Windows\system32\DRIVERS\Ltn_stkrc.sys
23:47:27.0102 13588 Ltn_stkrc - ok
23:47:27.0155 13588 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
23:47:27.0204 13588 luafv - ok
23:47:27.0234 13588 [ 8039F480C192DD99FED4EBC71FFBF795 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
23:47:27.0244 13588 lullaby - ok
23:47:27.0279 13588 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:47:27.0290 13588 MBAMProtector - ok
23:47:27.0325 13588 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:47:27.0342 13588 MBAMScheduler - ok
23:47:27.0369 13588 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:47:27.0393 13588 MBAMService - ok
23:47:27.0436 13588 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
23:47:27.0469 13588 mcdbus ( UnsignedFile.Multi.Generic ) - warning
23:47:27.0469 13588 mcdbus - detected UnsignedFile.Multi.Generic (1)
23:47:27.0503 13588 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:47:27.0519 13588 Mcx2Svc - ok
23:47:27.0579 13588 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:47:27.0592 13588 megasas - ok
23:47:27.0616 13588 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:47:27.0633 13588 MegaSR - ok
23:47:27.0729 13588 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:47:27.0740 13588 Microsoft Office Groove Audit Service - ok
23:47:27.0793 13588 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
23:47:27.0862 13588 MMCSS - ok
23:47:27.0887 13588 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
23:47:27.0946 13588 Modem - ok
23:47:28.0014 13588 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:47:28.0050 13588 monitor - ok
23:47:28.0096 13588 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:47:28.0109 13588 mouclass - ok
23:47:28.0129 13588 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:47:28.0158 13588 mouhid - ok
23:47:28.0207 13588 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:47:28.0221 13588 mountmgr - ok
23:47:28.0245 13588 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
23:47:28.0260 13588 mpio - ok
23:47:28.0272 13588 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:47:28.0331 13588 mpsdrv - ok
23:47:28.0435 13588 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:47:28.0521 13588 MpsSvc - ok
23:47:28.0559 13588 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:47:28.0644 13588 MRxDAV - ok
23:47:28.0714 13588 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:47:28.0781 13588 mrxsmb - ok
23:47:28.0846 13588 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:47:28.0879 13588 mrxsmb10 - ok
23:47:28.0910 13588 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:47:28.0956 13588 mrxsmb20 - ok
23:47:28.0985 13588 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
23:47:28.0998 13588 msahci - ok
23:47:29.0012 13588 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:47:29.0027 13588 msdsm - ok
23:47:29.0039 13588 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
23:47:29.0086 13588 MSDTC - ok
23:47:29.0149 13588 [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
23:47:29.0183 13588 MSDV - ok
23:47:29.0227 13588 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:47:29.0278 13588 Msfs - ok
23:47:29.0301 13588 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:47:29.0350 13588 mshidkmdf - ok
23:47:29.0372 13588 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:47:29.0385 13588 msisadrv - ok
23:47:29.0448 13588 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:47:29.0476 13588 MSiSCSI - ok
23:47:29.0481 13588 msiserver - ok
23:47:29.0509 13588 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:47:29.0553 13588 MSKSSRV - ok
23:47:29.0573 13588 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:47:29.0616 13588 MSPCLOCK - ok
23:47:29.0642 13588 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:47:29.0689 13588 MSPQM - ok
23:47:29.0720 13588 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:47:29.0737 13588 MsRPC - ok
23:47:29.0761 13588 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:47:29.0774 13588 mssmbios - ok
23:47:29.0783 13588 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:47:29.0810 13588 MSTEE - ok
23:47:29.0815 13588 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:47:29.0844 13588 MTConfig - ok
23:47:29.0897 13588 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
23:47:29.0951 13588 MTsensor - ok
23:47:29.0965 13588 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
23:47:29.0979 13588 Mup - ok
23:47:30.0015 13588 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
23:47:30.0074 13588 napagent - ok
23:47:30.0114 13588 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:47:30.0152 13588 NativeWifiP - ok
23:47:30.0198 13588 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:47:30.0237 13588 NDIS - ok
23:47:30.0245 13588 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:47:30.0286 13588 NdisCap - ok
23:47:30.0315 13588 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:47:30.0340 13588 NdisTapi - ok
23:47:30.0371 13588 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:47:30.0417 13588 Ndisuio - ok
23:47:30.0456 13588 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:47:30.0517 13588 NdisWan - ok
23:47:30.0545 13588 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:47:30.0595 13588 NDProxy - ok
23:47:30.0641 13588 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:47:30.0685 13588 NetBIOS - ok
23:47:30.0721 13588 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:47:30.0765 13588 NetBT - ok
23:47:30.0795 13588 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
23:47:30.0809 13588 Netlogon - ok
23:47:30.0885 13588 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
23:47:30.0944 13588 Netman - ok
23:47:30.0980 13588 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
23:47:31.0011 13588 netprofm - ok
23:47:31.0031 13588 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:47:31.0042 13588 NetTcpPortSharing - ok
23:47:31.0201 13588 [ EF51B405AD8ACAAE6F0231290D20F516 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
23:47:31.0393 13588 NETw5s32 - ok
23:47:31.0540 13588 [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
23:47:31.0668 13588 netw5v32 - ok
23:47:31.0731 13588 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:47:31.0744 13588 nfrd960 - ok
23:47:31.0801 13588 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
23:47:31.0841 13588 NlaSvc - ok
23:47:31.0862 13588 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:47:31.0913 13588 Npfs - ok
23:47:31.0957 13588 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
23:47:32.0001 13588 nsi - ok
23:47:32.0030 13588 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:47:32.0076 13588 nsiproxy - ok
23:47:32.0136 13588 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:47:32.0186 13588 Ntfs - ok
23:47:32.0241 13588 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
23:47:32.0286 13588 Null - ok
23:47:32.0368 13588 [ D2F4C4B22969236382CA853B8DAA2D4E ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
23:47:32.0380 13588 NVHDA - ok
23:47:32.0596 13588 [ 5CE5B23855262ACABAECCE156F48DD88 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:47:32.0938 13588 nvlddmkm - ok
23:47:32.0979 13588 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:47:32.0994 13588 nvraid - ok
23:47:33.0042 13588 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:47:33.0058 13588 nvstor - ok
23:47:33.0088 13588 [ 6DF4CC671CD9704840C5522627F3ED43 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:47:33.0103 13588 nvsvc - ok
23:47:33.0132 13588 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:47:33.0147 13588 nv_agp - ok
23:47:33.0250 13588 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:47:33.0268 13588 odserv - ok
23:47:33.0288 13588 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:47:33.0326 13588 ohci1394 - ok
23:47:33.0358 13588 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:47:33.0372 13588 ose - ok
23:47:33.0429 13588 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:47:33.0534 13588 p2pimsvc - ok
23:47:33.0607 13588 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
23:47:33.0676 13588 p2psvc - ok
23:47:33.0725 13588 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:47:33.0758 13588 Parport - ok
23:47:33.0798 13588 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:47:33.0812 13588 partmgr - ok
23:47:33.0827 13588 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
23:47:33.0860 13588 Parvdm - ok
23:47:33.0891 13588 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:47:33.0933 13588 PcaSvc - ok
23:47:33.0963 13588 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
23:47:33.0979 13588 pci - ok
23:47:34.0011 13588 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
23:47:34.0024 13588 pciide - ok
23:47:34.0054 13588 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:47:34.0070 13588 pcmcia - ok
23:47:34.0081 13588 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
23:47:34.0094 13588 pcw - ok
23:47:34.0130 13588 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:47:34.0190 13588 PEAUTH - ok
23:47:34.0258 13588 [ E27087ED87311DC130E55A63E890615D ] PL-40R C:\Windows\system32\Drivers\pl40rwdm.sys
23:47:34.0286 13588 PL-40R ( UnsignedFile.Multi.Generic ) - warning
23:47:34.0286 13588 PL-40R - detected UnsignedFile.Multi.Generic (1)
23:47:34.0355 13588 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
23:47:34.0449 13588 pla - ok
23:47:34.0531 13588 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:47:34.0590 13588 PlugPlay - ok
23:47:34.0637 13588 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:47:34.0677 13588 PNRPAutoReg - ok
23:47:34.0728 13588 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:47:34.0744 13588 PNRPsvc - ok
23:47:34.0805 13588 [ 0648C9DB881557749039CFEE5E97E1A3 ] Point32 C:\Windows\system32\DRIVERS\point32.sys
23:47:34.0817 13588 Point32 - ok
23:47:34.0851 13588 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:47:34.0906 13588 PolicyAgent - ok
23:47:34.0945 13588 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
23:47:34.0989 13588 Power - ok
23:47:35.0063 13588 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:47:35.0106 13588 PptpMiniport - ok
23:47:35.0128 13588 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:47:35.0159 13588 Processor - ok
23:47:35.0207 13588 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
23:47:35.0255 13588 ProfSvc - ok
23:47:35.0271 13588 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:47:35.0284 13588 ProtectedStorage - ok
23:47:35.0312 13588 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:47:35.0356 13588 Psched - ok
23:47:35.0428 13588 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:47:35.0481 13588 ql2300 - ok
23:47:35.0542 13588 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:47:35.0556 13588 ql40xx - ok
23:47:35.0606 13588 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
23:47:35.0659 13588 QWAVE - ok
23:47:35.0687 13588 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:47:35.0729 13588 QWAVEdrv - ok
23:47:35.0757 13588 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:47:35.0807 13588 RasAcd - ok
23:47:35.0872 13588 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:47:35.0898 13588 RasAgileVpn - ok
23:47:35.0911 13588 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
23:47:35.0941 13588 RasAuto - ok
23:47:35.0958 13588 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:47:36.0001 13588 Rasl2tp - ok
23:47:36.0040 13588 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
23:47:36.0093 13588 RasMan - ok
23:47:36.0114 13588 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:47:36.0160 13588 RasPppoe - ok
23:47:36.0184 13588 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:47:36.0233 13588 RasSstp - ok
23:47:36.0256 13588 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:47:36.0309 13588 rdbss - ok
23:47:36.0343 13588 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:47:36.0410 13588 rdpbus - ok
23:47:36.0448 13588 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:47:36.0492 13588 RDPCDD - ok
23:47:36.0528 13588 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:47:36.0569 13588 RDPENCDD - ok
23:47:36.0592 13588 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:47:36.0638 13588 RDPREFMP - ok
23:47:36.0729 13588 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:47:36.0773 13588 RdpVideoMiniport - ok
23:47:36.0802 13588 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:47:36.0854 13588 RDPWD - ok
23:47:36.0898 13588 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:47:36.0914 13588 rdyboost - ok
23:47:36.0977 13588 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
23:47:37.0028 13588 RemoteAccess - ok
23:47:37.0080 13588 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:47:37.0110 13588 RemoteRegistry - ok
23:47:37.0137 13588 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:47:37.0155 13588 RFCOMM - ok
23:47:37.0211 13588 [ A5B12A4B3B774432DB9B9FA221190E59 ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
23:47:37.0262 13588 rimmptsk - ok
23:47:37.0346 13588 [ C398BCA91216755B098679A8DA8A2300 ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
23:47:37.0389 13588 rimsptsk - ok
23:47:37.0407 13588 [ 2A2554CB24506E0A0508FC395C4A1B42 ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
23:47:37.0448 13588 rismxdp - ok
23:47:37.0495 13588 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:47:37.0547 13588 RpcEptMapper - ok
23:47:37.0596 13588 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
23:47:37.0627 13588 RpcLocator - ok
23:47:37.0657 13588 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
23:47:37.0687 13588 RpcSs - ok
23:47:37.0770 13588 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:47:37.0812 13588 rspndr - ok
23:47:37.0864 13588 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
23:47:37.0885 13588 RTL8167 - ok
23:47:37.0908 13588 [ 13E97CF38286B8A1D7605D3175DB28EE ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
23:47:37.0927 13588 RTL8169 - ok
23:47:37.0947 13588 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
23:47:37.0961 13588 SamSs - ok
23:47:38.0002 13588 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:47:38.0016 13588 sbp2port - ok
23:47:38.0064 13588 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:47:38.0126 13588 SCardSvr - ok
23:47:38.0159 13588 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:47:38.0203 13588 scfilter - ok
23:47:38.0243 13588 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
23:47:38.0310 13588 Schedule - ok
23:47:38.0341 13588 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:47:38.0366 13588 SCPolicySvc - ok
23:47:38.0390 13588 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:47:38.0427 13588 sdbus - ok
23:47:38.0467 13588 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:47:38.0489 13588 SDRSVC - ok
23:47:38.0585 13588 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:47:38.0637 13588 secdrv - ok
23:47:38.0686 13588 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
23:47:38.0737 13588 seclogon - ok
23:47:38.0762 13588 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
23:47:38.0814 13588 SENS - ok
23:47:38.0839 13588 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:47:38.0901 13588 SensrSvc - ok
23:47:38.0945 13588 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:47:38.0974 13588 Serenum - ok
23:47:39.0001 13588 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:47:39.0016 13588 Serial - ok
23:47:39.0059 13588 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:47:39.0090 13588 sermouse - ok
23:47:39.0131 13588 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
23:47:39.0176 13588 SessionEnv - ok
23:47:39.0212 13588 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:47:39.0227 13588 sffdisk - ok
23:47:39.0237 13588 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:47:39.0278 13588 sffp_mmc - ok
23:47:39.0282 13588 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:47:39.0311 13588 sffp_sd - ok
23:47:39.0358 13588 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:47:39.0394 13588 sfloppy - ok
23:47:39.0445 13588 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:47:39.0500 13588 SharedAccess - ok
23:47:39.0525 13588 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:47:39.0578 13588 ShellHWDetection - ok
23:47:39.0627 13588 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:47:39.0641 13588 sisagp - ok
23:47:39.0696 13588 [ 6F0C643C7F49F2091B01D014EAE72E1A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys
23:47:39.0733 13588 SiSGbeLH - ok
23:47:39.0752 13588 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:47:39.0765 13588 SiSRaid2 - ok
23:47:39.0776 13588 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:47:39.0790 13588 SiSRaid4 - ok
23:47:39.0874 13588 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:47:39.0888 13588 SkypeUpdate - ok
23:47:39.0914 13588 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:47:39.0963 13588 Smb - ok
23:47:40.0040 13588 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:47:40.0057 13588 SNMPTRAP - ok
23:47:40.0195 13588 [ A70F178299812DCE4CC0E802D403BE9B ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
23:47:40.0317 13588 SNP2UVC - ok
23:47:40.0361 13588 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
23:47:40.0375 13588 spldr - ok
23:47:40.0401 13588 [ 739DB668DBD812285ECC553E64A5E212 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
23:47:40.0411 13588 spmgr - ok
23:47:40.0440 13588 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
23:47:40.0490 13588 Spooler - ok
23:47:40.0584 13588 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
23:47:40.0683 13588 sppsvc - ok
23:47:40.0710 13588 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:47:40.0753 13588 sppuinotify - ok
23:47:40.0799 13588 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:47:40.0867 13588 srv - ok
23:47:40.0882 13588 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:47:40.0925 13588 srv2 - ok
23:47:40.0957 13588 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:47:40.0990 13588 srvnet - ok
23:47:41.0034 13588 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
23:47:41.0090 13588 ssadbus - ok
23:47:41.0107 13588 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
23:47:41.0137 13588 ssadmdfl - ok
23:47:41.0174 13588 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
23:47:41.0207 13588 ssadmdm - ok
23:47:41.0247 13588 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
23:47:41.0259 13588 sscdbus - ok
23:47:41.0313 13588 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
23:47:41.0323 13588 sscdmdfl - ok
23:47:41.0367 13588 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
23:47:41.0379 13588 sscdmdm - ok
23:47:41.0438 13588 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:47:41.0492 13588 SSDPSRV - ok
23:47:41.0556 13588 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:47:41.0568 13588 ssmdrv - ok
23:47:41.0579 13588 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:47:41.0630 13588 SstpSvc - ok
23:47:41.0710 13588 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:47:41.0723 13588 ssudmdm - ok
23:47:41.0783 13588 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:47:41.0797 13588 stexstor - ok
23:47:41.0835 13588 [ EDB05BD63148796F23EA78506404A538 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:47:41.0874 13588 StillCam - ok
23:47:41.0927 13588 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
23:47:41.0974 13588 StiSvc - ok
23:47:41.0998 13588 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
23:47:42.0011 13588 swenum - ok
23:47:42.0072 13588 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
23:47:42.0123 13588 swprv - ok
23:47:42.0201 13588 [ BE78198C69135EF1FA157E08FD5C90FF ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:47:42.0215 13588 SynTP - ok
23:47:42.0262 13588 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
23:47:42.0337 13588 SysMain - ok
23:47:42.0379 13588 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:47:42.0420 13588 TabletInputService - ok
23:47:42.0580 13588 [ 1FF41723B6CF6EF0D2456691B75131BB ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
23:47:42.0750 13588 TabletServicePen - ok
23:47:42.0788 13588 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
23:47:42.0841 13588 TapiSrv - ok
23:47:42.0885 13588 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
23:47:42.0930 13588 TBS - ok
23:47:42.0988 13588 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:47:43.0065 13588 Tcpip - ok
23:47:43.0121 13588 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:47:43.0151 13588 TCPIP6 - ok
23:47:43.0219 13588 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:47:43.0252 13588 tcpipreg - ok
23:47:43.0283 13588 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:47:43.0338 13588 TDPIPE - ok
23:47:43.0363 13588 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:47:43.0400 13588 TDTCP - ok
23:47:43.0431 13588 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:47:43.0476 13588 tdx - ok
23:47:43.0497 13588 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:47:43.0510 13588 TermDD - ok
23:47:43.0549 13588 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
23:47:43.0607 13588 TermService - ok
23:47:43.0678 13588 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
23:47:43.0714 13588 Themes - ok
23:47:43.0738 13588 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
23:47:43.0766 13588 THREADORDER - ok
23:47:43.0782 13588 [ A59F3BBE6BD3C20F8FFB0B62CFF54CC6 ] tifsfilter C:\Windows\system32\DRIVERS\tifsfilt.sys
23:47:43.0793 13588 tifsfilter - ok
23:47:43.0838 13588 [ C17EA46C3326A951DC3B8E883D661E0C ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
23:47:43.0854 13588 TouchServicePen - ok
23:47:43.0906 13588 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
23:47:43.0948 13588 TrkWks - ok
23:47:44.0012 13588 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:47:44.0056 13588 TrustedInstaller - ok
23:47:44.0082 13588 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:47:44.0130 13588 tssecsrv - ok
23:47:44.0198 13588 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:47:44.0256 13588 TsUsbFlt - ok
23:47:44.0297 13588 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:47:44.0341 13588 tunnel - ok
23:47:44.0393 13588 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:47:44.0407 13588 uagp35 - ok
23:47:44.0424 13588 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:47:44.0452 13588 udfs - ok
23:47:44.0504 13588 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:47:44.0534 13588 UI0Detect - ok
23:47:44.0568 13588 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:47:44.0581 13588 uliagpkx - ok
23:47:44.0619 13588 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
23:47:44.0650 13588 umbus - ok
23:47:44.0674 13588 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:47:44.0711 13588 UmPass - ok
23:47:44.0745 13588 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
23:47:44.0794 13588 upnphost - ok
23:47:44.0845 13588 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:47:44.0861 13588 usbaudio - ok
23:47:44.0886 13588 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:47:44.0929 13588 usbccgp - ok
23:47:44.0984 13588 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:47:45.0024 13588 usbcir - ok
23:47:45.0062 13588 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:47:45.0092 13588 usbehci - ok
23:47:45.0131 13588 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:47:45.0170 13588 usbhub - ok
23:47:45.0197 13588 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:47:45.0211 13588 usbohci - ok
23:47:45.0230 13588 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:47:45.0260 13588 usbprint - ok
23:47:45.0284 13588 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:47:45.0309 13588 USBSTOR - ok
23:47:45.0333 13588 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:47:45.0347 13588 usbuhci - ok
23:47:45.0382 13588 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:47:45.0400 13588 usbvideo - ok
23:47:45.0443 13588 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
23:47:45.0498 13588 usb_rndisx - ok
23:47:45.0557 13588 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
23:47:45.0604 13588 UxSms - ok
23:47:45.0631 13588 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
23:47:45.0644 13588 VaultSvc - ok
23:47:45.0668 13588 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:47:45.0682 13588 vdrvroot - ok
23:47:45.0719 13588 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
23:47:45.0768 13588 vds - ok
23:47:45.0816 13588 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:47:45.0846 13588 vga - ok
23:47:45.0866 13588 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:47:45.0918 13588 VgaSave - ok
23:47:45.0958 13588 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:47:45.0974 13588 vhdmp - ok
23:47:46.0001 13588 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:47:46.0014 13588 viaagp - ok
23:47:46.0030 13588 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
23:47:46.0046 13588 ViaC7 - ok
23:47:46.0056 13588 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
23:47:46.0068 13588 viaide - ok
23:47:46.0104 13588 [ 7140E9EA599C2E5FFCA0E783AF9EDE2E ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
23:47:46.0116 13588 vidsflt61 - ok
23:47:46.0132 13588 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:47:46.0146 13588 volmgr - ok
23:47:46.0163 13588 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:47:46.0182 13588 volmgrx - ok
23:47:46.0196 13588 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:47:46.0214 13588 volsnap - ok
23:47:46.0247 13588 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:47:46.0262 13588 vsmraid - ok
23:47:46.0307 13588 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
23:47:46.0396 13588 VSS - ok
23:47:46.0417 13588 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:47:46.0455 13588 vwifibus - ok
23:47:46.0483 13588 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:47:46.0525 13588 vwififlt - ok
23:47:46.0602 13588 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
23:47:46.0663 13588 W32Time - ok
23:47:46.0703 13588 [ 427A8BC96F16C40DF81C2D2F4EDD32DD ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
23:47:46.0713 13588 wacommousefilter - ok
23:47:46.0730 13588 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:47:46.0765 13588 WacomPen - ok
23:47:46.0803 13588 [ 846B58EA44BF8C92E4B59F4E2252C4C0 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
23:47:46.0813 13588 wacomvhid - ok
23:47:46.0833 13588 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:47:46.0859 13588 WANARP - ok
23:47:46.0863 13588 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:47:46.0889 13588 Wanarpv6 - ok
23:47:46.0960 13588 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:47:47.0020 13588 WatAdminSvc - ok
23:47:47.0053 13588 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
23:47:47.0143 13588 wbengine - ok
23:47:47.0201 13588 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:47:47.0251 13588 WbioSrvc - ok
23:47:47.0301 13588 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:47:47.0345 13588 wcncsvc - ok
23:47:47.0367 13588 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:47:47.0396 13588 WcsPlugInService - ok
23:47:47.0459 13588 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:47:47.0472 13588 Wd - ok
23:47:47.0533 13588 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:47:47.0558 13588 Wdf01000 - ok
23:47:47.0574 13588 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:47:47.0644 13588 WdiServiceHost - ok
23:47:47.0649 13588 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:47:47.0667 13588 WdiSystemHost - ok
23:47:47.0690 13588 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
23:47:47.0712 13588 WebClient - ok
23:47:47.0729 13588 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:47:47.0761 13588 Wecsvc - ok
23:47:47.0774 13588 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:47:47.0803 13588 wercplsupport - ok
23:47:47.0842 13588 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
23:47:47.0892 13588 WerSvc - ok
23:47:47.0929 13588 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:47:47.0974 13588 WfpLwf - ok
23:47:48.0024 13588 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:47:48.0091 13588 WIMMount - ok
23:47:48.0202 13588 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:47:48.0228 13588 WinDefend - ok
23:47:48.0297 13588 [ 9AE9E94531E5EF4BDDB8FEBCE3C244B7 ] WinDriver6 C:\Windows\system32\drivers\windrvr6.sys
23:47:48.0348 13588 WinDriver6 - ok
23:47:48.0351 13588 WinHttpAutoProxySvc - ok
23:47:48.0468 13588 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:47:48.0538 13588 Winmgmt - ok
23:47:48.0594 13588 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
23:47:48.0674 13588 WinRM - ok
23:47:48.0744 13588 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:47:48.0781 13588 WinUsb - ok
23:47:48.0843 13588 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:47:48.0897 13588 Wlansvc - ok
23:47:48.0992 13588 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:47:49.0053 13588 wlidsvc - ok
23:47:49.0075 13588 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:47:49.0107 13588 WmiAcpi - ok
23:47:49.0161 13588 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:47:49.0207 13588 wmiApSrv - ok
23:47:49.0277 13588 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:47:49.0326 13588 WMPNetworkSvc - ok
23:47:49.0381 13588 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:47:49.0430 13588 WPCSvc - ok
23:47:49.0451 13588 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:47:49.0484 13588 WPDBusEnum - ok
23:47:49.0567 13588 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:47:49.0594 13588 ws2ifsl - ok
23:47:49.0609 13588 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
23:47:49.0642 13588 wscsvc - ok
23:47:49.0646 13588 WSearch - ok
23:47:49.0723 13588 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:47:49.0783 13588 wuauserv - ok
23:47:49.0835 13588 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:47:49.0897 13588 WudfPf - ok
23:47:49.0933 13588 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:47:49.0948 13588 WUDFRd - ok
23:47:49.0994 13588 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:47:50.0029 13588 wudfsvc - ok
23:47:50.0075 13588 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
23:47:50.0119 13588 WwanSvc - ok
23:47:50.0178 13588 [ 4D840C6AF3C020ED3A35EFBA9025CF4A ] {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl
23:47:50.0189 13588 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796} - ok
23:47:50.0219 13588 ================ Scan global ===============================
23:47:50.0247 13588 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:47:50.0306 13588 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
23:47:50.0361 13588 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
23:47:50.0427 13588 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:47:50.0478 13588 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:47:50.0483 13588 [Global] - ok
23:47:50.0484 13588 ================ Scan MBR ==================================
23:47:50.0498 13588 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk0\DR0
23:47:50.0720 13588 \Device\Harddisk0\DR0 - ok
23:47:51.0039 13588 [ 9F146DFED5154ABC3EEF99064B90BF1F ] \Device\Harddisk1\DR1
23:47:51.0147 13588 \Device\Harddisk1\DR1 - ok
23:47:51.0149 13588 ================ Scan VBR ==================================
23:47:51.0152 13588 [ D651F33E6D28BACE625A64A80A1E44A7 ] \Device\Harddisk0\DR0\Partition1
23:47:51.0153 13588 \Device\Harddisk0\DR0\Partition1 - ok
23:47:51.0157 13588 [ C82F13F8FD1172C10CD2F15D40EE5FC9 ] \Device\Harddisk1\DR1\Partition1
23:47:51.0159 13588 \Device\Harddisk1\DR1\Partition1 - ok
23:47:51.0159 13588 ============================================================
23:47:51.0159 13588 Scan finished
23:47:51.0159 13588 ============================================================
23:47:51.0169 15916 Detected object count: 6
23:47:51.0169 15916 Actual detected object count: 6
23:48:33.0559 15916 ASLDRService ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0559 15916 ASLDRService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:48:33.0560 15916 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0560 15916 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:48:33.0561 15916 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0561 15916 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:48:33.0563 15916 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0563 15916 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:48:33.0565 15916 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0565 15916 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:48:33.0567 15916 PL-40R ( UnsignedFile.Multi.Generic ) - skipped by user
23:48:33.0567 15916 PL-40R ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
25.01.2013, 12:11
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec't unauffällig  adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.01.2013, 19:11
| #11 |
| | Fund mit Desinfec't Puhhh, das hört man als Patient doch gerne  D.h. also die einzige Malware auf meinem Rechner ist wohl "Samsung Kies"!?  War da etwas sensibilisiert - v.a. nachdem ich "ZBot" nach dem Scan gelesen hab (Obwohl ich doch das Gefühl oder vllt Hoffnung hatte dass das ein false positive ist). Bei meinem Vater auf dem Laptop war das Mistvieh Anfang der Woche nämlich tatsächlich drauf - Daten gesichert, platt gemacht und dann Linux Mint drauf... Ach genau, dazu zwei Fragen: Bei Linux reicht es idR wenn man es bzw. die Programme aktuell hält + Firewall!? Oder sollte doch auch ein Scanner eingesetzt werden? avast für Linux ist ja nur On Demand... Und: Wenn ich von einem infizierten System einen Bootstick mit einem Linux-Image mache und dann von dem Stick boote, ist dann die Gefahr da dass ich mir was einfange? Das System kann ja nicht (durch Win-Malware) befallen werden, aber wie sieht es mit dem MBR aus? Gruß Tobias achja, das Log: Code:
ATTFilter # AdwCleaner v2.108 - Datei am 25/01/2013 um 18:55:37 erstellt
# Aktualisiert am 24/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tobias - TOBIAS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\S
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gefunden : HKU\S-1-5-21-259702913-3688751258-429655623-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Wert Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v11.0 (de)
Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\wfe2godk.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1790 octets] - [25/01/2013 18:55:37]
########## EOF - C:\AdwCleaner[R1].txt - [1850 octets] ##########
|
|
26.01.2013, 19:31
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec'tZitat:
Im Moment gibt es nurnicht so eine Schädlingsvielfalt wie für Windows, daher gelten allgemeine Sicherheitsmaßnahmen für JEDES Betriebssystem! Im Moment halte ich einen Virenscanner für Linux aber für überflüssig, wenn würde wohl eh nur Windows-Schädlinge finden,... adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 20:41
| #13 |
| | Fund mit Desinfec't Hallo cosinus, sorry für die spätere Anwort - bin seit Samstag nicht mehr an den Rechner gekommen... Ich weiss das Linux nicht grundsätzlich sicher ist, daher auch die Frage ob neben Updates auch Scanner und weitere Massnahmen notwendig sind. Bugs und damit Sicherheitslücken gibt es ja grundsätzlich in jeder Software (und im embedded Bereich ist das sogar mein Job...). Aber zum Glück ist Linux halt weniger im Blickfeld der Schädlingsprogrammierer!? Hier die Logs: AdwCleaner[S1].txt: Code:
ATTFilter # AdwCleaner v2.109 - Datei am 29/01/2013 um 20:06:19 erstellt
# Aktualisiert am 26/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : Tobias - TOBIAS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobias\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run []
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v11.0 (de)
Datei : C:\Users\Tobias\AppData\Roaming\Mozilla\Firefox\Profiles\wfe2godk.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v24.0.1312.56
Datei : C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [1919 octets] - [25/01/2013 18:55:37]
AdwCleaner[S1].txt - [1833 octets] - [29/01/2013 20:06:19]
########## EOF - C:\AdwCleaner[S1].txt - [1893 octets] ##########
Code:
ATTFilter OTL logfile created on: 29.01.2013 20:16:04 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 52,90% Memory free 6,00 Gb Paging File | 4,23 Gb Available in Paging File | 70,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 201,63 Gb Total Space | 41,27 Gb Free Space | 20,47% Space Free | Partition Type: NTFS Drive D: | 232,88 Gb Total Space | 231,13 Gb Free Space | 99,25% Space Free | Partition Type: NTFS Drive R: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive S: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive T: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive U: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive V: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive W: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive X: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive Y: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Drive Z: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobias\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.) PRC - C:\Programme\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Tobias\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Sticky-Notes\stickynotes.exe () PRC - C:\Programme\Bamboo Dock\BambooCore.exe () PRC - C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) PRC - C:\Programme\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.) PRC - C:\Programme\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.) PRC - C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\Programme\Brother\Brmfcmon\BrMfimon.exe (Brother Industries, Ltd.) PRC - C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.) PRC - C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Programme\P4G\BatteryLife.exe (ATK) PRC - C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Programme\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Programme\ASUS\ASUS CopyProtect\ASPG.exe (ASUS) PRC - C:\Programme\ASUS\SmartLogon\sensorsrv.exe (ASUS) PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) PRC - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.) PRC - C:\Programme\ASUS\Splendid\ACMON.exe (ATK) PRC - C:\Programme\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) PRC - C:\Programme\P4P\P4P.exe () PRC - C:\Programme\ASUS\ATK Hotkey\WDC.exe () PRC - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe () PRC - C:\Programme\ASUS\ASUS Live Update\ALU.exe () PRC - C:\Programme\ASUS\ATK Hotkey\MsgTranAgt.exe () PRC - C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe () PRC - C:\Programme\ASUS\ATK Hotkey\KBFiltr.exe () PRC - C:\Programme\ATKGFNEX\GFNEXSrv.exe () PRC - C:\Programme\ASUS\NB Probe\SPM\spmgr.exe () PRC - C:\Programme\ChkMail\ChkMail\ChkMail.exe (ChkMail) PRC - C:\Programme\Wireless Console 2\wcourier.exe () PRC - C:\Windows\System32\ACEngSvr.exe (ASUSTeK) ========== Modules (No Company Name) ========== MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Programme\Sticky-Notes\stickynotes.exe () MOD - C:\Programme\Bamboo Dock\BambooCore.exe () MOD - C:\Programme\Tablet\Pen\libxml2.dll () MOD - C:\Programme\Notepad++\NppShell_04.dll () MOD - C:\Programme\Common Files\LightScribe\QtGui4.dll () MOD - C:\Programme\Common Files\LightScribe\QtCore4.dll () MOD - C:\Programme\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll () MOD - C:\Programme\IDM Computer Solutions\UltraEdit\ue32ctmn.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMediaLibrary.dll () MOD - C:\Programme\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvcPS.dll () MOD - C:\Programme\P4P\P4P.exe () MOD - C:\Programme\ASUS\ATK Hotkey\HControlUser.exe () MOD - C:\Programme\ASUS\ASUS Live Update\ALU.exe () MOD - C:\Programme\ASUS\ATK Hotkey\MsgTran.dll () ========== Services (SafeList) ========== SRV - (Adobe Licensing Console) -- C:\Windows\SysWOW64\adbcnsl.exe File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (BingDesktopUpdate) -- C:\Programme\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation) SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (ASLDRService) -- C:\Programme\ASUS\ATK Hotkey\AsLdrSrv.exe () SRV - (ATKGFNEXSrv) -- C:\Programme\ATKGFNEX\GFNEXSrv.exe () SRV - (spmgr) -- C:\Programme\ASUS\NB Probe\SPM\spmgr.exe () SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (dc3d) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation) DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (vidsflt61) -- C:\Windows\System32\drivers\vsflt61.sys (Acronis) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH) DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation) DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation) DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation) DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology) DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (WinDriver6) -- C:\Windows\System32\drivers\windrvr6.sys (Jungo) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek ) DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation) DRV - (tifsfilter) -- C:\Windows\System32\drivers\tifsfilt.sys (Acronis) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp) DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.) DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.) DRV - (hxctlflt) -- C:\Windows\System32\drivers\hxctlflt.sys (Guillemot Corporation) DRV - (Ext2fs) -- C:\Windows\System32\drivers\ext2fs.sys (Stephan Schreiber) DRV - (IfsMount) -- C:\Windows\System32\drivers\ifsmount.sys (Stephan Schreiber) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (lullaby) -- C:\Windows\System32\drivers\lullaby.sys (Windows (R) Codename Longhorn DDK provider) DRV - ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796}) -- C:\Programme\ASUS\AI TouchMedia\PlayMovie\000.fcl (Cyberlink Corp.) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (itecir) -- C:\Windows\System32\drivers\itecir.sys (ITE Tech. Inc. ) DRV - (ghaio) -- C:\Programme\ASUS\NB Probe\SPM\ghaio.sys () DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (acehlp10) -- C:\Windows\System32\drivers\acehlp10.sys (Protect Software GmbH) DRV - (acedrv10) -- C:\Windows\System32\drivers\ACEDRV10.sys (Protect Software GmbH) DRV - (ASMMAP) -- C:\Programme\ATKGFNEX\ASMMAP.sys () DRV - (ATSWPDRV) -- C:\Windows\System32\drivers\atswpdrv.sys (AuthenTec, Inc.) DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LITEON) DRV - (Ltn_stkrc) -- C:\Windows\System32\drivers\Ltn_stkrc.sys (LITEON) DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-259702913-3688751258-429655623-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: firebug@software.joehewitt.com:1.9.2 FF - prefs.js..extensions.enabledAddons: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.8 FF - prefs.js..extensions.enabledAddons: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:1.11 FF - prefs.js..extensions.enabledAddons: firefox@facebook.com:1.8.2 FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: firefox@facebook.com:1.6 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.7.3 FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..extensions.enabledItems: {FCAB6FDD-5585-425b-95C1-5ED856F3FD08}:6.4 FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8312 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.04.06 23:16:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.13 18:15:10 | 000,000,000 | ---D | M] [2010.01.18 00:54:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Extensions [2012.07.24 15:58:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions [2010.07.01 21:40:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.09.21 19:49:22 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.06.29 21:26:07 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2012.06.18 23:14:23 | 000,000,000 | ---D | M] (Sothink Web Video Downloader for Firefox) -- C:\Users\Tobias\AppData\Roaming\mozilla\Firefox\Profiles\wfe2godk.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08} [2012.06.05 18:54:23 | 001,335,949 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\wfe2godk.default\extensions\firebug@software.joehewitt.com.xpi [2012.07.24 15:58:19 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\wfe2godk.default\extensions\firefox@facebook.com.xpi [2012.09.03 19:03:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.03.18 15:23:44 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.09.03 19:03:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.04.06 23:16:45 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll [2012.04.06 23:16:43 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.04.06 23:16:43 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.04.06 23:16:43 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.04.06 23:16:43 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.06 23:16:43 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.06 23:16:43 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\24.0.1312.56\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: Cloud Reader = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjnkloegafmkhgpjglcbldhaokjpandj\1.0.0.0_0\ CHR - Extension: YouTube = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Flash Video Downloader = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggkfikfcbnpfoicfjammigpnakpogebh\2.2.5_0\ CHR - Extension: JDownloader Integration for Google Chrome\u2122 = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\laeghehalempfenbefbjbhccjcoakpmm\1.2.3_0\ CHR - Extension: Google Mail = C:\Users\Tobias\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll () O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Facebook Toolbar) - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - C:\Programme\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-259702913-3688751258-429655623-1000\..\Toolbar\WebBrowser: (Facebook Toolbar) - {A823A630-78C6-4637-AF80-AEDCA5BB74C1} - C:\Programme\Facebook\Facebook IE Toolbar\FBIEToolbar.dll (Facebook) O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe () O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS) O4 - HKLM..\Run: [ATKMEDIA] C:\Programme\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Programme\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [BingDesktop] C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.) O4 - HKLM..\Run: [ChkMail] C:\Programme\ChkMail\ChkMail\ChkMail.exe (ChkMail) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [HControlUser] C:\Programme\ASUS\ATK Hotkey\HControlUser.exe () O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) O4 - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [PCMAgent] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe () O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found O4 - HKLM..\Run: [Smart File Advisor] C:\Program Files\Smart File Advisor\sfa.exe (Filefacts.net) O4 - HKLM..\Run: [TrayServer] C:\Programme\MAGIX\Video_deluxe_2008_PLUS\Trayserver.exe (MAGIX AG) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [PMCRemote] File not found O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [SansaDispatch] C:\Users\Tobias\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation) O4 - HKU\S-1-5-21-259702913-3688751258-429655623-1000..\Run: [Sticky-Notes] C:\Programme\Sticky-Notes\stickynotes.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobias\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JDownloader.lnk = C:\Programme\JDownloader\JDownloaderPortable.exe (AppWork GmbH) O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.) O4 - Startup: C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm () O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm () O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm () O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Tobias\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm () O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm () O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Programme\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B0474A72-6415-4E2E-9E62-FF3AC2718995}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE063549-4DB6-4E78-B444-441FE286580C}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D11713BB-1570-490E-945D-2DE60B1CB154}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O24 - Desktop WallPaper: O24 - Desktop BackupWallPaper: O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.24 23:20:44 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tobias\Desktop\tdsskiller.exe [2013.01.24 23:18:21 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Tobias\Desktop\aswMBR.exe [2013.01.22 20:11:33 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe [2013.01.22 19:39:29 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Malwarebytes [2013.01.22 19:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.22 19:38:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.22 19:38:50 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.22 19:38:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.01.22 19:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\Programs [2013.01.21 23:01:11 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.01.21 23:01:11 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.01.21 23:01:11 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.01.21 19:00:42 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Local\ShamurShamur [2013.01.20 20:37:36 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator [2013.01.20 20:37:35 | 000,000,000 | ---D | C] -- C:\Program Files\LinuxLive USB Creator [2013.01.09 20:26:47 | 000,000,000 | ---D | C] -- C:\Users\Tobias\Desktop\mbar [2013.01.09 18:50:08 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 18:49:32 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe [2013.01.09 18:49:32 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.01.09 18:49:31 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll [2013.01.09 18:49:31 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll [2013.01.09 18:49:31 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll [2013.01.09 18:49:31 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll [2013.01.09 18:49:30 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll [2013.01.09 18:49:30 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll [2013.01.09 18:49:10 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\System32\fpb.rs [2013.01.09 18:49:10 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc-nz.rs [2013.01.09 18:49:10 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\System32\pegibbfc.rs [2013.01.09 18:49:10 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\System32\csrr.rs [2013.01.09 18:49:10 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\System32\cob-au.rs [2013.01.09 18:49:10 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\System32\djctq.rs [2013.01.09 18:49:09 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll [2013.01.09 18:49:09 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll [2013.01.09 18:49:09 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\System32\usk.rs [2013.01.09 18:49:09 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\System32\grb.rs [2013.01.09 18:49:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-pt.rs [2013.01.09 18:49:09 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi.rs [2013.01.09 18:49:08 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\System32\cero.rs [2013.01.09 18:49:08 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\System32\esrb.rs [2013.01.09 18:49:08 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\System32\oflc.rs [2013.01.09 18:49:08 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\System32\pegi-fi.rs [2013.01.09 18:49:02 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.09 18:49:01 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe [2013.01.04 17:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC_DIMMER2012 [2013.01.04 17:14:54 | 000,000,000 | ---D | C] -- C:\Program Files\PHOENIXstudios [2013.01.04 17:09:51 | 000,000,000 | ---D | C] -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DMXControl [2013.01.04 17:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\DMXControl [2013.01.03 17:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.29 20:17:51 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.29 20:17:51 | 000,011,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.29 20:11:47 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2013.01.29 20:10:02 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe [2013.01.29 20:09:52 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.29 20:09:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.29 20:09:41 | 2415,218,688 | -HS- | M] () -- C:\hiberfil.sys [2013.01.29 20:05:37 | 000,580,235 | ---- | M] () -- C:\Users\Tobias\Desktop\adwcleaner.exe [2013.01.29 20:05:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.29 19:38:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.27 21:28:26 | 000,001,019 | ---- | M] () -- C:\Users\Tobias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.01.27 21:28:17 | 000,000,989 | ---- | M] () -- C:\Users\Tobias\Desktop\Dropbox.lnk [2013.01.25 23:59:02 | 000,654,260 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.25 23:59:02 | 000,616,102 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.25 23:59:02 | 000,130,100 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.25 23:59:02 | 000,106,482 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.24 23:45:44 | 000,000,512 | ---- | M] () -- C:\Users\Tobias\Desktop\MBR.dat [2013.01.24 23:20:50 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tobias\Desktop\tdsskiller.exe [2013.01.24 23:19:31 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Tobias\Desktop\aswMBR.exe [2013.01.24 20:03:20 | 013,462,931 | ---- | M] () -- C:\Users\Tobias\Desktop\mbar-1.01.0.1016.zip [2013.01.22 20:15:46 | 000,000,000 | ---- | M] () -- C:\Users\Tobias\defogger_reenable [2013.01.22 20:14:35 | 000,739,953 | ---- | M] () -- C:\Users\Tobias\Desktop\Trojaner-Board.pdf [2013.01.22 20:12:33 | 000,365,568 | ---- | M] () -- C:\Users\Tobias\Desktop\gmer-2.0.18444.exe [2013.01.22 20:11:42 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tobias\Desktop\OTL.exe [2013.01.22 20:10:29 | 000,050,477 | ---- | M] () -- C:\Users\Tobias\Desktop\Defogger (1).exe [2013.01.21 23:09:32 | 000,007,602 | ---- | M] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg [2013.01.12 03:30:20 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.01.12 03:26:16 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.01.12 03:24:49 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.01.10 22:37:47 | 000,025,600 | ---- | M] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.01.10 19:38:21 | 000,563,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.08 23:05:27 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.08 23:05:27 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.01.04 17:14:54 | 097,416,858 | ---- | M] ( ) -- C:\Users\Tobias\Desktop\3D_EasyView_Magic2012.exe [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.29 20:05:30 | 000,580,235 | ---- | C] () -- C:\Users\Tobias\Desktop\adwcleaner.exe [2013.01.24 23:45:44 | 000,000,512 | ---- | C] () -- C:\Users\Tobias\Desktop\MBR.dat [2013.01.24 20:02:58 | 013,462,931 | ---- | C] () -- C:\Users\Tobias\Desktop\mbar-1.01.0.1016.zip [2013.01.22 20:15:46 | 000,000,000 | ---- | C] () -- C:\Users\Tobias\defogger_reenable [2013.01.22 20:14:35 | 000,739,953 | ---- | C] () -- C:\Users\Tobias\Desktop\Trojaner-Board.pdf [2013.01.22 20:12:29 | 000,365,568 | ---- | C] () -- C:\Users\Tobias\Desktop\gmer-2.0.18444.exe [2013.01.22 20:10:17 | 000,050,477 | ---- | C] () -- C:\Users\Tobias\Desktop\Defogger (1).exe [2013.01.04 17:12:24 | 097,416,858 | ---- | C] ( ) -- C:\Users\Tobias\Desktop\3D_EasyView_Magic2012.exe [2012.12.27 13:22:07 | 000,000,600 | ---- | C] () -- C:\Users\Tobias\AppData\Local\PUTTY.RND [2012.08.09 12:03:19 | 000,000,100 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [2012.05.21 00:09:00 | 000,001,421 | ---- | C] () -- C:\Users\Tobias\.recently-used.xbel [2012.03.22 18:01:32 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012.03.15 06:40:28 | 004,826,112 | ---- | C] () -- C:\Windows\System32\x264vfw.dll [2012.03.13 23:29:45 | 000,000,604 | -H-- | C] () -- C:\Program Files\_Z2 [2012.03.11 10:54:25 | 000,002,892 | ---- | C] () -- C:\Windows\System32\audcon.sys [2012.03.11 10:49:27 | 000,000,045 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe.cfg [2012.03.11 10:49:24 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SYNSOPOS.exe [2012.02.17 23:36:02 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg [2012.02.17 23:36:00 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf [2012.01.31 00:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.01.31 00:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.01.31 00:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.01.31 00:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.01.31 00:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.01.09 19:45:18 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2011.12.23 17:39:57 | 000,025,600 | ---- | C] () -- C:\Users\Tobias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.07 19:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011.05.29 15:50:27 | 000,000,604 | -H-- | C] () -- C:\Program Files\STLL Notifier [2010.10.20 23:15:07 | 000,007,602 | ---- | C] () -- C:\Users\Tobias\AppData\Local\Resmon.ResmonCfg [2010.09.20 22:49:55 | 000,002,394 | ---- | C] () -- C:\Users\Tobias\gdbtk.ini [2010.04.27 21:44:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.12.08 22:49:47 | 000,001,074 | RH-- | C] () -- C:\Users\Tobias\XrxWm.ini [2009.12.08 22:49:47 | 000,000,522 | RH-- | C] () -- C:\Users\Tobias\xw45cpdy.dyc [2008.07.02 03:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll [2008.05.22 17:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 29.01.2013 20:16:05 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobias\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,59 Gb Available Physical Memory | 52,90% Memory free
6,00 Gb Paging File | 4,23 Gb Available in Paging File | 70,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 201,63 Gb Total Space | 41,27 Gb Free Space | 20,47% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 231,13 Gb Free Space | 99,25% Space Free | Partition Type: NTFS
Drive R: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive S: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive T: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive U: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive V: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive W: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive X: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 667,30 Gb Free Space | 36,48% Space Free | Partition Type: NTFS
Computer Name: TOBIAS-PC | User Name: Tobias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Program Files\Smart File Advisor\sfa.exe" /unknown "%1" (Filefacts.net)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{041D5D88-C997-4CA0-8DF8-DAA5C4A7EFB3}" = rport=138 | protocol=17 | dir=out | app=system |
"{05EA55FD-3F57-4557-92A6-C8C37F6D26E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{075E14AF-6E7E-4A97-B14B-5861836C8CC1}" = lport=137 | protocol=17 | dir=in | app=system |
"{167FCF4D-98D3-45E5-A5C1-76105AC25ECD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1A6D4705-9EFB-462F-AF85-2882A0051BFD}" = lport=138 | protocol=17 | dir=in | app=system |
"{1AB71EC8-F5AA-4918-B145-9FE6A2967DFD}" = rport=137 | protocol=17 | dir=out | app=system |
"{1D585706-CF65-487C-AD38-54D6D81D3258}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{35B2C03F-DEE0-4591-910A-3B095B22286E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3A540D2B-1539-4448-B225-8DB9CD92A6BD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41E4C983-682A-448E-A2B6-09C962FFE417}" = lport=445 | protocol=6 | dir=in | app=system |
"{6B59A0CF-C8F1-4B8C-8BD6-468196FE533B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{73DFB28F-0308-48C6-99F1-895FCA1050B4}" = lport=139 | protocol=6 | dir=in | app=system |
"{8ABC23E1-6EA8-4D4D-BB90-3E74C3543F36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{97F314CD-4284-43F1-A115-2DFF0A5C5DB8}" = rport=445 | protocol=6 | dir=out | app=system |
"{A661846E-B9D1-4937-B7ED-5504D2896FED}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A69B0BA1-8CA3-4192-AF3B-9AFE67AC6588}" = rport=139 | protocol=6 | dir=out | app=system |
"{BF7801F5-3E23-4C70-82D5-0CF8E6B852DB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DC8EAE96-26BD-42C9-A0E9-DFD0369A6E7E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{DEF86D45-19A9-4F08-93E4-9E0D9BA2463B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F456DB7E-9881-48EF-9589-33548AB24F8A}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001DC434-2B3C-46EE-A096-60DDFD431661}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dmp\clbrowserengine.exe |
"{027AD91A-561E-4ED4-82BB-862255AE2BBC}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs841d.tmp\symnrt.exe |
"{03A06FC4-A9BE-420D-969D-0DD1F9156ED3}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"{041296C8-1713-4AD7-BADF-4035F197737E}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\pmvservice.exe |
"{06C6EB43-B0F9-42E2-B962-B478E7B92A8E}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{0FD37392-F7EE-4911-9DE4-389CF3753760}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs53ab.tmp\symnrt.exe |
"{14B801E3-DB30-4FE7-BB11-BACE7456A7B1}" = protocol=6 | dir=in | app=c:\program files\dsassistant\dsassistant.exe |
"{1AD538F3-57C5-4E60-9B40-FF0C6E1814C0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{1FBD86A1-2519-460A-8449-FCC7731D916A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2157E135-909A-4251-BA7E-E0E03087B5A3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{267096AE-E838-4FE2-9BA9-8A8F7B2BAD38}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"{2B1BC6CE-3E15-4FED-915D-A4FA41F6C6E0}" = protocol=6 | dir=in | app=c:\program files\brother\bradmin light\bradmlight.exe |
"{3297E1CB-BE30-4F70-8E12-18B73B81FCA3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3434F06C-BA03-4A6E-809D-7B92FE8491C4}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{3EE263E2-3748-4750-8A33-619E65C18131}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\pcmservice.exe |
"{464C5C8A-911E-4647-8A21-61270BEAE1EF}" = protocol=17 | dir=in | app=c:\program files\cryptload\routerclient.exe |
"{47EC9367-D851-45CB-98C4-0D24AFB2D73D}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\powercinema.exe |
"{4B34A982-1E1F-403A-81B2-F2762987CDDF}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{4B950325-2AAB-4799-B914-45D8770DFF6E}" = protocol=17 | dir=in | app=c:\program files\dsassistant\dsassistant.exe |
"{53C77473-41F1-41B2-B0A8-C3706E125865}" = protocol=17 | dir=in | app=c:\program files\brother\bradmin light\bradmlight.exe |
"{54C4CE4B-DA0F-4267-8994-6B7B247AED44}" = protocol=17 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs53ab.tmp\symnrt.exe |
"{6B6B7E6C-F450-4F50-A7F0-63EB366DC4DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{709CFEBA-60A4-44A9-B05D-531732082254}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DD13723-C2FD-4D6D-893B-A61AA421E4C0}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl08x\faxrx.exe |
"{8574415D-0F40-4050-A4DD-38554E15B024}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{944AEE65-B022-4A13-B7AD-B75CF3F91781}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9EE10F96-265E-4506-8B4E-5C7BEE2B3F14}" = protocol=6 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe |
"{A6F5B685-EF5A-40C7-AC33-A8E7F625F51E}" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{A984EB10-111A-4FBD-90F1-E42BCA1077F8}" = protocol=17 | dir=in | app=c:\program files\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe |
"{A98FA8E4-D8EC-474D-BAF1-898D08894D2F}" = protocol=6 | dir=in | app=c:\program files\dvdvideosoft\free youtube to mp3 converter\freeyoutubetomp3converter.exe |
"{B0498284-6002-4120-B675-B60CB0687B1C}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{B0817CA5-B8BA-4F8F-9C56-2BBD3B2421A5}" = protocol=6 | dir=in | app=c:\program files\cryptload\routerclient.exe |
"{B18E4059-9D7E-46DA-A07E-6AD932D4F1E3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B1F7DF12-1376-4FD4-9948-F4C56118467B}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08x\faxrx.exe |
"{B84213F3-084D-42B3-9858-FED962273DB9}" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"{BA4F3654-8228-480F-AB04-CDC6DBC94378}" = protocol=6 | dir=in | app=c:\users\tobias\appdata\local\temp\7zs841d.tmp\symnrt.exe |
"{BDFBC1D9-F45F-47B7-818D-3825F4D7D188}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BF356723-77C8-4C9B-8C9E-997E6E42B9C4}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\playmovie.exe |
"{C4DB1A66-0AE9-4BBE-BAD4-77626A1A6802}" = protocol=17 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe |
"{D657F87D-0D78-47FE-B43B-75AB60B4BF12}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DC876067-210F-4051-A80D-411EBECFB11E}" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{E8A1E66D-A3CD-46D1-9415-75928EDFBAE0}" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"{EBAD3B8C-4AFC-42DA-9A6B-1BD9205A7845}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"{F36901D2-DF05-4C17-9BA6-CDB1A35E0875}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"{F819AD12-A82F-40E2-B58D-B3DC6755C750}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl08b\faxrx.exe |
"{FCE89D9E-ADE0-4CE5-8FD7-1D9C3A3B440F}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dms\clmsservice.exe |
"TCP Query User{02E5CF71-C41C-4ECA-B5B3-10AF059033FA}C:\program files\filezilla ftp client\filezilla.exe" = protocol=6 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"TCP Query User{0B70DF58-484E-4AFE-8420-8AB871D01486}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{11E5D607-3B76-4FD7-A5CA-33D9D6200B3D}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{196BA8AF-88C2-4288-A3F9-AC9A3070DBAE}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{1B96BECF-A1C7-47FF-8FCD-240EA3F4F8FF}C:\program files\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"TCP Query User{2A010DDD-89D0-441E-8DD1-875E3A2DA97C}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{3497DCFE-1A0E-4F57-B655-15F5FB47D4CE}C:\users\tobias\downloads\cryptload\cryptload.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\cryptload\cryptload.exe |
"TCP Query User{38A2CE76-CAE4-4E13-88C3-22920DEADA61}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{5A59D56C-D2F9-43B1-AA1E-4988AB974680}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe |
"TCP Query User{6565FA87-4127-4872-949A-8E91E653495B}C:\program files\cryptload\routerclient.exe" = protocol=6 | dir=in | app=c:\program files\cryptload\routerclient.exe |
"TCP Query User{8FAAAF21-882C-4650-B26F-8FF86F032C20}C:\program files\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"TCP Query User{9CBDC362-0863-479A-84BD-916D334A5B1D}C:\program files\multiwindow\multiwindow.exe" = protocol=6 | dir=in | app=c:\program files\multiwindow\multiwindow.exe |
"TCP Query User{A8259058-A0CB-4423-9035-1D3A19D5EB86}C:\program files\sticky-notes\stickynotes.exe" = protocol=6 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe |
"TCP Query User{B59EE160-C91F-4A70-946E-06EB18347EF6}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{BA2B682D-B0D7-40D5-A623-CE91521C1623}C:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe |
"TCP Query User{C574EDD3-0285-41A5-BB13-66861515C45E}C:\program files\multiwindow\avtranserver.exe" = protocol=6 | dir=in | app=c:\program files\multiwindow\avtranserver.exe |
"TCP Query User{C86812B2-37A4-45F9-8725-1F1566D07BE5}E:\search ip camera\search ip camera.exe" = protocol=6 | dir=in | app=e:\search ip camera\search ip camera.exe |
"TCP Query User{DCE7BE67-43B3-4659-A82C-2F13DE3EA541}C:\program files\dsassistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files\dsassistant\dsassistant.exe |
"TCP Query User{E732BEB4-139B-44D3-8F23-F09B9B2ECEFD}C:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe" = protocol=6 | dir=in | app=c:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe |
"TCP Query User{EF5AA883-BA6A-40BC-9F86-2DA7AB7CF9FC}C:\program files\cryptload\cryptload.exe" = protocol=6 | dir=in | app=c:\program files\cryptload\cryptload.exe |
"UDP Query User{19B5DF98-1B3F-41AD-A09C-9E10BA0AC482}C:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\ps2clientloader_v131\ps2client.exe |
"UDP Query User{1A4E05F5-077E-4D32-B06D-61F7F07783EB}C:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobias\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{492804F1-3798-472F-AFE4-851385ACA356}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{79284106-BA4F-49E7-97ED-2ADC9BEE2689}C:\users\tobias\downloads\cryptload\cryptload.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\cryptload\cryptload.exe |
"UDP Query User{7A165089-2F40-414B-853D-E09A9A50F814}C:\program files\multiwindow\avtranserver.exe" = protocol=17 | dir=in | app=c:\program files\multiwindow\avtranserver.exe |
"UDP Query User{8C16EA2E-9841-41FF-BA8A-2F29B6632B0D}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{8DE66ECF-3078-4090-8BD4-AD97B2E3E86D}C:\program files\cryptload\cryptload.exe" = protocol=17 | dir=in | app=c:\program files\cryptload\cryptload.exe |
"UDP Query User{998392C6-B973-49AD-AB78-DA15404B2EC7}C:\program files\filezilla ftp client\filezilla.exe" = protocol=17 | dir=in | app=c:\program files\filezilla ftp client\filezilla.exe |
"UDP Query User{BF9C4824-C75C-4D3B-9799-FD795A4224D7}C:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe" = protocol=17 | dir=in | app=c:\users\tobias\downloads\dsassistant_1920\win\dsassistant.exe |
"UDP Query User{C43C5D0B-E5E1-4348-810E-E0902A04AA33}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{C74F4127-7557-41FB-A3E2-F1CC18135741}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe |
"UDP Query User{CF0692D3-2A10-4712-BFEE-F2844DE96B41}C:\program files\multiwindow\multiwindow.exe" = protocol=17 | dir=in | app=c:\program files\multiwindow\multiwindow.exe |
"UDP Query User{CF140235-50A3-4983-B568-0B21AF5F5D12}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{D4C27B0D-FB0E-4041-BE42-5C41070D6719}C:\program files\cryptload\routerclient.exe" = protocol=17 | dir=in | app=c:\program files\cryptload\routerclient.exe |
"UDP Query User{D5ACF0E9-1EBB-48C2-8CD1-9284A98100D0}C:\program files\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\program files\eclipse\eclipse.exe |
"UDP Query User{E3B650EB-15C9-4F85-9709-5C9C31A5433C}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{E53BD75B-6D9E-43D4-A938-B3EC88B6BF11}E:\search ip camera\search ip camera.exe" = protocol=17 | dir=in | app=e:\search ip camera\search ip camera.exe |
"UDP Query User{ED5ABBDF-9E63-4513-ADA6-AB36438F22C2}C:\program files\dsassistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files\dsassistant\dsassistant.exe |
"UDP Query User{EF1B7836-1092-4A4B-BA52-B7C388FDB6AC}C:\program files\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=c:\program files\totalcmd\totalcmd.exe |
"UDP Query User{FC868967-5CE8-45BA-A87A-57D35A4619F2}C:\program files\sticky-notes\stickynotes.exe" = protocol=17 | dir=in | app=c:\program files\sticky-notes\stickynotes.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03534DA5-2F88-4B8E-A978-849B979E1B8F}" = TuxGuitar
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{10A44844-4465-456E-8C97-80BDD4F68845}" = Windows Live ID-Anmelde-Assistent
"{1224ba19-1460-4da6-8c6a-81eb54c28202}" = Nero 9
"{1296CAF3-F007-4813-A95F-AD153F978DF1}" = AVRStudio4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 11
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3A608351-5980-4A47-AE08-3742C55B4016}" = Windows Live Family Safety
"{3AF8C37F-696E-871C-0851-CDE980FD665E}" = Bamboo Dock
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D4967F6-6CB6-4F43-B623-E8273A0A2E2B}" = SmartScore X Professional Edition
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}" = Brother MFL-Pro Suite MFC-490CW
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{580EC579-E476-469F-9EBF-F82D696FC67A}" = iClone SE
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{63CFD835-FF50-4F8B-91CD-5662A8C640F8}" = Photo Transport
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}" = Command & Conquer The First Decade
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DDEEB4-CBF4-4B4C-8366-07E8CC03692B}" = Acronis*True*Image*Home 2012
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}" = Bing-Desktop
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{84374A47-1DF5-4013-90D4-1288819869B1}" = Microsoft-Maus- und Tastatur-Center
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A3810BEE-967B-41DC-9662-F941A3F7D689}" = calibre
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC94B85D-500D-4B98-ADE5-3E391934BB0A}" = UltraCompare v6.40
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4C89330-0416-4B4A-93C1-E577D208D805}" = Sticky-Notes
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9DB8FA6-EDB8-40F2-8B28-53A6B991DE84}" = Anvil Studio 2011
"{BA722179-62EA-4090-923D-D324CE1A691D}}_is1" = Helium Music Manager 8.6.3
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC2422C9-F7B5-4175-B295-5EC2283AA674}" = Command & Conquer™ 3: Kanes Rache
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{CF45002F-2205-4116-BB51-2D015F436CAC}" = Steinberg HALion Sonic SE Content for Cubase LE AI Elements
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3873CF8-9608-402B-88AD-D73B5FFAAED8}" = capella 7
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{D9461574-5FC0-4641-BBDC-D1038B196F55}" = Brother MFL-Pro Suite MFC-490CW
"{DB75941E-30C4-4D97-B000-D17C764B998C}" = Brother BRAdmin Light 1.18.0001
"{DBF4BC99-53F1-4C97-84C3-7557D103E182}" = Steinberg Groove Agent ONE Vintage Beatboxes
"{DC35EF73-C7BD-4452-A793-4269990E1EA3}" = Windows Live Movie Maker-Betaversion
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}" = AVR Jungo USB
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EE55714B-B67C-4D08-97AE-0CF4AC5A3A77}" = StuffIt Expander 2010
"{EF69ACEE-F360-4E14-842C-91668C71946F}" = Facebook IE Toolbar
"{EF7800A8-575E-4776-95A5-A9D904A85D5F}" = Steinberg HALion Sonic SE
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F22F31CA-C27E-402D-9297-CE365DFC1A9C}" = UltraEdit 15.20
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FBE64702-E893-4D55-BA5C-514AAF11CCC4}" = Sibelius 7 OpenType Fonts
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"2EC52F3EE2336A439A608256B0D2A7E3D1DB739C" = Windows Driver Package - CASIO COMPUTER CO.,LTD. (PL-40R) MEDIA (10/01/2004 1.00.00.0003)
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"ARIA Engine_is1" = ARIA Engine v1.0.9.8
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Bamboo Dock" = Bamboo Dock
"Canon RAW Codec" = Canon RAW Codec
"DarkWave Studio" = DarkWave Studio 3.8.7
"Deckadance" = Deckadance
"Denemo" = Denemo
"Direct MIDI to MP3 Converter_is1" = Direct MIDI to MP3 Converter Version 6.2.2.46
"DirectWave" = DirectWave
"DMXControl" = DMXControl 2.12
"DPP" = Canon Utilities Digital Photo Professional 3.6
"Drumaxx" = Drumaxx
"Duplicate Cleaner" = Duplicate Cleaner 2.1b
"DX10" = DX10
"EAGLE 5.10.0" = EAGLE 5.10.0
"EAGLE 6.1.0" = EAGLE 6.1.0
"Edison" = Edison
"eLicenser Control" = eLicenser Control
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Utility" = Canon Utilities EOS Utility
"Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008
"FileZilla Client" = FileZilla Client 3.2.8.1
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"FL Studio 10" = FL Studio 10
"Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.5
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Download Manager_is1" = Free Download Manager 3.0
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"GPL Ghostscript" = GPL Ghostscript
"GPL Ghostscript 8.70" = GPL Ghostscript 8.70
"Guitar Pro 5_is1" = Guitar Pro 5.0
"Hardcore" = Hardcore
"IL Autogun" = IL Autogun
"IL Download Manager" = IL Download Manager
"IL DrumSynth Live" = IL DrumSynth Live
"IL Gross Beat" = IL Gross Beat
"IL Harmless" = IL Harmless
"IL Harmor" = IL Harmor
"IL Juice Pack" = IL Juice Pack
"IL Ogun" = IL Ogun
"IL Slicex" = IL Slicex
"IL Vocodex" = IL Vocodex
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 3.0
"LinuxLive USB Creator" = LinuxLive USB Creator
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"MAGIX Foto Manager 2008 D" = MAGIX Foto Manager 2008 5.0.0.255 (D)
"MAGIX Fotobuch" = MAGIX Fotobuch 3.2
"MAGIX Online Druck Service D" = MAGIX Online Druck Service 2.3.2.0 (D)
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX Video deluxe 2008 PLUS D" = MAGIX Video deluxe 2008 PLUS 7.5.0.20 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6 6.0.22.0 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Maximus" = Maximus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"Mobile Partner" = Mobile Partner
"Morphine" = Morphine
"Mozilla Firefox 11.0 (x86 de)" = Mozilla Firefox 11.0 (x86 de)
"Mp3tag" = Mp3tag v2.53
"MultiWindow IP Camera Player_is1" = MultiWindow IP Camera Player version 1.0.6.44
"MuseScore" = MuseScore 1.2 MuseScore score typesetter
"Neuratron PhotoScore Ultimate" = Neuratron PhotoScore Ultimate
"Notepad++" = Notepad++
"NVIDIA Drivers" = NVIDIA Drivers
"PC_DIMMER2012_is1" = PC_DIMMER2012
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PoiZone" = PoiZone
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"PuTTY_is1" = PuTTY version 0.60
"RAR Password Recovery Magic_is1" = RAR Password Recovery Magic v6.1.1.393
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Rosegarden" = Rosegarden
"Sakura" = Sakura
"Sawer" = Sawer
"Sibelius 7.0.0.23_is1" = Sibelius 7.0.0.23
"SimSynth" = SimSynth
"Smart File Advisor_is1" = Smart File Advisor 1.1.1
"SopCast" = SopCast 3.2.4
"SqrSoftACFDW" = SqrSoft® Advanced Crossfading (remove only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Sytrus" = Sytrus
"Totalcmd" = Total Commander (Remove or Repair)
"Toxic Biohazard" = Toxic Biohazard
"TransMac_is1" = TransMac version 8.1
"Uninstall_is1" = Uninstall 1.0.0.1
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 2.0.5
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"Wasp" = Wasp
"Winamp" = Winamp
"WinAVR-20100110" = WinAVR 20100110 (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.7
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-259702913-3688751258-429655623-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
"Sansa Updater" = Sansa Updater
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.01.2013 18:16:27 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:16:27.992]: [00003228]: GetDeviceIpAddress:
GetAddressByName [BRW00242B725262] Error
Error - 24.01.2013 18:16:58 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:16:58.069]: [00003228]: GetDeviceIpAddress:
GetAddressByName [BRW00242B725262] Error
Error - 24.01.2013 18:17:39 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/24 23:17:39.863]: [00003228]: SendSKeySettingToDevice::
Snmp Load Error[-1] To[192.168.1.107]
Error - 25.01.2013 13:39:53 | Computer Name = Tobias-PC | Source = Brother BrLog | ID = 1001
Description = STI BrtSTI: [2013/01/25 18:39:53.782]: [00002624]: GetDeviceIpAddress:
GetAddressByName [BRW00242B725262] Error
Error - 25.01.2013 13:41:06 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.01.2013 18:51:22 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 25.01.2013 19:38:59 | Computer Name = Tobias-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9300\DeviceController64.exe".
Fehler in Manifest- oder Richtliniendatei "c:\program files\Samsung\Kies\External\firmwareupdate\GT-I9300\Microsoft.VC90.CRT.MANIFEST"
in Zeile 11. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Definition:
Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8".
Verwenden
Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 27.01.2013 16:26:23 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.01.2013 14:35:18 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.01.2013 15:11:07 | Computer Name = Tobias-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 30.06.2012 08:54:11 | Computer Name = Tobias-PC | Source = MCUpdate | ID = 0
Description = 14:53:02 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte
keine Vertrauensstellung hergestellt werden..)
[ System Events ]
Error - 22.01.2013 15:43:53 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimmptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 23.01.2013 18:14:38 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 23.01.2013 18:55:16 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 24.01.2013 14:55:52 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 25.01.2013 13:39:49 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 25.01.2013 13:39:51 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "rimmptsk" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1058
Error - 25.01.2013 18:50:13 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 27.01.2013 16:25:13 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.01.2013 14:34:09 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 29.01.2013 15:09:52 | Computer Name = Tobias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Adobe Licensing Console" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
|
|
29.01.2013, 21:17
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Fund mit Desinfec't Hm, was hast du denn da für Laufwerk, von R bis Z? Sind das Netzlaufwerke?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.01.2013, 21:33
| #15 |
| | Fund mit Desinfec't Jap, sind Netzlaufwerke. Der NAS ist aber selten an, daher waren die wohl beim letzten Scan nicht angehängt... |
|
| Themen zu Fund mit Desinfec't |
| desinfec't, fund, funde, hallo zusammen, password, recovery, scan, schonmal, weiterhelfen, zusammen |
Linear-Darstellung
