| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Probleme mit Yahoo SearchWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.04.2013, 13:48
| #1 |
 |  Probleme mit Yahoo Search Hallo, so wie es aussieht habe ich schon wieder ein kleines Problem. Seit ein paar Tagen lande ich beim surfen immer wieder in der yahoo search obwohl ich in der Adresszeile die korrekte URL eingegeben habe, das passiert nicht immer, aber häufig. Normal surfe ich mit Firefox, dort ist yahoo search nun auch mein Standardsuchdienst, egal was ich bei keyword.URL hinterlege. Selbst nach Deaktivierung der Keyword Suche im Firefox lande ich bei yahoo search wenn ich irgendetwas in die Adresszeile eintrage. Wäre klasse wenn ihr mir helfen könntet diesem Mist wieder loszuwerden. Anbei noch die logfiles als Zip  Spargo |
|
17.04.2013, 15:12
| #2 | |||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Probleme mit Yahoo Search Hallo,
__________________Zitat:
 eine Enterprise-Edition  Zitat:
Firmenrechner werden hier eigentlich nicht bereinigt Siehe => http://www.trojaner-board.de/108422-...-anfragen.html Zitat:
__________________ |
|
17.04.2013, 15:30
| #3 |
| | Probleme mit Yahoo Search Das war ein Firmenrechner, inzwischen ausrangiert aber ich darf ihn behalten zur privaten Nutzung. Ich kann mit dem Laptop machen was ich will, erhalte aber keinerlei Support mehr. Ich kann nicht einmal den Virenscanner deaktivieren da ich nicht die notwendigen Adminrechte habe.
__________________Wäre nett, wenn du mir helfen könntest, falls es nicht möglich ist muss ich das natürlich akzeptieren. |
|
17.04.2013, 22:41
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo SearchZitat:
Wenn du das Teil einfach rausreißt, ohne die nur den Admins bekannten und gesetzten Gruppenrichtlinien wieder rückgängig zu machen, hast du sehr schlechte Karten. Sehr viele solche Gruppenrichtlinien verhindern trotz lokaler Adminrechte das notwendige Deaktivieren der Virenscanner oder anderer Settings, die für eine Analyse hier unbedingt ein Muss sind. Verrat mir doch mal bitte warum das ausrangierte Gerät nicht sauber aus der Domäne genommen bzw. warum es dir nicht neu aufgesetzt überreicht wurde.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.04.2013, 23:09
| #5 |
| | Probleme mit Yahoo Search Das läuft bei uns recht hemdsärmlig. Der Rechner ist bei mir schon mehrfach in der Vergangenheit abgeschmiert (Festplatte war defekt,motherboard wurde auch schon getauscht). Als er dann auch aus der Dell Wartung rausgefallen ist und ich wieder ein Problem hatte wurde entschieden, dass ich wohl besser einen neuen bekomme. Den alten konnte ich dann so wie er ist behalten oder abgeben. Den Vorgänger habe ich auch noch zu Hause, den nutzt jetzt meine Tochter zum Spielen. Unser IT Support beschränkt sich ohnehin darauf, dass bei Bedarf ein Rechner platt gemacht wird und ein neues Image aufgespielt wird, Hardwareprobleme werden vom Dell Support bearbeitet. Wie gesagt, für diesen Rechner erhalte ich keinen Support mehr. Hätte ich das geschilderte Problem mit meinem Firmenrechner würde ich auch nur Schulterzucken ernten man würde mir empfehlen den Rechner neu aufzusetzen und das möchte ich sowieso nicht. Es ist also wirklich so, entweder ihr könnt mir hier helfen oder ich habe Pech gehabt. Ich wäre daher wirklich für jede Hilfe sehr dankbar. |
|
17.04.2013, 23:18
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo Search Allein weil das Ding in der Domäne hing und man so nicht mal ebenso alle Gruppenrichtlinieneinstellungen rückgängig machen kann, würde ich dir eine saubere Neuinstallation empfehlen Muss es denn immer Windows ein? Wenn keine Windows-Lizenz über ist kann man auch wirklich mal über den Einsatz von Linux nachdenken.
__________________ --> Probleme mit Yahoo Search |
|
17.04.2013, 23:28
| #7 |
| | Probleme mit Yahoo Search Tja, dann bleibt mir wohl nichts anderes übrig als den Rechner tatsächlich neu aufzusetzen. Schöner Mist, wollte ich eigentlich vermeiden. Mit Linux habe ich mich ehrlich gesagt noch nie wirklich beschäftigt, wäre vielleicht aber tatsächlich einmal eine Überlegung wert. Auf jeden Fall Danke für deine Hilfe. |
|
18.04.2013, 11:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo Search Naja, wir können schon eine Analyse probieren, aber empfehlenswert ist das nicht. Wenn es wirklich nur um irgendwelche mülligen Toolbars und Adware handelt kannst du das hier erstmal machen: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.04.2013, 12:17
| #9 |
| | Probleme mit Yahoo Search Prima, Danke! So, hier mal die logfiles: JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.6 (04.19.2013:1)
OS: Windows 7 Enterprise x64
Ran by Spargo on 20.04.2013 at 12:55:43,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\sprotector
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sp global
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sprotector
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\Spargo\AppData\Roaming\software4u"
Successfully deleted: [Folder] "C:\Users\Spargo\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\software4u"
~~~ FireFox
Successfully deleted the following from C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\prefs.js
user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Emptied folder: C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\minidumps [143 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2013 at 13:02:06,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter OTL logfile created on: 20.04.2013 13:08:16 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spargo\Desktop 64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,88 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 51,87% Memory free 7,77 Gb Paging File | 5,69 Gb Available in Paging File | 73,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,89 Gb Total Space | 158,65 Gb Free Space | 53,26% Space Free | Partition Type: NTFS Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Spargo\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll () MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () ========== Services (SafeList) ========== SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) SRV - (SwiCardDetectSvc) -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe (Sierra Wireless, Inc.) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (CcmExec) -- C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation) SRV - (smstsmgr) -- C:\Windows\SysWOW64\CCM\TSManager.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) ========== Driver Services (SafeList) ========== DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.) DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (GTUQBUS) -- C:\Windows\SysNative\drivers\gtuqbus.sys (Option N.V.) DRV:64bit: - (GTPTSER) -- C:\Windows\SysNative\drivers\gtptser.sys (Option N.V.) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\drivers\cvusbdrv.sys (Broadcom Corporation) DRV:64bit: - (tcm) -- C:\Windows\SysNative\drivers\tcm.sys () DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (ecnssndisfltr) -- C:\Windows\SysNative\drivers\wwussf64.sys (Ericsson AB) DRV:64bit: - (ecnssndis) -- C:\Windows\SysNative\drivers\wwuss64.sys (Ericsson AB) DRV:64bit: - (Mbm3DevMt) -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys (MCCI Corporation) DRV:64bit: - (Mbm3CBus) -- C:\Windows\SysNative\drivers\Mbm3CBus.sys (MCCI Corporation) DRV:64bit: - (nwdelserial) -- C:\Windows\SysNative\drivers\nwdelserial.sys (Novatel Wireless Inc.) DRV:64bit: - (d554gps) -- C:\Windows\SysNative\drivers\d554gps64.sys (Ericsson AB) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (nwdelgobi3kfilter) -- C:\Windows\SysNative\drivers\nwdelgobi3kfilter.sys (Novatel Wireless Inc) DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro ) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro ) DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro ) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics) DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation) DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (NEOFLTR_700_16899) -- C:\Windows\SysNative\drivers\NEOFLTR_700_16899.SYS (Juniper Networks) DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (prepdrvr) -- C:\Windows\SysWOW64\CCM\PrepDrv.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKU\.DEFAULT\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 36 34 B6 3F 08 CE 01 [binary data] IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes,DefaultScope = {E82A0F06-3219-42A2-8B1B-C1E83D6DBAED} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0470BEF3-D195-401A-969D-99698EE0C86D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.defaultenginename,S: S", "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.order.1,S: S", "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7BB0D70E72-2FC1-4b9f-A3D4-5921C854D906%7D:1.2 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.3.2 FF - prefs.js..extensions.enabledAddons: dnshelp%40dnshelp.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14 FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.3.2 FF - prefs.js..extensions.enabledItems: dnshelp@dnshelp.com:1.0.0 FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..keyword.enabled: false FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "" FF - prefs.js..browser.startup.homepage: "" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2013.02.12 17:38:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dnshelp@dnshelp.com: C:\Users\Spargo\AppData\Roaming\Helper [2013.02.17 17:47:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 15:23:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.24 21:13:13 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\ FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M] [2013.03.20 00:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Extensions [2013.04.17 17:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions [2013.03.20 00:20:37 | 000,000,000 | ---D | M] ("Biet-O-Matic Firefox Erweiterung") -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906} [2013.02.23 09:16:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.04.06 20:41:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\ich@maltegoetz.de [2013.04.15 20:31:55 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013.03.25 17:48:34 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.17 09:42:44 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.02.17 17:47:08 | 000,002,080 | ---- | M] () -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\searchplugins\162914d9-19a2-4f6d-89d4-1c462fa1c5a7.xml [2013.03.20 00:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.12 17:38:42 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES (X86)\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON [2013.02.17 17:47:08 | 000,000,000 | ---D | M] (Helper) -- C:\USERS\Spargo\APPDATA\ROAMING\HELPER [2013.04.15 15:23:23 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.15 15:23:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.15 15:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.15 15:23:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.15 15:23:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.15 15:23:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.15 15:23:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll O1 HOSTS File: ([2013.03.21 22:13:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313..\Run: [iDevice Manager Launcher] "C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe" /run File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = c1-group.dom O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4041F258-562D-4870-82A8-A97F9126C551}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B8DB33-E4F3-4212-BC9F-015072DC6FB8}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD2F28D-BCFE-4A7D-8384-538E4AB24A3B}: DhcpNameServer = 192.168.108.10 192.168.110.5 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.20 12:54:53 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.20 12:54:37 | 000,552,158 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe [2013.04.18 18:44:24 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.17 13:53:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe [2013.04.17 11:02:13 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Malwarebytes [2013.04.17 11:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.04.17 11:00:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2013.04.17 11:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.04.17 00:15:52 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\gnupg [2013.04.16 07:47:40 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Vodafone Mobile Broadband [2013.04.15 23:00:32 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.04.15 23:00:31 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.04.15 23:00:31 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.04.15 23:00:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.04.15 23:00:26 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.04.15 23:00:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.04.15 23:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.04.13 11:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.04.12 20:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPlayer for Windows [2013.04.12 20:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPlayer for Windows [2013.04.12 20:16:07 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Documents\GomPlayer [2013.04.12 20:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [2013.04.12 20:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar [2013.04.12 20:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.04.12 20:11:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\GRETECH [2013.04.12 20:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH [2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaJoin [2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaJoin [2013.04.07 10:10:01 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Application Data [2013.04.05 22:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.29 18:46:04 | 000,020,488 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\SysNative\roboot64.exe [2013.03.29 18:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave [2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Google [2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrrOwwsie2save [2013.03.29 18:38:56 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\WindSolutions [2013.03.29 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions [2013.03.29 16:07:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Skype [2013.03.29 16:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.29 16:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.03.29 16:07:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.03.29 16:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.03.29 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\FreePDF_XP [2013.03.29 15:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF [2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP [2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF [2013.03.29 15:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript [2013.03.29 15:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\gs [2013.03.27 15:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SAP [2013.03.24 21:02:37 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.03.24 21:02:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.03.24 20:56:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013.03.24 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Notepad++ [2013.03.22 21:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013.03.21 23:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.21 13:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.20 12:54:45 | 000,552,158 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe [2013.04.20 12:53:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job [2013.04.20 10:24:50 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.20 10:24:50 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.20 10:18:32 | 000,000,392 | ---- | M] () -- C:\WINDOWS\SMSCFG.INI [2013.04.20 10:17:24 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.20 10:17:17 | 3127,652,352 | -HS- | M] () -- C:\hiberfil.sys [2013.04.19 18:53:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job [2013.04.18 18:44:27 | 000,002,329 | ---- | M] () -- C:\Users\Spargo\Desktop\Google Chrome.lnk [2013.04.17 13:53:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe [2013.04.17 11:00:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.15 23:00:19 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.04.15 23:00:18 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.04.15 23:00:18 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.04.15 23:00:17 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.04.15 23:00:17 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.04.15 23:00:17 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.04.14 15:28:56 | 480,572,723 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013.04.11 07:01:14 | 001,624,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.04.11 07:01:14 | 000,700,978 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.04.11 07:01:14 | 000,655,970 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.04.11 07:01:14 | 000,149,878 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.04.11 07:01:14 | 000,122,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.04.07 10:10:22 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MediaJoin.lnk [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys [2013.03.29 17:26:28 | 000,009,644 | ---- | M] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel [2013.03.29 15:37:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\SysWow64\~.inf [2013.03.27 15:25:01 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk [2013.03.25 19:19:55 | 000,002,209 | ---- | M] () -- C:\Users\Spargo\Desktop\RKA² C1 Group.lnk [2013.03.24 21:02:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.03.24 21:02:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll [2013.03.24 21:02:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.03.24 21:02:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll [2013.03.21 22:13:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.18 18:44:24 | 000,002,329 | ---- | C] () -- C:\Users\Spargo\Desktop\Google Chrome.lnk [2013.04.18 18:43:24 | 000,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job [2013.04.18 18:43:23 | 000,001,072 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job [2013.04.17 11:00:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.14 15:28:56 | 480,572,723 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2013.04.07 10:10:22 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MediaJoin.lnk [2013.03.29 17:26:28 | 000,009,644 | ---- | C] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel [2013.03.29 15:45:51 | 000,087,040 | ---- | C] () -- C:\WINDOWS\SysNative\redmonnt.dll [2013.03.29 15:45:51 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysNative\unredmon.exe [2013.03.29 15:33:27 | 000,000,214 | ---- | C] () -- C:\WINDOWS\SysWow64\~.inf [2013.03.27 15:25:01 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWeaver Business Client 4.0.lnk [2013.03.27 15:25:01 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk [2013.03.24 21:13:14 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.03.11 23:10:30 | 000,239,021 | ---- | C] () -- C:\WINDOWS\hpwins26.dat [2013.02.14 17:23:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2013.02.12 01:01:37 | 000,024,645 | ---- | C] () -- C:\WINDOWS\saplogon.ini [2013.02.11 12:43:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013.02.11 11:37:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\h5menu32.dll [2013.02.11 11:37:46 | 000,095,744 | ---- | C] () -- C:\WINDOWS\SysWow64\h5rtf32.dll [2013.02.11 11:37:46 | 000,051,200 | ---- | C] () -- C:\WINDOWS\SysWow64\h5tool32.dll [2013.02.11 11:37:45 | 001,064,960 | ---- | C] () -- C:\WINDOWS\SysWow64\h5krnl32.dll [2013.02.11 11:37:45 | 000,188,928 | ---- | C] () -- C:\WINDOWS\SysWow64\h5icon32.dll [2013.02.11 11:25:21 | 000,029,824 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2013.02.11 11:12:32 | 000,023,116 | ---- | C] () -- C:\WINDOWS\SysWow64\CcmFramework.ini [2012.09.03 18:52:19 | 000,963,116 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng600.bin [2012.09.03 18:51:55 | 000,218,304 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg600m.bin [2012.09.03 18:51:14 | 000,056,832 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012.09.03 18:50:14 | 000,145,804 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng600.bin [2012.09.03 18:49:22 | 013,906,944 | ---- | C] () -- C:\WINDOWS\SysWow64\ig4icd32.dll [2012.04.20 18:43:54 | 000,286,680 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 20.04.2013 13:08:16 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,88 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 51,87% Memory free
7,77 Gb Paging File | 5,69 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 158,65 Gb Free Space | 53,26% Space Free | Partition Type: NTFS
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20408570-75E1-47ED-B7EF-E6222D44698B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02683DBA-B965-400D-88F5-A822D3ED04F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{0594BED9-718F-4A4F-9F75-2C2F32E408F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{05ED3405-0DBD-448B-A569-0D102BF2B961}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{091AEB78-1FA7-4008-8417-88D88BFE2BE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{165A3863-FE6C-4D95-A028-E93BE3A26218}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D14EEEE-7151-4FB0-8869-E78D5FEE5079}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{2069E3EB-9BF6-4B95-80CB-DC4320C754D8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{3B6833AE-870C-4546-8A8A-F0F21CA469C3}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{45D07E25-1C1D-4915-83B7-7F2E3D2F1760}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{4BA0F375-F61C-4D7A-9F39-4B6C8CF87747}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5126E153-C927-4B8C-A100-4607C7E6228E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{58B68113-70D2-4024-8E9B-EC82BAF54756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{63C877C9-A1D6-46B3-AD9A-C414C588C286}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{63CB5D04-632A-4CA3-8982-154E8B717B17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{66163320-4486-4DCB-8324-8E4CA9BBA802}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{66F50025-BF85-43B3-96FC-1375E5A0B8DE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{6F2A416E-B896-45F4-8AAC-538BE12B9DCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{7FAE411F-85A3-46C4-895B-0F4DF82E14FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{80BFE729-0616-4DF1-A6CA-9C30598C38B3}" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"{839A87F1-496B-41E7-9A5E-39661032C538}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{884765F8-3DCE-456F-A4C4-D8D92AE4D75D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{943CD4EE-5B0C-4221-938E-943233DE2D6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9613F50A-D928-476A-9985-36C663062F27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{979B92B1-500B-409E-B62A-F6A73A5E322F}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{99ECF810-8F99-4349-B3E6-50457C589ADB}" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"{9C5A2205-301F-4ACE-A05B-2BC1EAA8C936}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{ADF99605-800F-41E7-8D1C-288E5D36EC77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{B6B36481-5365-4807-B086-87CAE86F5A6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C0A67A3C-94CD-45A8-9445-7FD7C397570F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{C2ADB7B6-CD6A-43AD-B6B0-CDD3DDA8655F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C78F320F-4B35-4139-AFF9-EBDFB83C3231}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CC8D03B4-945F-4F64-B65D-1C72F69C8186}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D1EDB923-4EBC-4426-BA3E-83BBEA81ED84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{D7FE8339-FD6A-47FC-AC0A-34D4981E67DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E45FB759-4B85-4B2F-BB2F-B7DD4BFF5070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"TCP Query User{13984FA3-4E1C-4C01-AFE6-36380FE58811}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{4140FB21-5CD0-450B-9E90-DB0A49B09E7A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{B6E8B19A-D286-4ED7-A0B3-14EB8126F3C6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FBA52E8E-4DF6-4821-8417-072390ACE976}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{189B5BDD-AC05-49AC-82BF-687AEFD80344}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{22B82929-56F3-468A-802D-788E33378D3E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{628959E7-0503-4035-B77B-75B724D434C8}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{BEF50D4F-3FF5-43F4-8502-EB33ECE00E71}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{0E0818E4-C87B-4211-9791-E958BD34B96C}" = Microsoft Forefront Endpoint Protection 2010 Server Management
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{421976B6-DEC6-4CA5-941F-F0663B3A2B74}" = Adobe Flash Player 11 ActiveX (x64)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{A5ECFFBA-B6FD-45A5-879D-0B0DE7FF8F4B}" = O&O SafeErase Professional
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"GPL Ghostscript 9.04" = GPL Ghostscript
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Forefront Endpoint Protection
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}" = MediaJoin
"{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}" = Nero BurningROM 12
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E9CB04E7-E221-45BE-90BD-7444B8F65F01}" =
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{97D341C8-B0D1-4E4A-A49A-C30B52F168E9}" = MPlayer für Windows
"{98AA657D-9790-4454-9DB2-E8ED0EF8C571}" = Configuration Manager Client
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"DiskAid_is1" = DiskAid 5.45
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Image Viewer" = FastStone Image Viewer 4.7
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"FreePDF_XP" = FreePDF (Remove only)
"GOM Player" = GOM Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MediaJoin" = MediaJoin
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SAP_NWBC40" = SAP Netweaver Business Client 4.0
"SAPGUI710" = SAP GUI for Windows 7.20
"Undelete 360_is1" = Undelete 360
"VLC media player" = VLC media player 2.0.5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 20.04.2013 07:04:00 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10010
Description =
< End of report >
|
|
20.04.2013, 17:46
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo Search Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.04.2013, 20:20
| #11 |
| | Probleme mit Yahoo Search So, ich bin dir auch noch den logfile von AdwCleaner schuldig. AdwCleaner Code:
ATTFilter # AdwCleaner v2.200 - Datei am 20/04/2013 um 20:20:13 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : Spargo - CIGHHNBK166
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Spargo\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Spargo\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Spargo\AppData\Roaming\Mozilla\Firefox\Profiles\9qll3d9s.default\foxydeal.sqlite
Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\Spargo\AppData\Roaming\Mozilla\Firefox\Profiles\9qll3d9s.default\prefs.js
Gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Gelöscht : user_pref("aol_toolbar.default.search.check", false);
Gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\Spargo\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [3757 octets] - [17/04/2013 13:35:01]
AdwCleaner[S1].txt - [325 octets] - [17/04/2013 13:36:09]
AdwCleaner[S2].txt - [3270 octets] - [20/04/2013 20:20:13]
########## EOF - C:\AdwCleaner[S2].txt - [3330 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.03.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
OStahn :: CIGHHNBK166 [administrator]
20.04.2013 20:41:02
mbar-log-2013-04-20 (20-41-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30819
Time elapsed: 9 minute(s), 5 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-20 20:59:59
-----------------------------
20:59:59.894 OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:59.894 Number of processors: 4 586 0x2A07
20:59:59.895 ComputerName: CIGHHNBK166 UserName: Spargo
21:00:00.985 Initialize success
21:00:10.857 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:00:10.863 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 8
21:00:10.985 Disk 0 MBR read successfully
21:00:10.990 Disk 0 MBR scan
21:00:10.996 Disk 0 Windows 7 default MBR code
21:00:11.011 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
21:00:11.018 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 305043 MB offset 411648
21:00:11.040 Disk 0 scanning C:\WINDOWS\system32\drivers
21:00:16.638 Service scanning
21:00:25.017 Service MpNWMon C:\WINDOWS\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:00:50.993 Modules scanning
21:00:51.008 Disk 0 trace - called modules:
21:00:51.008
21:00:51.024 Scan finished successfully
21:00:56.765 Disk 0 MBR has been saved successfully to "C:\Users\Spargo\Desktop\MBR.dat"
21:00:56.765 The log file has been saved successfully to "C:\Users\Spargo\Desktop\aswMBR.txt"
Code:
ATTFilter 21:11:28.0832 0888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:11:29.0128 0888 ============================================================
21:11:29.0128 0888 Current date / time: 2013/04/20 21:11:29.0128
21:11:29.0128 0888 SystemInfo:
21:11:29.0128 0888
21:11:29.0128 0888 OS Version: 6.1.7601 ServicePack: 1.0
21:11:29.0128 0888 Product type: Workstation
21:11:29.0128 0888 ComputerName: CIGHHNBK166
21:11:29.0128 0888 UserName: Spargo
21:11:29.0128 0888 Windows directory: C:\WINDOWS
21:11:29.0128 0888 System windows directory: C:\WINDOWS
21:11:29.0128 0888 Running under WOW64
21:11:29.0128 0888 Processor architecture: Intel x64
21:11:29.0128 0888 Number of processors: 4
21:11:29.0128 0888 Page size: 0x1000
21:11:29.0128 0888 Boot type: Normal boot
21:11:29.0128 0888 ============================================================
21:11:30.0860 0888 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:30.0860 0888 ============================================================
21:11:30.0860 0888 \Device\Harddisk0\DR0:
21:11:30.0860 0888 MBR partitions:
21:11:30.0860 0888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
21:11:30.0860 0888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x253C9800
21:11:30.0860 0888 ============================================================
21:11:30.0891 0888 C: <-> \Device\Harddisk0\DR0\Partition2
21:11:30.0891 0888 ============================================================
21:11:30.0891 0888 Initialize success
21:11:30.0891 0888 ============================================================
21:11:34.0604 4912 ============================================================
21:11:34.0604 4912 Scan started
21:11:34.0604 4912 Mode: Manual;
21:11:34.0604 4912 ============================================================
21:11:34.0806 4912 ================ Scan system memory ========================
21:11:34.0806 4912 System memory - ok
21:11:34.0806 4912 ================ Scan services =============================
21:11:35.0009 4912 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\WINDOWS\system32\DRIVERS\1394ohci.sys
21:11:35.0009 4912 1394ohci - ok
21:11:35.0040 4912 [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler C:\WINDOWS\system32\DRIVERS\accelern.sys
21:11:35.0040 4912 Acceler - ok
21:11:35.0087 4912 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:11:35.0087 4912 ACPI - ok
21:11:35.0103 4912 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\WINDOWS\system32\drivers\acpipmi.sys
21:11:35.0103 4912 AcpiPmi - ok
21:11:35.0181 4912 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:11:35.0196 4912 AdobeARMservice - ok
21:11:35.0243 4912 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
21:11:35.0243 4912 adp94xx - ok
21:11:35.0306 4912 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
21:11:35.0321 4912 adpahci - ok
21:11:35.0384 4912 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
21:11:35.0384 4912 adpu320 - ok
21:11:35.0415 4912 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
21:11:35.0415 4912 AeLookupSvc - ok
21:11:35.0477 4912 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
21:11:35.0477 4912 AESTFilters - ok
21:11:35.0508 4912 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:11:35.0524 4912 AFD - ok
21:11:35.0555 4912 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
21:11:35.0555 4912 agp440 - ok
21:11:35.0602 4912 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\WINDOWS\System32\alg.exe
21:11:35.0602 4912 ALG - ok
21:11:35.0633 4912 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\WINDOWS\system32\drivers\aliide.sys
21:11:35.0633 4912 aliide - ok
21:11:35.0649 4912 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\WINDOWS\system32\drivers\amdide.sys
21:11:35.0649 4912 amdide - ok
21:11:35.0680 4912 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\WINDOWS\system32\drivers\amdk8.sys
21:11:35.0680 4912 AmdK8 - ok
21:11:35.0696 4912 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\WINDOWS\system32\drivers\amdppm.sys
21:11:35.0696 4912 AmdPPM - ok
21:11:35.0742 4912 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:11:35.0742 4912 amdsata - ok
21:11:35.0758 4912 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:11:35.0774 4912 amdsbs - ok
21:11:35.0789 4912 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:11:35.0789 4912 amdxata - ok
21:11:35.0836 4912 [ 313CE6F6F1AF6878F8AD46542FB07D17 ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
21:11:35.0836 4912 AnyDVD - ok
21:11:35.0867 4912 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
21:11:35.0883 4912 ApfiltrService - ok
21:11:35.0914 4912 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:11:35.0930 4912 AppID - ok
21:11:35.0961 4912 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:11:35.0961 4912 AppIDSvc - ok
21:11:35.0961 4912 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:11:35.0976 4912 Appinfo - ok
21:11:36.0023 4912 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:11:36.0023 4912 Apple Mobile Device - ok
21:11:36.0070 4912 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:11:36.0070 4912 AppMgmt - ok
21:11:36.0117 4912 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\WINDOWS\system32\drivers\arc.sys
21:11:36.0117 4912 arc - ok
21:11:36.0132 4912 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:11:36.0132 4912 arcsas - ok
21:11:36.0242 4912 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:11:36.0257 4912 aspnet_state - ok
21:11:36.0273 4912 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:11:36.0273 4912 AsyncMac - ok
21:11:36.0304 4912 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:11:36.0320 4912 atapi - ok
21:11:36.0366 4912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\WINDOWS\System32\Audiosrv.dll
21:11:36.0398 4912 AudioEndpointBuilder - ok
21:11:36.0413 4912 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\WINDOWS\System32\Audiosrv.dll
21:11:36.0429 4912 AudioSrv - ok
21:11:36.0460 4912 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:11:36.0460 4912 AxInstSV - ok
21:11:36.0522 4912 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:11:36.0538 4912 b06bdrv - ok
21:11:36.0554 4912 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\WINDOWS\system32\DRIVERS\b57nd60a.sys
21:11:36.0569 4912 b57nd60a - ok
21:11:36.0600 4912 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:11:36.0600 4912 BDESVC - ok
21:11:36.0616 4912 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:11:36.0616 4912 Beep - ok
21:11:36.0678 4912 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\WINDOWS\System32\bfe.dll
21:11:36.0694 4912 BFE - ok
21:11:36.0756 4912 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\WINDOWS\System32\qmgr.dll
21:11:36.0803 4912 BITS - ok
21:11:36.0819 4912 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\WINDOWS\system32\DRIVERS\blbdrive.sys
21:11:36.0834 4912 blbdrive - ok
21:11:36.0850 4912 [ E10EC5AE51B38C84894CEBF4B4308A14 ] BMLoad C:\WINDOWS\system32\drivers\BMLoad.sys
21:11:36.0897 4912 BMLoad - ok
21:11:36.0944 4912 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:11:36.0959 4912 Bonjour Service - ok
21:11:37.0006 4912 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:11:37.0022 4912 bowser - ok
21:11:37.0022 4912 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\WINDOWS\system32\drivers\BrFiltLo.sys
21:11:37.0037 4912 BrFiltLo - ok
21:11:37.0053 4912 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\WINDOWS\system32\drivers\BrFiltUp.sys
21:11:37.0053 4912 BrFiltUp - ok
21:11:37.0068 4912 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
21:11:37.0068 4912 BridgeMP - ok
21:11:37.0100 4912 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\WINDOWS\System32\browser.dll
21:11:37.0115 4912 Browser - ok
21:11:37.0131 4912 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\WINDOWS\System32\Drivers\Brserid.sys
21:11:37.0131 4912 Brserid - ok
21:11:37.0146 4912 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\WINDOWS\System32\Drivers\BrSerWdm.sys
21:11:37.0146 4912 BrSerWdm - ok
21:11:37.0146 4912 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
21:11:37.0146 4912 BrUsbMdm - ok
21:11:37.0162 4912 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\WINDOWS\System32\Drivers\BrUsbSer.sys
21:11:37.0162 4912 BrUsbSer - ok
21:11:37.0193 4912 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\WINDOWS\system32\drivers\BthEnum.sys
21:11:37.0193 4912 BthEnum - ok
21:11:37.0209 4912 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\WINDOWS\system32\drivers\bthmodem.sys
21:11:37.0209 4912 BTHMODEM - ok
21:11:37.0240 4912 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:11:37.0240 4912 BthPan - ok
21:11:37.0287 4912 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
21:11:37.0302 4912 BTHPORT - ok
21:11:37.0365 4912 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:11:37.0365 4912 bthserv - ok
21:11:37.0396 4912 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
21:11:37.0396 4912 BTHUSB - ok
21:11:37.0412 4912 catchme - ok
21:11:37.0552 4912 [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec C:\Windows\SysWOW64\CCM\CcmExec.exe
21:11:37.0583 4912 CcmExec - ok
21:11:37.0614 4912 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:11:37.0630 4912 cdfs - ok
21:11:37.0661 4912 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:11:37.0661 4912 cdrom - ok
21:11:37.0692 4912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:11:37.0708 4912 CertPropSvc - ok
21:11:37.0724 4912 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\WINDOWS\system32\drivers\circlass.sys
21:11:37.0724 4912 circlass - ok
21:11:37.0739 4912 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\WINDOWS\system32\CLFS.sys
21:11:37.0755 4912 CLFS - ok
21:11:37.0817 4912 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:37.0864 4912 clr_optimization_v2.0.50727_32 - ok
21:11:37.0911 4912 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:11:37.0911 4912 clr_optimization_v2.0.50727_64 - ok
21:11:37.0973 4912 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:38.0004 4912 clr_optimization_v4.0.30319_32 - ok
21:11:38.0036 4912 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:11:38.0036 4912 clr_optimization_v4.0.30319_64 - ok
21:11:38.0067 4912 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:11:38.0067 4912 CmBatt - ok
21:11:38.0082 4912 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\WINDOWS\system32\drivers\cmdide.sys
21:11:38.0098 4912 cmdide - ok
21:11:38.0129 4912 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:11:38.0145 4912 CNG - ok
21:11:38.0160 4912 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\WINDOWS\system32\drivers\compbatt.sys
21:11:38.0160 4912 Compbatt - ok
21:11:38.0176 4912 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\WINDOWS\system32\DRIVERS\CompositeBus.sys
21:11:38.0176 4912 CompositeBus - ok
21:11:38.0192 4912 COMSysApp - ok
21:11:38.0223 4912 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\WINDOWS\system32\drivers\crcdisk.sys
21:11:38.0223 4912 crcdisk - ok
21:11:38.0254 4912 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:11:38.0254 4912 CryptSvc - ok
21:11:38.0285 4912 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:11:38.0301 4912 CSC - ok
21:11:38.0348 4912 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\WINDOWS\System32\cscsvc.dll
21:11:38.0363 4912 CscService - ok
21:11:38.0394 4912 [ 8D23B1F950CF285957FEAF8833DBD2C7 ] cvusbdrv C:\WINDOWS\system32\Drivers\cvusbdrv.sys
21:11:38.0410 4912 cvusbdrv - ok
21:11:38.0441 4912 [ B58959ADC3ECD9C87C5959D0E3802F55 ] d554gps C:\WINDOWS\system32\drivers\d554gps64.sys
21:11:38.0441 4912 d554gps - ok
21:11:38.0504 4912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:11:38.0519 4912 DcomLaunch - ok
21:11:38.0566 4912 [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
21:11:38.0597 4912 dcpsysmgrsvc - ok
21:11:38.0628 4912 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:11:38.0644 4912 defragsvc - ok
21:11:38.0660 4912 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\WINDOWS\system32\Drivers\dfsc.sys
21:11:38.0660 4912 DfsC - ok
21:11:38.0691 4912 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:11:38.0691 4912 Dhcp - ok
21:11:38.0722 4912 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\WINDOWS\system32\drivers\discache.sys
21:11:38.0722 4912 discache - ok
21:11:38.0769 4912 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\WINDOWS\system32\drivers\disk.sys
21:11:38.0769 4912 Disk - ok
21:11:38.0784 4912 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\WINDOWS\system32\drivers\dmvsc.sys
21:11:38.0800 4912 dmvsc - ok
21:11:38.0831 4912 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:11:38.0831 4912 Dnscache - ok
21:11:38.0862 4912 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:11:38.0878 4912 dot3svc - ok
21:11:38.0940 4912 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
21:11:38.0956 4912 Dot4 - ok
21:11:39.0003 4912 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
21:11:39.0034 4912 Dot4Print - ok
21:11:39.0065 4912 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
21:11:39.0081 4912 dot4usb - ok
21:11:39.0128 4912 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\WINDOWS\system32\dps.dll
21:11:39.0128 4912 DPS - ok
21:11:39.0159 4912 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:11:39.0159 4912 drmkaud - ok
21:11:39.0190 4912 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:11:39.0206 4912 DXGKrnl - ok
21:11:39.0237 4912 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\WINDOWS\system32\DRIVERS\e1c62x64.sys
21:11:39.0237 4912 e1cexpress - ok
21:11:39.0268 4912 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y60x64.sys
21:11:39.0268 4912 e1yexpress - ok
21:11:39.0315 4912 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:11:39.0315 4912 EapHost - ok
21:11:39.0440 4912 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:11:39.0533 4912 ebdrv - ok
21:11:39.0580 4912 [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis C:\WINDOWS\System32\Drivers\wwuss64.sys
21:11:39.0596 4912 ecnssndis - ok
21:11:39.0611 4912 [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr C:\WINDOWS\System32\Drivers\wwussf64.sys
21:11:39.0611 4912 ecnssndisfltr - ok
21:11:39.0642 4912 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\WINDOWS\System32\lsass.exe
21:11:39.0642 4912 EFS - ok
21:11:39.0705 4912 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
21:11:39.0736 4912 ehRecvr - ok
21:11:39.0767 4912 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\WINDOWS\ehome\ehsched.exe
21:11:39.0767 4912 ehSched - ok
21:11:39.0798 4912 [ 3836E2DB9034543F63943CDBB52A691A ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
21:11:39.0798 4912 ElbyCDIO - ok
21:11:39.0830 4912 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\WINDOWS\system32\drivers\elxstor.sys
21:11:39.0845 4912 elxstor - ok
21:11:39.0861 4912 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\WINDOWS\system32\drivers\errdev.sys
21:11:39.0861 4912 ErrDev - ok
21:11:39.0908 4912 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\WINDOWS\system32\es.dll
21:11:39.0923 4912 EventSystem - ok
21:11:39.0939 4912 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:11:39.0954 4912 exfat - ok
21:11:39.0970 4912 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:11:39.0986 4912 fastfat - ok
21:11:40.0048 4912 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\WINDOWS\system32\fxssvc.exe
21:11:40.0064 4912 Fax - ok
21:11:40.0079 4912 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\WINDOWS\system32\drivers\fdc.sys
21:11:40.0079 4912 fdc - ok
21:11:40.0095 4912 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:11:40.0095 4912 fdPHost - ok
21:11:40.0110 4912 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:11:40.0126 4912 FDResPub - ok
21:11:40.0126 4912 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:11:40.0142 4912 FileInfo - ok
21:11:40.0142 4912 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:11:40.0142 4912 Filetrace - ok
21:11:40.0157 4912 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\WINDOWS\system32\drivers\flpydisk.sys
21:11:40.0157 4912 flpydisk - ok
21:11:40.0188 4912 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:11:40.0204 4912 FltMgr - ok
21:11:40.0235 4912 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:11:40.0266 4912 FontCache - ok
21:11:40.0329 4912 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:11:40.0329 4912 FontCache3.0.0.0 - ok
21:11:40.0344 4912 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:11:40.0344 4912 FsDepends - ok
21:11:40.0376 4912 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:11:40.0376 4912 Fs_Rec - ok
21:11:40.0391 4912 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:11:40.0391 4912 fvevol - ok
21:11:40.0422 4912 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
21:11:40.0422 4912 gagp30kx - ok
21:11:40.0454 4912 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:11:40.0454 4912 GEARAspiWDM - ok
21:11:40.0500 4912 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:11:40.0532 4912 gpsvc - ok
21:11:40.0563 4912 [ 2F3DBA5CDC388BC0500DE0EEDC8C81AE ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
21:11:40.0563 4912 GTPTSER - ok
21:11:40.0610 4912 [ 3DDC61C7F44238285990EACEA448C68B ] GTUQBUS C:\WINDOWS\system32\DRIVERS\gtuqbus.sys
21:11:40.0610 4912 GTUQBUS - ok
21:11:40.0625 4912 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\WINDOWS\system32\drivers\hcw85cir.sys
21:11:40.0625 4912 hcw85cir - ok
21:11:40.0656 4912 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:11:40.0672 4912 HdAudAddService - ok
21:11:40.0703 4912 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:11:40.0703 4912 HDAudBus - ok
21:11:40.0703 4912 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\WINDOWS\system32\drivers\HidBatt.sys
21:11:40.0703 4912 HidBatt - ok
21:11:40.0719 4912 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\WINDOWS\system32\drivers\hidbth.sys
21:11:40.0719 4912 HidBth - ok
21:11:40.0734 4912 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\WINDOWS\system32\drivers\hidir.sys
21:11:40.0734 4912 HidIr - ok
21:11:40.0766 4912 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\WINDOWS\System32\hidserv.dll
21:11:40.0781 4912 hidserv - ok
21:11:40.0797 4912 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:11:40.0844 4912 HidUsb - ok
21:11:40.0890 4912 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
21:11:40.0890 4912 hkmsvc - ok
21:11:40.0906 4912 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:11:40.0906 4912 HomeGroupListener - ok
21:11:40.0922 4912 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:11:40.0937 4912 HomeGroupProvider - ok
21:11:41.0109 4912 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:11:41.0109 4912 hpqcxs08 - ok
21:11:41.0124 4912 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:11:41.0124 4912 hpqddsvc - ok
21:11:41.0156 4912 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:11:41.0156 4912 HpSAMD - ok
21:11:41.0202 4912 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:11:41.0234 4912 HPSLPSVC - ok
21:11:41.0280 4912 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:11:41.0296 4912 HTTP - ok
21:11:41.0327 4912 [ CCE3DB0BA3C615CAA321EB1301532688 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
21:11:41.0327 4912 huawei_enumerator - ok
21:11:41.0343 4912 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:11:41.0343 4912 hwpolicy - ok
21:11:41.0374 4912 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:11:41.0374 4912 i8042prt - ok
21:11:41.0390 4912 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
21:11:41.0405 4912 iaStor - ok
21:11:41.0452 4912 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:11:41.0468 4912 iaStorV - ok
21:11:41.0514 4912 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:11:41.0546 4912 idsvc - ok
21:11:41.0826 4912 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:11:42.0029 4912 igfx - ok
21:11:42.0060 4912 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
21:11:42.0060 4912 iirsp - ok
21:11:42.0092 4912 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:11:42.0123 4912 IKEEXT - ok
21:11:42.0154 4912 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\WINDOWS\system32\drivers\Impcd.sys
21:11:42.0154 4912 Impcd - ok
21:11:42.0185 4912 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:11:42.0185 4912 IntcDAud - ok
21:11:42.0216 4912 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:11:42.0216 4912 intelide - ok
21:11:42.0232 4912 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:11:42.0232 4912 intelppm - ok
21:11:42.0248 4912 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\WINDOWS\system32\ipbusenum.dll
21:11:42.0248 4912 IPBusEnum - ok
21:11:42.0263 4912 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:11:42.0263 4912 IpFilterDriver - ok
21:11:42.0310 4912 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:11:42.0326 4912 iphlpsvc - ok
21:11:42.0357 4912 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\WINDOWS\system32\drivers\IPMIDrv.sys
21:11:42.0357 4912 IPMIDRV - ok
21:11:42.0372 4912 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:11:42.0372 4912 IPNAT - ok
21:11:42.0419 4912 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:11:42.0435 4912 iPod Service - ok
21:11:42.0466 4912 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:11:42.0466 4912 IRENUM - ok
21:11:42.0482 4912 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:11:42.0482 4912 isapnp - ok
21:11:42.0513 4912 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\WINDOWS\system32\drivers\msiscsi.sys
21:11:42.0513 4912 iScsiPrt - ok
21:11:42.0544 4912 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:11:42.0544 4912 kbdclass - ok
21:11:42.0560 4912 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\WINDOWS\system32\drivers\kbdhid.sys
21:11:42.0560 4912 kbdhid - ok
21:11:42.0575 4912 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:11:42.0575 4912 KeyIso - ok
21:11:42.0606 4912 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:11:42.0606 4912 KSecDD - ok
21:11:42.0622 4912 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:11:42.0622 4912 KSecPkg - ok
21:11:42.0638 4912 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:11:42.0638 4912 ksthunk - ok
21:11:42.0684 4912 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:11:42.0684 4912 KtmRm - ok
21:11:42.0716 4912 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
21:11:42.0731 4912 LanmanServer - ok
21:11:42.0762 4912 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:11:42.0762 4912 LanmanWorkstation - ok
21:11:42.0794 4912 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:11:42.0794 4912 lltdio - ok
21:11:42.0809 4912 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:11:42.0825 4912 lltdsvc - ok
21:11:42.0856 4912 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:11:42.0856 4912 lmhosts - ok
21:11:42.0887 4912 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\WINDOWS\system32\drivers\lsi_fc.sys
21:11:42.0887 4912 LSI_FC - ok
21:11:42.0903 4912 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:11:42.0918 4912 LSI_SAS - ok
21:11:42.0934 4912 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:11:42.0934 4912 LSI_SAS2 - ok
21:11:42.0950 4912 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
21:11:42.0950 4912 LSI_SCSI - ok
21:11:42.0965 4912 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:11:42.0981 4912 luafv - ok
21:11:43.0012 4912 [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus C:\WINDOWS\system32\drivers\Mbm3CBus.sys
21:11:43.0028 4912 Mbm3CBus - ok
21:11:43.0059 4912 [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt C:\WINDOWS\system32\drivers\Mbm3DevMt.sys
21:11:43.0059 4912 Mbm3DevMt - ok
21:11:43.0090 4912 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
21:11:43.0090 4912 Mcx2Svc - ok
21:11:43.0106 4912 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:11:43.0106 4912 megasas - ok
21:11:43.0137 4912 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
21:11:43.0137 4912 MegaSR - ok
21:11:43.0168 4912 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\WINDOWS\system32\drivers\HECIx64.sys
21:11:43.0168 4912 MEIx64 - ok
21:11:43.0215 4912 Microsoft SharePoint Workspace Audit Service - ok
21:11:43.0246 4912 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\WINDOWS\system32\mmcss.dll
21:11:43.0246 4912 MMCSS - ok
21:11:43.0277 4912 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:11:43.0277 4912 Modem - ok
21:11:43.0277 4912 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
21:11:43.0277 4912 monitor - ok
21:11:43.0293 4912 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:11:43.0293 4912 mouclass - ok
21:11:43.0324 4912 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:11:43.0355 4912 mouhid - ok
21:11:43.0371 4912 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:11:43.0386 4912 mountmgr - ok
21:11:43.0402 4912 [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:11:43.0402 4912 MpFilter - ok
21:11:43.0433 4912 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\WINDOWS\system32\drivers\mpio.sys
21:11:43.0433 4912 mpio - ok
21:11:43.0449 4912 [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon C:\WINDOWS\system32\DRIVERS\MpNWMon.sys
21:11:43.0464 4912 MpNWMon - ok
21:11:43.0480 4912 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:11:43.0480 4912 mpsdrv - ok
21:11:43.0527 4912 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:11:43.0558 4912 MpsSvc - ok
21:11:43.0574 4912 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:11:43.0589 4912 MRxDAV - ok
21:11:43.0605 4912 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:11:43.0620 4912 mrxsmb - ok
21:11:43.0636 4912 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:11:43.0636 4912 mrxsmb10 - ok
21:11:43.0667 4912 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:11:43.0667 4912 mrxsmb20 - ok
21:11:43.0698 4912 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\WINDOWS\system32\drivers\msahci.sys
21:11:43.0698 4912 msahci - ok
21:11:43.0714 4912 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\WINDOWS\system32\drivers\msdsm.sys
21:11:43.0714 4912 msdsm - ok
21:11:43.0730 4912 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:11:43.0745 4912 MSDTC - ok
21:11:43.0776 4912 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:11:43.0776 4912 Msfs - ok
21:11:43.0808 4912 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:11:43.0808 4912 mshidkmdf - ok
21:11:43.0823 4912 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:11:43.0823 4912 msisadrv - ok
21:11:43.0854 4912 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:11:43.0854 4912 MSiSCSI - ok
21:11:43.0870 4912 msiserver - ok
21:11:43.0886 4912 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:11:43.0886 4912 MSKSSRV - ok
21:11:43.0932 4912 [ 157E9E498206A3366BAA7E4697BDD947 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
21:11:43.0932 4912 MsMpSvc - ok
21:11:43.0964 4912 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:11:43.0964 4912 MSPCLOCK - ok
21:11:43.0979 4912 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:11:43.0979 4912 MSPQM - ok
21:11:44.0010 4912 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:11:44.0010 4912 MsRPC - ok
21:11:44.0026 4912 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:11:44.0026 4912 mssmbios - ok
21:11:44.0057 4912 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
21:11:44.0057 4912 MSTEE - ok
21:11:44.0073 4912 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\WINDOWS\system32\drivers\MTConfig.sys
21:11:44.0073 4912 MTConfig - ok
21:11:44.0088 4912 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:11:44.0088 4912 Mup - ok
21:11:44.0120 4912 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\WINDOWS\system32\qagentRT.dll
21:11:44.0135 4912 napagent - ok
21:11:44.0166 4912 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:11:44.0182 4912 NativeWifiP - ok
21:11:44.0244 4912 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
21:11:44.0276 4912 NAUpdate - ok
21:11:44.0338 4912 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:11:44.0354 4912 NDIS - ok
21:11:44.0385 4912 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:11:44.0385 4912 NdisCap - ok
21:11:44.0400 4912 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:11:44.0416 4912 NdisTapi - ok
21:11:44.0432 4912 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:11:44.0432 4912 Ndisuio - ok
21:11:44.0447 4912 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:11:44.0447 4912 NdisWan - ok
21:11:44.0463 4912 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:11:44.0478 4912 NDProxy - ok
21:11:44.0525 4912 [ 47DA0A01D8AD23B83F690DCF25C859A8 ] NEOFLTR_700_16899 C:\WINDOWS\system32\Drivers\NEOFLTR_700_16899.SYS
21:11:44.0525 4912 NEOFLTR_700_16899 - ok
21:11:44.0588 4912 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:11:44.0634 4912 Net Driver HPZ12 - ok
21:11:44.0666 4912 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl64.sys
21:11:44.0666 4912 Netaapl - ok
21:11:44.0697 4912 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:11:44.0697 4912 NetBIOS - ok
21:11:44.0712 4912 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:11:44.0728 4912 NetBT - ok
21:11:44.0728 4912 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:11:44.0744 4912 Netlogon - ok
21:11:44.0775 4912 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\WINDOWS\System32\netman.dll
21:11:44.0775 4912 Netman - ok
21:11:44.0806 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0837 4912 NetMsmqActivator - ok
21:11:44.0837 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0853 4912 NetPipeActivator - ok
21:11:44.0868 4912 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\WINDOWS\System32\netprofm.dll
21:11:44.0884 4912 netprofm - ok
21:11:44.0884 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0900 4912 NetTcpActivator - ok
21:11:44.0900 4912 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0900 4912 NetTcpPortSharing - ok
21:11:45.0040 4912 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\WINDOWS\system32\DRIVERS\netw5v64.sys
21:11:45.0149 4912 netw5v64 - ok
21:11:45.0336 4912 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
21:11:45.0524 4912 NETwNs64 - ok
21:11:45.0555 4912 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
21:11:45.0555 4912 nfrd960 - ok
21:11:45.0586 4912 [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv C:\WINDOWS\system32\DRIVERS\NisDrvWFP.sys
21:11:45.0586 4912 NisDrv - ok
21:11:45.0602 4912 [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:11:45.0602 4912 NisSrv - ok
21:11:45.0633 4912 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:11:45.0648 4912 NlaSvc - ok
21:11:45.0680 4912 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:11:45.0680 4912 Npfs - ok
21:11:45.0695 4912 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\WINDOWS\system32\nsisvc.dll
21:11:45.0711 4912 nsi - ok
21:11:45.0711 4912 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:11:45.0711 4912 nsiproxy - ok
21:11:45.0773 4912 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:11:45.0804 4912 Ntfs - ok
21:11:45.0836 4912 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:11:45.0836 4912 Null - ok
21:11:45.0867 4912 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\WINDOWS\system32\drivers\nusb3hub.sys
21:11:45.0867 4912 nusb3hub - ok
21:11:45.0882 4912 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\WINDOWS\system32\drivers\nusb3xhc.sys
21:11:45.0882 4912 nusb3xhc - ok
21:11:45.0914 4912 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:11:45.0929 4912 nvraid - ok
21:11:45.0960 4912 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:11:45.0960 4912 nvstor - ok
21:11:45.0992 4912 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
21:11:45.0992 4912 nv_agp - ok
21:11:46.0023 4912 [ 34D52ECC6DD8577600B392E06B74D4B7 ] nwdelgobi3kfilter C:\WINDOWS\system32\drivers\nwdelgobi3kfilter.sys
21:11:46.0023 4912 nwdelgobi3kfilter - ok
21:11:46.0054 4912 [ 49BC63FB646734567D6BDE76E10F5E8E ] nwdelserial C:\WINDOWS\system32\drivers\nwdelserial.sys
21:11:46.0054 4912 nwdelserial - ok
21:11:46.0070 4912 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\WINDOWS\system32\DRIVERS\o2flash.exe
21:11:46.0085 4912 O2FLASH - ok
21:11:46.0101 4912 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\WINDOWS\system32\drivers\O2MDFw7x64.sys
21:11:46.0101 4912 O2MDFRDR - ok
21:11:46.0116 4912 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\WINDOWS\system32\DRIVERS\O2MDRw7x64.sys
21:11:46.0132 4912 O2MDRRDR - ok
21:11:46.0132 4912 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\WINDOWS\system32\DRIVERS\o2sdjw7x64.sys
21:11:46.0148 4912 O2SDJRDR - ok
21:11:46.0148 4912 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\WINDOWS\system32\drivers\ohci1394.sys
21:11:46.0163 4912 ohci1394 - ok
21:11:46.0241 4912 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:11:46.0241 4912 ose - ok
21:11:46.0413 4912 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:11:46.0522 4912 osppsvc - ok
21:11:46.0553 4912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:11:46.0553 4912 p2pimsvc - ok
21:11:46.0584 4912 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:11:46.0584 4912 p2psvc - ok
21:11:46.0600 4912 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:11:46.0616 4912 Parport - ok
21:11:46.0631 4912 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:11:46.0631 4912 partmgr - ok
21:11:46.0647 4912 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:11:46.0647 4912 PcaSvc - ok
21:11:46.0694 4912 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\WINDOWS\system32\drivers\pci.sys
21:11:46.0694 4912 pci - ok
21:11:46.0725 4912 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:11:46.0725 4912 pciide - ok
21:11:46.0756 4912 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:11:46.0756 4912 pcmcia - ok
21:11:46.0772 4912 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:11:46.0772 4912 pcw - ok
21:11:46.0803 4912 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:11:46.0818 4912 PEAUTH - ok
21:11:46.0865 4912 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:11:46.0912 4912 PeerDistSvc - ok
21:11:47.0006 4912 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:11:47.0006 4912 PerfHost - ok
21:11:47.0068 4912 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\WINDOWS\system32\pla.dll
21:11:47.0115 4912 pla - ok
21:11:47.0146 4912 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:11:47.0162 4912 PlugPlay - ok
21:11:47.0224 4912 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:11:47.0271 4912 Pml Driver HPZ12 - ok
21:11:47.0286 4912 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:11:47.0286 4912 PNRPAutoReg - ok
21:11:47.0318 4912 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:11:47.0318 4912 PNRPsvc - ok
21:11:47.0349 4912 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:11:47.0380 4912 PolicyAgent - ok
21:11:47.0396 4912 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\WINDOWS\system32\umpo.dll
21:11:47.0396 4912 Power - ok
21:11:47.0427 4912 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:11:47.0427 4912 PptpMiniport - ok
21:11:47.0505 4912 [ 3A603DD6466569970BD99DFB4C63BBC7 ] prepdrvr C:\Windows\SysWOW64\CCM\prepdrv.sys
21:11:47.0505 4912 prepdrvr - ok
21:11:47.0520 4912 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\WINDOWS\system32\drivers\processr.sys
21:11:47.0520 4912 Processor - ok
21:11:47.0567 4912 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:11:47.0567 4912 ProfSvc - ok
21:11:47.0583 4912 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:11:47.0583 4912 ProtectedStorage - ok
21:11:47.0614 4912 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
21:11:47.0614 4912 Psched - ok
21:11:47.0676 4912 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\WINDOWS\system32\drivers\ql2300.sys
21:11:47.0739 4912 ql2300 - ok
21:11:47.0786 4912 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\WINDOWS\system32\drivers\ql40xx.sys
21:11:47.0786 4912 ql40xx - ok
21:11:47.0817 4912 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\WINDOWS\system32\qwave.dll
21:11:47.0832 4912 QWAVE - ok
21:11:47.0848 4912 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:11:47.0848 4912 QWAVEdrv - ok
21:11:47.0864 4912 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:11:47.0864 4912 RasAcd - ok
21:11:47.0895 4912 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:11:47.0895 4912 RasAgileVpn - ok
21:11:47.0910 4912 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:11:47.0910 4912 RasAuto - ok
21:11:47.0942 4912 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:11:47.0942 4912 Rasl2tp - ok
21:11:47.0973 4912 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:11:47.0988 4912 RasMan - ok
21:11:48.0004 4912 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:11:48.0004 4912 RasPppoe - ok
21:11:48.0020 4912 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:11:48.0020 4912 RasSstp - ok
21:11:48.0051 4912 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:11:48.0051 4912 rdbss - ok
21:11:48.0066 4912 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\WINDOWS\system32\DRIVERS\rdpbus.sys
21:11:48.0066 4912 rdpbus - ok
21:11:48.0082 4912 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:11:48.0082 4912 RDPCDD - ok
21:11:48.0113 4912 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:11:48.0113 4912 RDPDR - ok
21:11:48.0129 4912 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\WINDOWS\system32\drivers\rdpencdd.sys
21:11:48.0129 4912 RDPENCDD - ok
21:11:48.0144 4912 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\WINDOWS\system32\drivers\rdprefmp.sys
21:11:48.0144 4912 RDPREFMP - ok
21:11:48.0191 4912 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:11:48.0191 4912 RdpVideoMiniport - ok
21:11:48.0222 4912 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:11:48.0222 4912 RDPWD - ok
21:11:48.0254 4912 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:11:48.0254 4912 rdyboost - ok
21:11:48.0285 4912 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:11:48.0285 4912 RemoteAccess - ok
21:11:48.0316 4912 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:11:48.0332 4912 RemoteRegistry - ok
21:11:48.0363 4912 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:11:48.0378 4912 RFCOMM - ok
21:11:48.0410 4912 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:11:48.0410 4912 RpcEptMapper - ok
21:11:48.0425 4912 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\WINDOWS\system32\locator.exe
21:11:48.0441 4912 RpcLocator - ok
21:11:48.0456 4912 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:11:48.0456 4912 RpcSs - ok
21:11:48.0488 4912 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:11:48.0488 4912 rspndr - ok
21:11:48.0519 4912 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\WINDOWS\system32\drivers\vms3cap.sys
21:11:48.0519 4912 s3cap - ok
21:11:48.0534 4912 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\WINDOWS\system32\lsass.exe
21:11:48.0534 4912 SamSs - ok
21:11:48.0550 4912 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:11:48.0550 4912 sbp2port - ok
21:11:48.0566 4912 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:11:48.0581 4912 SCardSvr - ok
21:11:48.0581 4912 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:11:48.0597 4912 scfilter - ok
21:11:48.0628 4912 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:11:48.0675 4912 Schedule - ok
21:11:48.0690 4912 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:11:48.0706 4912 SCPolicySvc - ok
21:11:48.0722 4912 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:11:48.0737 4912 sdbus - ok
21:11:48.0737 4912 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:11:48.0753 4912 SDRSVC - ok
21:11:48.0784 4912 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
21:11:48.0784 4912 secdrv - ok
21:11:48.0784 4912 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\WINDOWS\system32\seclogon.dll
21:11:48.0800 4912 seclogon - ok
21:11:48.0831 4912 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\WINDOWS\system32\sens.dll
21:11:48.0831 4912 SENS - ok
21:11:48.0846 4912 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:11:48.0862 4912 SensrSvc - ok
21:11:48.0893 4912 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:11:48.0893 4912 Serenum - ok
21:11:48.0924 4912 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:11:48.0924 4912 Serial - ok
21:11:48.0956 4912 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\WINDOWS\system32\drivers\sermouse.sys
21:11:48.0956 4912 sermouse - ok
21:11:48.0987 4912 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:11:49.0002 4912 SessionEnv - ok
21:11:49.0018 4912 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\WINDOWS\system32\drivers\sffdisk.sys
21:11:49.0018 4912 sffdisk - ok
21:11:49.0034 4912 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\WINDOWS\system32\drivers\sffp_mmc.sys
21:11:49.0034 4912 sffp_mmc - ok
21:11:49.0034 4912 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\WINDOWS\system32\drivers\sffp_sd.sys
21:11:49.0049 4912 sffp_sd - ok
21:11:49.0049 4912 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\WINDOWS\system32\drivers\sfloppy.sys
21:11:49.0065 4912 sfloppy - ok
21:11:49.0096 4912 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:11:49.0112 4912 SharedAccess - ok
21:11:49.0127 4912 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:11:49.0143 4912 ShellHWDetection - ok
21:11:49.0174 4912 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:11:49.0190 4912 SiSRaid2 - ok
21:11:49.0205 4912 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:11:49.0205 4912 SiSRaid4 - ok
21:11:49.0252 4912 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:11:49.0252 4912 SkypeUpdate - ok
21:11:49.0283 4912 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\WINDOWS\system32\DRIVERS\smb.sys
21:11:49.0283 4912 Smb - ok
21:11:49.0283 4912 smstsmgr - ok
21:11:49.0314 4912 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:11:49.0330 4912 SNMPTRAP - ok
21:11:49.0346 4912 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\WINDOWS\system32\drivers\spldr.sys
21:11:49.0346 4912 spldr - ok
21:11:49.0377 4912 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:11:49.0408 4912 Spooler - ok
21:11:49.0502 4912 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:11:49.0595 4912 sppsvc - ok
21:11:49.0611 4912 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\WINDOWS\system32\sppuinotify.dll
21:11:49.0611 4912 sppuinotify - ok
21:11:49.0642 4912 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:11:49.0642 4912 srv - ok
21:11:49.0658 4912 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:11:49.0658 4912 srv2 - ok
21:11:49.0673 4912 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:11:49.0673 4912 srvnet - ok
21:11:49.0704 4912 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:11:49.0720 4912 SSDPSRV - ok
21:11:49.0720 4912 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:11:49.0736 4912 SstpSvc - ok
21:11:49.0782 4912 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:11:49.0782 4912 STacSV - ok
21:11:49.0829 4912 [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
21:11:49.0829 4912 stdcfltn - ok
21:11:49.0860 4912 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:11:49.0860 4912 stexstor - ok
21:11:49.0892 4912 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
21:11:49.0892 4912 STHDA - ok
21:11:49.0970 4912 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:11:50.0001 4912 stisvc - ok
21:11:50.0016 4912 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:11:50.0016 4912 storflt - ok
21:11:50.0032 4912 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:11:50.0048 4912 StorSvc - ok
21:11:50.0063 4912 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:11:50.0063 4912 storvsc - ok
21:11:50.0079 4912 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:11:50.0079 4912 swenum - ok
21:11:50.0141 4912 [ 78ED7E7D9720BB425645CAC0BD8EF8F6 ] SwiCardDetectSvc C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
21:11:50.0328 4912 SwiCardDetectSvc - ok
21:11:50.0344 4912 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\WINDOWS\System32\swprv.dll
21:11:50.0360 4912 swprv - ok
21:11:50.0360 4912 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\WINDOWS\system32\drivers\Synth3dVsc.sys
21:11:50.0375 4912 Synth3dVsc - ok
21:11:50.0422 4912 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\WINDOWS\system32\sysmain.dll
21:11:50.0469 4912 SysMain - ok
21:11:50.0484 4912 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:11:50.0484 4912 TabletInputService - ok
21:11:50.0500 4912 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:11:50.0516 4912 TapiSrv - ok
21:11:50.0516 4912 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\WINDOWS\System32\tbssvc.dll
21:11:50.0531 4912 TBS - ok
21:11:50.0547 4912 [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm C:\WINDOWS\system32\drivers\tcm.sys
21:11:50.0547 4912 tcm - ok
21:11:50.0625 4912 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:11:50.0672 4912 Tcpip - ok
21:11:50.0734 4912 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:11:50.0750 4912 TCPIP6 - ok
21:11:50.0781 4912 [ FA5B20182028C06756CF273AAAD608D5 ] tcpipBM C:\WINDOWS\system32\drivers\tcpipBM.sys
21:11:50.0796 4912 tcpipBM - ok
21:11:50.0828 4912 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:11:50.0828 4912 tcpipreg - ok
21:11:50.0859 4912 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\WINDOWS\system32\drivers\tdpipe.sys
21:11:50.0859 4912 TDPIPE - ok
21:11:50.0890 4912 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\WINDOWS\system32\drivers\tdtcp.sys
21:11:50.0890 4912 TDTCP - ok
21:11:50.0921 4912 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:11:50.0921 4912 tdx - ok
21:11:50.0937 4912 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:11:50.0937 4912 TermDD - ok
21:11:50.0952 4912 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\WINDOWS\system32\drivers\terminpt.sys
21:11:50.0952 4912 terminpt - ok
21:11:50.0999 4912 [ 2E648163254233755035B46DD7B89123 ] TermService C:\WINDOWS\System32\termsrv.dll
21:11:51.0030 4912 TermService - ok
21:11:51.0030 4912 [ F0344071948D1A1FA732231785A0664C ] Themes C:\WINDOWS\system32\themeservice.dll
21:11:51.0046 4912 Themes - ok
21:11:51.0062 4912 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
21:11:51.0062 4912 THREADORDER - ok
21:11:51.0093 4912 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:11:51.0093 4912 TrkWks - ok
21:11:51.0140 4912 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:11:51.0140 4912 TrustedInstaller - ok
21:11:51.0155 4912 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\WINDOWS\system32\DRIVERS\tssecsrv.sys
21:11:51.0171 4912 tssecsrv - ok
21:11:51.0202 4912 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:11:51.0202 4912 TsUsbFlt - ok
21:11:51.0218 4912 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\WINDOWS\system32\drivers\TsUsbGD.sys
21:11:51.0218 4912 TsUsbGD - ok
21:11:51.0233 4912 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
21:11:51.0233 4912 tsusbhub - ok
21:11:51.0264 4912 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:11:51.0280 4912 tunnel - ok
21:11:51.0296 4912 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
21:11:51.0296 4912 uagp35 - ok
21:11:51.0327 4912 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:11:51.0327 4912 udfs - ok
21:11:51.0358 4912 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:11:51.0358 4912 UI0Detect - ok
21:11:51.0389 4912 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
21:11:51.0389 4912 uliagpkx - ok
21:11:51.0405 4912 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\WINDOWS\system32\DRIVERS\umbus.sys
21:11:51.0405 4912 umbus - ok
21:11:51.0420 4912 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\WINDOWS\system32\drivers\umpass.sys
21:11:51.0420 4912 UmPass - ok
21:11:51.0436 4912 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:11:51.0452 4912 UmRdpService - ok
21:11:51.0467 4912 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\WINDOWS\System32\upnphost.dll
21:11:51.0467 4912 upnphost - ok
21:11:51.0498 4912 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\WINDOWS\system32\Drivers\usbaapl64.sys
21:11:51.0498 4912 USBAAPL64 - ok
21:11:51.0545 4912 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:11:51.0561 4912 usbccgp - ok
21:11:51.0576 4912 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\WINDOWS\system32\drivers\usbcir.sys
21:11:51.0576 4912 usbcir - ok
21:11:51.0608 4912 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\WINDOWS\system32\drivers\usbehci.sys
21:11:51.0608 4912 usbehci - ok
21:11:51.0639 4912 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:11:51.0639 4912 usbhub - ok
21:11:51.0670 4912 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\WINDOWS\system32\drivers\usbohci.sys
21:11:51.0670 4912 usbohci - ok
21:11:51.0686 4912 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:11:51.0701 4912 usbprint - ok
21:11:51.0748 4912 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:11:51.0764 4912 usbscan - ok
21:11:51.0795 4912 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:11:51.0810 4912 USBSTOR - ok
21:11:51.0826 4912 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\WINDOWS\system32\drivers\usbuhci.sys
21:11:51.0826 4912 usbuhci - ok
21:11:51.0857 4912 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
21:11:51.0873 4912 usbvideo - ok
21:11:51.0888 4912 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\WINDOWS\System32\uxsms.dll
21:11:51.0904 4912 UxSms - ok
21:11:51.0920 4912 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:11:51.0935 4912 VaultSvc - ok
21:11:51.0951 4912 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:11:51.0951 4912 vdrvroot - ok
21:11:51.0966 4912 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\WINDOWS\System32\vds.exe
21:11:51.0982 4912 vds - ok
21:11:51.0998 4912 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\WINDOWS\system32\DRIVERS\vgapnp.sys
21:11:52.0013 4912 vga - ok
21:11:52.0013 4912 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:11:52.0013 4912 VgaSave - ok
21:11:52.0029 4912 VGPU - ok
21:11:52.0044 4912 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\WINDOWS\system32\drivers\vhdmp.sys
21:11:52.0044 4912 vhdmp - ok
21:11:52.0076 4912 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
21:11:52.0076 4912 viaide - ok
21:11:52.0138 4912 [ F03AAF289687B13FA6331806EF99691E ] VmbService C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:11:52.0216 4912 VmbService - ok
21:11:52.0247 4912 [ 80E731A278695B47345D0171A19E428B ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:11:52.0263 4912 vmbus - ok
21:11:52.0278 4912 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\WINDOWS\system32\drivers\VMBusHID.sys
21:11:52.0278 4912 VMBusHID - ok
21:11:52.0294 4912 [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
21:11:52.0294 4912 vodafone_K3805-z_dc_enum - ok
21:11:52.0310 4912 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:11:52.0310 4912 volmgr - ok
21:11:52.0325 4912 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:11:52.0341 4912 volmgrx - ok
21:11:52.0356 4912 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:11:52.0372 4912 volsnap - ok
21:11:52.0388 4912 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:11:52.0403 4912 vsmraid - ok
21:11:52.0466 4912 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\WINDOWS\system32\vssvc.exe
21:11:52.0512 4912 VSS - ok
21:11:52.0528 4912 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\WINDOWS\system32\DRIVERS\vwifibus.sys
21:11:52.0528 4912 vwifibus - ok
21:11:52.0559 4912 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:11:52.0559 4912 vwififlt - ok
21:11:52.0575 4912 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\WINDOWS\system32\w32time.dll
21:11:52.0590 4912 W32Time - ok
21:11:52.0606 4912 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\WINDOWS\system32\drivers\wacompen.sys
21:11:52.0606 4912 WacomPen - ok
21:11:52.0653 4912 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:11:52.0653 4912 WANARP - ok
21:11:52.0668 4912 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:11:52.0668 4912 Wanarpv6 - ok
21:11:52.0715 4912 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\WINDOWS\system32\wbengine.exe
21:11:52.0762 4912 wbengine - ok
21:11:52.0778 4912 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:11:52.0778 4912 WbioSrvc - ok
21:11:52.0793 4912 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:11:52.0809 4912 wcncsvc - ok
21:11:52.0824 4912 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:11:52.0824 4912 WcsPlugInService - ok
21:11:52.0840 4912 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\WINDOWS\system32\drivers\wd.sys
21:11:52.0840 4912 Wd - ok
21:11:52.0887 4912 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:11:52.0902 4912 Wdf01000 - ok
21:11:52.0918 4912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:11:52.0918 4912 WdiServiceHost - ok
21:11:52.0934 4912 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:11:52.0934 4912 WdiSystemHost - ok
21:11:52.0965 4912 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:11:52.0965 4912 WebClient - ok
21:11:52.0980 4912 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:11:52.0996 4912 Wecsvc - ok
21:11:52.0996 4912 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:11:53.0012 4912 wercplsupport - ok
21:11:53.0043 4912 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:11:53.0043 4912 WerSvc - ok
21:11:53.0074 4912 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\WINDOWS\system32\DRIVERS\wfplwf.sys
21:11:53.0074 4912 WfpLwf - ok
21:11:53.0090 4912 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:11:53.0090 4912 WIMMount - ok
21:11:53.0105 4912 WinDefend - ok
21:11:53.0121 4912 WinHttpAutoProxySvc - ok
21:11:53.0183 4912 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:11:53.0183 4912 Winmgmt - ok
21:11:53.0246 4912 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:11:53.0308 4912 WinRM - ok
21:11:53.0355 4912 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUSB.sys
21:11:53.0355 4912 WinUsb - ok
21:11:53.0386 4912 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\WINDOWS\System32\wlansvc.dll
21:11:53.0417 4912 Wlansvc - ok
21:11:53.0448 4912 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:11:53.0448 4912 WmiAcpi - ok
21:11:53.0480 4912 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:11:53.0495 4912 wmiApSrv - ok
21:11:53.0511 4912 WMPNetworkSvc - ok
21:11:53.0526 4912 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
21:11:53.0526 4912 WPCSvc - ok
21:11:53.0558 4912 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:11:53.0558 4912 WPDBusEnum - ok
21:11:53.0573 4912 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:11:53.0573 4912 ws2ifsl - ok
21:11:53.0589 4912 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:11:53.0604 4912 wscsvc - ok
21:11:53.0604 4912 WSearch - ok
21:11:53.0698 4912 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:11:53.0760 4912 wuauserv - ok
21:11:53.0792 4912 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:11:53.0792 4912 WudfPf - ok
21:11:53.0823 4912 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:11:53.0823 4912 WUDFRd - ok
21:11:53.0854 4912 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:11:53.0870 4912 wudfsvc - ok
21:11:53.0901 4912 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:11:53.0901 4912 WwanSvc - ok
21:11:53.0932 4912 ================ Scan global ===============================
21:11:53.0963 4912 [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\system32\basesrv.dll
21:11:54.0010 4912 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
21:11:54.0026 4912 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
21:11:54.0057 4912 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\system32\sxssrv.dll
21:11:54.0088 4912 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\system32\services.exe
21:11:54.0104 4912 [Global] - ok
21:11:54.0104 4912 ================ Scan MBR ==================================
21:11:54.0119 4912 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:11:54.0384 4912 \Device\Harddisk0\DR0 - ok
21:11:54.0384 4912 ================ Scan VBR ==================================
21:11:54.0384 4912 [ C5A88EBD37D41D54E6EDCB11A151D42B ] \Device\Harddisk0\DR0\Partition1
21:11:54.0384 4912 \Device\Harddisk0\DR0\Partition1 - ok
21:11:54.0400 4912 [ 1CA80E7814819108FBA82B465219D21F ] \Device\Harddisk0\DR0\Partition2
21:11:54.0400 4912 \Device\Harddisk0\DR0\Partition2 - ok
21:11:54.0400 4912 ============================================================
21:11:54.0400 4912 Scan finished
21:11:54.0400 4912 ============================================================
21:11:54.0431 4544 Detected object count: 0
21:11:54.0431 4544 Actual detected object count: 0
21:12:46.0906 4604 Deinitialize success
|
|
20.04.2013, 21:04
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo SearchZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.04.2013, 09:12
| #13 |
| | Probleme mit Yahoo Search Ups, die anleitung für den TDS Killer habe ich tatsächlich übersehen, sorry. Okay, habe den TDS Killer noch einmal gemäß Anleitung durchgeführt: Code:
ATTFilter 10:07:41.0212 2504 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:07:41.0555 2504 ============================================================
10:07:41.0555 2504 Current date / time: 2013/04/21 10:07:41.0555
10:07:41.0555 2504 SystemInfo:
10:07:41.0555 2504
10:07:41.0555 2504 OS Version: 6.1.7601 ServicePack: 1.0
10:07:41.0555 2504 Product type: Workstation
10:07:41.0555 2504 ComputerName: CIGHHNBK166
10:07:41.0555 2504 UserName: Spargo
10:07:41.0555 2504 Windows directory: C:\WINDOWS
10:07:41.0555 2504 System windows directory: C:\WINDOWS
10:07:41.0555 2504 Running under WOW64
10:07:41.0555 2504 Processor architecture: Intel x64
10:07:41.0555 2504 Number of processors: 4
10:07:41.0555 2504 Page size: 0x1000
10:07:41.0555 2504 Boot type: Normal boot
10:07:41.0555 2504 ============================================================
10:07:42.0288 2504 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:42.0304 2504 ============================================================
10:07:42.0304 2504 \Device\Harddisk0\DR0:
10:07:42.0304 2504 MBR partitions:
10:07:42.0304 2504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
10:07:42.0304 2504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x253C9800
10:07:42.0304 2504 ============================================================
10:07:42.0319 2504 C: <-> \Device\Harddisk0\DR0\Partition2
10:07:42.0319 2504 ============================================================
10:07:42.0319 2504 Initialize success
10:07:42.0319 2504 ============================================================
10:08:17.0248 1520 ============================================================
10:08:17.0248 1520 Scan started
10:08:17.0248 1520 Mode: Manual; SigCheck; TDLFS;
10:08:17.0248 1520 ============================================================
10:08:17.0372 1520 ================ Scan system memory ========================
10:08:17.0372 1520 System memory - ok
10:08:17.0372 1520 ================ Scan services =============================
10:08:17.0497 1520 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\WINDOWS\system32\DRIVERS\1394ohci.sys
10:08:17.0606 1520 1394ohci - ok
10:08:17.0653 1520 [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler C:\WINDOWS\system32\DRIVERS\accelern.sys
10:08:17.0684 1520 Acceler - ok
10:08:17.0700 1520 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
10:08:17.0731 1520 ACPI - ok
10:08:17.0762 1520 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\WINDOWS\system32\drivers\acpipmi.sys
10:08:17.0856 1520 AcpiPmi - ok
10:08:17.0950 1520 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:08:18.0012 1520 AdobeARMservice - ok
10:08:18.0059 1520 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
10:08:18.0106 1520 adp94xx - ok
10:08:18.0137 1520 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
10:08:18.0168 1520 adpahci - ok
10:08:18.0168 1520 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
10:08:18.0199 1520 adpu320 - ok
10:08:18.0215 1520 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
10:08:18.0355 1520 AeLookupSvc - ok
10:08:18.0402 1520 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
10:08:18.0558 1520 AESTFilters - ok
10:08:18.0620 1520 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\WINDOWS\system32\drivers\afd.sys
10:08:18.0714 1520 AFD - ok
10:08:18.0745 1520 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
10:08:18.0792 1520 agp440 - ok
10:08:18.0808 1520 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\WINDOWS\System32\alg.exe
10:08:18.0917 1520 ALG - ok
10:08:18.0964 1520 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\WINDOWS\system32\drivers\aliide.sys
10:08:18.0995 1520 aliide - ok
10:08:19.0010 1520 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\WINDOWS\system32\drivers\amdide.sys
10:08:19.0026 1520 amdide - ok
10:08:19.0026 1520 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\WINDOWS\system32\drivers\amdk8.sys
10:08:19.0073 1520 AmdK8 - ok
10:08:19.0073 1520 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\WINDOWS\system32\drivers\amdppm.sys
10:08:19.0120 1520 AmdPPM - ok
10:08:19.0166 1520 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
10:08:19.0213 1520 amdsata - ok
10:08:19.0244 1520 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
10:08:19.0276 1520 amdsbs - ok
10:08:19.0291 1520 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
10:08:19.0307 1520 amdxata - ok
10:08:19.0354 1520 [ 313CE6F6F1AF6878F8AD46542FB07D17 ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
10:08:19.0385 1520 AnyDVD - ok
10:08:19.0416 1520 [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
10:08:19.0494 1520 ApfiltrService - ok
10:08:19.0556 1520 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\WINDOWS\system32\drivers\appid.sys
10:08:19.0744 1520 AppID - ok
10:08:19.0775 1520 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
10:08:19.0868 1520 AppIDSvc - ok
10:08:19.0884 1520 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\WINDOWS\System32\appinfo.dll
10:08:19.0978 1520 Appinfo - ok
10:08:20.0009 1520 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:08:20.0071 1520 Apple Mobile Device - ok
10:08:20.0134 1520 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:08:20.0180 1520 AppMgmt - ok
10:08:20.0212 1520 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\WINDOWS\system32\drivers\arc.sys
10:08:20.0227 1520 arc - ok
10:08:20.0243 1520 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
10:08:20.0258 1520 arcsas - ok
10:08:20.0336 1520 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:08:20.0399 1520 aspnet_state - ok
10:08:20.0430 1520 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:08:20.0539 1520 AsyncMac - ok
10:08:20.0586 1520 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\WINDOWS\system32\drivers\atapi.sys
10:08:20.0617 1520 atapi - ok
10:08:20.0664 1520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\WINDOWS\System32\Audiosrv.dll
10:08:20.0758 1520 AudioEndpointBuilder - ok
10:08:20.0773 1520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\WINDOWS\System32\Audiosrv.dll
10:08:20.0804 1520 AudioSrv - ok
10:08:20.0851 1520 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
10:08:20.0960 1520 AxInstSV - ok
10:08:21.0007 1520 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
10:08:21.0085 1520 b06bdrv - ok
10:08:21.0101 1520 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\WINDOWS\system32\DRIVERS\b57nd60a.sys
10:08:21.0132 1520 b57nd60a - ok
10:08:21.0179 1520 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
10:08:21.0257 1520 BDESVC - ok
10:08:21.0272 1520 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:08:21.0304 1520 Beep - ok
10:08:21.0350 1520 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\WINDOWS\System32\bfe.dll
10:08:21.0397 1520 BFE - ok
10:08:21.0444 1520 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\WINDOWS\System32\qmgr.dll
10:08:21.0553 1520 BITS - ok
10:08:21.0584 1520 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\WINDOWS\system32\DRIVERS\blbdrive.sys
10:08:21.0631 1520 blbdrive - ok
10:08:21.0647 1520 [ E10EC5AE51B38C84894CEBF4B4308A14 ] BMLoad C:\WINDOWS\system32\drivers\BMLoad.sys
10:08:21.0694 1520 BMLoad ( UnsignedFile.Multi.Generic ) - warning
10:08:21.0694 1520 BMLoad - detected UnsignedFile.Multi.Generic (1)
10:08:21.0740 1520 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:08:21.0803 1520 Bonjour Service - ok
10:08:21.0834 1520 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
10:08:21.0881 1520 bowser - ok
10:08:21.0896 1520 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\WINDOWS\system32\drivers\BrFiltLo.sys
10:08:21.0943 1520 BrFiltLo - ok
10:08:21.0959 1520 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\WINDOWS\system32\drivers\BrFiltUp.sys
10:08:21.0974 1520 BrFiltUp - ok
10:08:21.0990 1520 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys
10:08:22.0037 1520 BridgeMP - ok
10:08:22.0068 1520 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\WINDOWS\System32\browser.dll
10:08:22.0099 1520 Browser - ok
10:08:22.0115 1520 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\WINDOWS\System32\Drivers\Brserid.sys
10:08:22.0177 1520 Brserid - ok
10:08:22.0177 1520 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\WINDOWS\System32\Drivers\BrSerWdm.sys
10:08:22.0208 1520 BrSerWdm - ok
10:08:22.0208 1520 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
10:08:22.0240 1520 BrUsbMdm - ok
10:08:22.0240 1520 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\WINDOWS\System32\Drivers\BrUsbSer.sys
10:08:22.0271 1520 BrUsbSer - ok
10:08:22.0302 1520 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\WINDOWS\system32\drivers\BthEnum.sys
10:08:22.0349 1520 BthEnum - ok
10:08:22.0364 1520 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\WINDOWS\system32\drivers\bthmodem.sys
10:08:22.0396 1520 BTHMODEM - ok
10:08:22.0427 1520 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:08:22.0489 1520 BthPan - ok
10:08:22.0520 1520 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
10:08:22.0583 1520 BTHPORT - ok
10:08:22.0630 1520 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\WINDOWS\system32\bthserv.dll
10:08:22.0692 1520 bthserv - ok
10:08:22.0708 1520 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
10:08:22.0739 1520 BTHUSB - ok
10:08:22.0754 1520 catchme - ok
10:08:22.0864 1520 [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec C:\Windows\SysWOW64\CCM\CcmExec.exe
10:08:22.0988 1520 CcmExec - ok
10:08:23.0035 1520 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:08:23.0098 1520 cdfs - ok
10:08:23.0113 1520 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:08:23.0129 1520 cdrom - ok
10:08:23.0160 1520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
10:08:23.0238 1520 CertPropSvc - ok
10:08:23.0269 1520 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\WINDOWS\system32\drivers\circlass.sys
10:08:23.0300 1520 circlass - ok
10:08:23.0332 1520 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\WINDOWS\system32\CLFS.sys
10:08:23.0378 1520 CLFS - ok
10:08:23.0425 1520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:23.0503 1520 clr_optimization_v2.0.50727_32 - ok
10:08:23.0534 1520 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:08:23.0581 1520 clr_optimization_v2.0.50727_64 - ok
10:08:23.0628 1520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:08:23.0659 1520 clr_optimization_v4.0.30319_32 - ok
10:08:23.0659 1520 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:08:23.0690 1520 clr_optimization_v4.0.30319_64 - ok
10:08:23.0722 1520 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:08:23.0768 1520 CmBatt - ok
10:08:23.0784 1520 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\WINDOWS\system32\drivers\cmdide.sys
10:08:23.0815 1520 cmdide - ok
10:08:23.0862 1520 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\WINDOWS\system32\Drivers\cng.sys
10:08:23.0909 1520 CNG - ok
10:08:23.0909 1520 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\WINDOWS\system32\drivers\compbatt.sys
10:08:23.0924 1520 Compbatt - ok
10:08:23.0956 1520 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\WINDOWS\system32\DRIVERS\CompositeBus.sys
10:08:23.0971 1520 CompositeBus - ok
10:08:23.0987 1520 COMSysApp - ok
10:08:23.0987 1520 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\WINDOWS\system32\drivers\crcdisk.sys
10:08:24.0002 1520 crcdisk - ok
10:08:24.0034 1520 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
10:08:24.0112 1520 CryptSvc - ok
10:08:24.0143 1520 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\WINDOWS\system32\drivers\csc.sys
10:08:24.0190 1520 CSC - ok
10:08:24.0221 1520 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\WINDOWS\System32\cscsvc.dll
10:08:24.0252 1520 CscService - ok
10:08:24.0283 1520 [ 8D23B1F950CF285957FEAF8833DBD2C7 ] cvusbdrv C:\WINDOWS\system32\Drivers\cvusbdrv.sys
10:08:24.0314 1520 cvusbdrv - ok
10:08:24.0361 1520 [ B58959ADC3ECD9C87C5959D0E3802F55 ] d554gps C:\WINDOWS\system32\drivers\d554gps64.sys
10:08:24.0408 1520 d554gps - ok
10:08:24.0470 1520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:08:24.0548 1520 DcomLaunch - ok
10:08:24.0580 1520 [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
10:08:24.0658 1520 dcpsysmgrsvc - ok
10:08:24.0689 1520 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\WINDOWS\System32\defragsvc.dll
10:08:24.0736 1520 defragsvc - ok
10:08:24.0767 1520 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\WINDOWS\system32\Drivers\dfsc.sys
10:08:24.0845 1520 DfsC - ok
10:08:24.0876 1520 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
10:08:24.0985 1520 Dhcp - ok
10:08:25.0001 1520 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\WINDOWS\system32\drivers\discache.sys
10:08:25.0063 1520 discache - ok
10:08:25.0110 1520 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\WINDOWS\system32\drivers\disk.sys
10:08:25.0157 1520 Disk - ok
10:08:25.0188 1520 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\WINDOWS\system32\drivers\dmvsc.sys
10:08:25.0235 1520 dmvsc - ok
10:08:25.0250 1520 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:08:25.0297 1520 Dnscache - ok
10:08:25.0328 1520 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
10:08:25.0375 1520 dot3svc - ok
10:08:25.0422 1520 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
10:08:25.0453 1520 Dot4 - ok
10:08:25.0469 1520 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
10:08:25.0500 1520 Dot4Print - ok
10:08:25.0531 1520 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
10:08:25.0578 1520 dot4usb - ok
10:08:25.0594 1520 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\WINDOWS\system32\dps.dll
10:08:25.0672 1520 DPS - ok
10:08:25.0687 1520 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:08:25.0718 1520 drmkaud - ok
10:08:25.0734 1520 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:08:25.0765 1520 DXGKrnl - ok
10:08:25.0781 1520 [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress C:\WINDOWS\system32\DRIVERS\e1c62x64.sys
10:08:25.0796 1520 e1cexpress - ok
10:08:25.0812 1520 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\WINDOWS\system32\DRIVERS\e1y60x64.sys
10:08:25.0843 1520 e1yexpress - ok
10:08:25.0874 1520 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:08:25.0952 1520 EapHost - ok
10:08:26.0030 1520 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
10:08:26.0171 1520 ebdrv - ok
10:08:26.0186 1520 [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis C:\WINDOWS\System32\Drivers\wwuss64.sys
10:08:26.0202 1520 ecnssndis - ok
10:08:26.0202 1520 [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr C:\WINDOWS\System32\Drivers\wwussf64.sys
10:08:26.0218 1520 ecnssndisfltr - ok
10:08:26.0249 1520 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\WINDOWS\System32\lsass.exe
10:08:26.0265 1520 EFS - ok
10:08:26.0328 1520 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
10:08:26.0437 1520 ehRecvr - ok
10:08:26.0453 1520 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\WINDOWS\ehome\ehsched.exe
10:08:26.0499 1520 ehSched - ok
10:08:26.0531 1520 [ 3836E2DB9034543F63943CDBB52A691A ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:08:26.0577 1520 ElbyCDIO - ok
10:08:26.0624 1520 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\WINDOWS\system32\drivers\elxstor.sys
10:08:26.0655 1520 elxstor - ok
10:08:26.0671 1520 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\WINDOWS\system32\drivers\errdev.sys
10:08:26.0702 1520 ErrDev - ok
10:08:26.0733 1520 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\WINDOWS\system32\es.dll
10:08:26.0780 1520 EventSystem - ok
10:08:26.0811 1520 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\WINDOWS\system32\drivers\exfat.sys
10:08:26.0843 1520 exfat - ok
10:08:26.0858 1520 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
10:08:26.0921 1520 fastfat - ok
10:08:26.0952 1520 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\WINDOWS\system32\fxssvc.exe
10:08:27.0045 1520 Fax - ok
10:08:27.0077 1520 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\WINDOWS\system32\drivers\fdc.sys
10:08:27.0123 1520 fdc - ok
10:08:27.0139 1520 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
10:08:27.0186 1520 fdPHost - ok
10:08:27.0186 1520 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
10:08:27.0233 1520 FDResPub - ok
10:08:27.0264 1520 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
10:08:27.0279 1520 FileInfo - ok
10:08:27.0279 1520 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
10:08:27.0326 1520 Filetrace - ok
10:08:27.0326 1520 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\WINDOWS\system32\drivers\flpydisk.sys
10:08:27.0342 1520 flpydisk - ok
10:08:27.0357 1520 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:08:27.0373 1520 FltMgr - ok
10:08:27.0404 1520 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
10:08:27.0513 1520 FontCache - ok
10:08:27.0560 1520 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:08:27.0591 1520 FontCache3.0.0.0 - ok
10:08:27.0607 1520 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
10:08:27.0623 1520 FsDepends - ok
10:08:27.0654 1520 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:08:27.0654 1520 Fs_Rec - ok
10:08:27.0685 1520 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:08:27.0701 1520 fvevol - ok
10:08:27.0732 1520 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
10:08:27.0732 1520 gagp30kx - ok
10:08:27.0779 1520 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:08:27.0810 1520 GEARAspiWDM - ok
10:08:27.0841 1520 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\WINDOWS\System32\gpsvc.dll
10:08:27.0903 1520 gpsvc - ok
10:08:27.0950 1520 [ 2F3DBA5CDC388BC0500DE0EEDC8C81AE ] GTPTSER C:\WINDOWS\system32\DRIVERS\gtptser.sys
10:08:28.0028 1520 GTPTSER - ok
10:08:28.0059 1520 [ 3DDC61C7F44238285990EACEA448C68B ] GTUQBUS C:\WINDOWS\system32\DRIVERS\gtuqbus.sys
10:08:28.0122 1520 GTUQBUS - ok
10:08:28.0169 1520 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\WINDOWS\system32\drivers\hcw85cir.sys
10:08:28.0215 1520 hcw85cir - ok
10:08:28.0231 1520 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:08:28.0262 1520 HdAudAddService - ok
10:08:28.0278 1520 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:08:28.0309 1520 HDAudBus - ok
10:08:28.0309 1520 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\WINDOWS\system32\drivers\HidBatt.sys
10:08:28.0356 1520 HidBatt - ok
10:08:28.0356 1520 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\WINDOWS\system32\drivers\hidbth.sys
10:08:28.0418 1520 HidBth - ok
10:08:28.0449 1520 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\WINDOWS\system32\drivers\hidir.sys
10:08:28.0465 1520 HidIr - ok
10:08:28.0481 1520 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\WINDOWS\System32\hidserv.dll
10:08:28.0527 1520 hidserv - ok
10:08:28.0574 1520 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:08:28.0605 1520 HidUsb - ok
10:08:28.0652 1520 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
10:08:28.0777 1520 hkmsvc - ok
10:08:28.0793 1520 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:08:28.0839 1520 HomeGroupListener - ok
10:08:28.0855 1520 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:08:28.0886 1520 HomeGroupProvider - ok
10:08:29.0042 1520 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:08:29.0167 1520 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0167 1520 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:08:29.0183 1520 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:08:29.0261 1520 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0261 1520 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:08:29.0292 1520 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
10:08:29.0323 1520 HpSAMD - ok
10:08:29.0354 1520 [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:08:29.0417 1520 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0417 1520 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
10:08:29.0448 1520 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
10:08:29.0526 1520 HTTP - ok
10:08:29.0557 1520 [ CCE3DB0BA3C615CAA321EB1301532688 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
10:08:29.0588 1520 huawei_enumerator - ok
10:08:29.0619 1520 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
10:08:29.0619 1520 hwpolicy - ok
10:08:29.0651 1520 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:08:29.0682 1520 i8042prt - ok
10:08:29.0713 1520 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
10:08:29.0744 1520 iaStor - ok
10:08:29.0791 1520 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
10:08:29.0853 1520 iaStorV - ok
10:08:29.0900 1520 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:08:29.0931 1520 idsvc - ok
10:08:30.0150 1520 [ 9937600A1584FF00565D5379EB4C9EDB ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:08:30.0540 1520 igfx - ok
10:08:30.0571 1520 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
10:08:30.0587 1520 iirsp - ok
10:08:30.0618 1520 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
10:08:30.0680 1520 IKEEXT - ok
10:08:30.0696 1520 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\WINDOWS\system32\drivers\Impcd.sys
10:08:30.0743 1520 Impcd - ok
10:08:30.0774 1520 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:08:30.0805 1520 IntcDAud - ok
10:08:30.0821 1520 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\WINDOWS\system32\drivers\intelide.sys
10:08:30.0836 1520 intelide - ok
10:08:30.0852 1520 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:08:30.0883 1520 intelppm - ok
10:08:30.0914 1520 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\WINDOWS\system32\ipbusenum.dll
10:08:30.0961 1520 IPBusEnum - ok
10:08:30.0992 1520 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:08:31.0023 1520 IpFilterDriver - ok
10:08:31.0086 1520 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
10:08:31.0179 1520 iphlpsvc - ok
10:08:31.0195 1520 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\WINDOWS\system32\drivers\IPMIDrv.sys
10:08:31.0226 1520 IPMIDRV - ok
10:08:31.0257 1520 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
10:08:31.0289 1520 IPNAT - ok
10:08:31.0335 1520 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:08:31.0398 1520 iPod Service - ok
10:08:31.0429 1520 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
10:08:31.0476 1520 IRENUM - ok
10:08:31.0491 1520 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
10:08:31.0523 1520 isapnp - ok
10:08:31.0538 1520 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\WINDOWS\system32\drivers\msiscsi.sys
10:08:31.0585 1520 iScsiPrt - ok
10:08:31.0616 1520 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:08:31.0647 1520 kbdclass - ok
10:08:31.0663 1520 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\WINDOWS\system32\drivers\kbdhid.sys
10:08:31.0694 1520 kbdhid - ok
10:08:31.0710 1520 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\WINDOWS\system32\lsass.exe
10:08:31.0741 1520 KeyIso - ok
10:08:31.0741 1520 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
10:08:31.0788 1520 KSecDD - ok
10:08:31.0819 1520 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:08:31.0897 1520 KSecPkg - ok
10:08:31.0913 1520 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
10:08:31.0991 1520 ksthunk - ok
10:08:32.0006 1520 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
10:08:32.0100 1520 KtmRm - ok
10:08:32.0147 1520 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
10:08:32.0209 1520 LanmanServer - ok
10:08:32.0256 1520 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:08:32.0334 1520 LanmanWorkstation - ok
10:08:32.0365 1520 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
10:08:32.0443 1520 lltdio - ok
10:08:32.0459 1520 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
10:08:32.0521 1520 lltdsvc - ok
10:08:32.0552 1520 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
10:08:32.0583 1520 lmhosts - ok
10:08:32.0599 1520 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\WINDOWS\system32\drivers\lsi_fc.sys
10:08:32.0615 1520 LSI_FC - ok
10:08:32.0646 1520 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
10:08:32.0661 1520 LSI_SAS - ok
10:08:32.0677 1520 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
10:08:32.0693 1520 LSI_SAS2 - ok
10:08:32.0693 1520 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
10:08:32.0708 1520 LSI_SCSI - ok
10:08:32.0724 1520 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
10:08:32.0771 1520 luafv - ok
10:08:32.0802 1520 [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus C:\WINDOWS\system32\drivers\Mbm3CBus.sys
10:08:32.0817 1520 Mbm3CBus - ok
10:08:32.0833 1520 [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt C:\WINDOWS\system32\drivers\Mbm3DevMt.sys
10:08:32.0880 1520 Mbm3DevMt - ok
10:08:32.0911 1520 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
10:08:32.0942 1520 Mcx2Svc - ok
10:08:32.0942 1520 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
10:08:32.0958 1520 megasas - ok
10:08:32.0973 1520 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
10:08:33.0020 1520 MegaSR - ok
10:08:33.0051 1520 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\WINDOWS\system32\drivers\HECIx64.sys
10:08:33.0098 1520 MEIx64 - ok
10:08:33.0145 1520 Microsoft SharePoint Workspace Audit Service - ok
10:08:33.0161 1520 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\WINDOWS\system32\mmcss.dll
10:08:33.0239 1520 MMCSS - ok
10:08:33.0254 1520 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\WINDOWS\system32\drivers\modem.sys
10:08:33.0301 1520 Modem - ok
10:08:33.0332 1520 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
10:08:33.0395 1520 monitor - ok
10:08:33.0395 1520 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:08:33.0441 1520 mouclass - ok
10:08:33.0457 1520 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:08:33.0473 1520 mouhid - ok
10:08:33.0488 1520 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
10:08:33.0504 1520 mountmgr - ok
10:08:33.0535 1520 [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:08:33.0597 1520 MpFilter - ok
10:08:33.0613 1520 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\WINDOWS\system32\drivers\mpio.sys
10:08:33.0629 1520 mpio - ok
10:08:33.0644 1520 [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon C:\WINDOWS\system32\DRIVERS\MpNWMon.sys
10:08:33.0660 1520 MpNWMon - ok
10:08:33.0675 1520 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
10:08:33.0722 1520 mpsdrv - ok
10:08:33.0753 1520 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
10:08:33.0816 1520 MpsSvc - ok
10:08:33.0816 1520 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
10:08:33.0847 1520 MRxDAV - ok
10:08:33.0863 1520 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:08:33.0894 1520 mrxsmb - ok
10:08:33.0925 1520 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:08:33.0941 1520 mrxsmb10 - ok
10:08:33.0956 1520 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:08:33.0972 1520 mrxsmb20 - ok
10:08:33.0987 1520 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\WINDOWS\system32\drivers\msahci.sys
10:08:34.0003 1520 msahci - ok
10:08:34.0050 1520 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\WINDOWS\system32\drivers\msdsm.sys
10:08:34.0097 1520 msdsm - ok
10:08:34.0112 1520 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\WINDOWS\System32\msdtc.exe
10:08:34.0190 1520 MSDTC - ok
10:08:34.0206 1520 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:08:34.0253 1520 Msfs - ok
10:08:34.0268 1520 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:08:34.0299 1520 mshidkmdf - ok
10:08:34.0315 1520 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
10:08:34.0331 1520 msisadrv - ok
10:08:34.0346 1520 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
10:08:34.0409 1520 MSiSCSI - ok
10:08:34.0409 1520 msiserver - ok
10:08:34.0424 1520 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:08:34.0455 1520 MSKSSRV - ok
10:08:34.0502 1520 [ 157E9E498206A3366BAA7E4697BDD947 ] MsMpSvc c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:08:34.0533 1520 MsMpSvc - ok
10:08:34.0549 1520 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:08:34.0596 1520 MSPCLOCK - ok
10:08:34.0611 1520 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:08:34.0643 1520 MSPQM - ok
10:08:34.0658 1520 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
10:08:34.0689 1520 MsRPC - ok
10:08:34.0689 1520 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:08:34.0705 1520 mssmbios - ok
10:08:34.0721 1520 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
10:08:34.0799 1520 MSTEE - ok
10:08:34.0814 1520 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\WINDOWS\system32\drivers\MTConfig.sys
10:08:34.0814 1520 MTConfig - ok
10:08:34.0830 1520 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
10:08:34.0861 1520 Mup - ok
10:08:34.0908 1520 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\WINDOWS\system32\qagentRT.dll
10:08:34.0970 1520 napagent - ok
10:08:35.0001 1520 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:08:35.0033 1520 NativeWifiP - ok
10:08:35.0111 1520 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
10:08:35.0251 1520 NAUpdate - ok
10:08:35.0282 1520 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
10:08:35.0329 1520 NDIS - ok
10:08:35.0345 1520 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
10:08:35.0376 1520 NdisCap - ok
10:08:35.0391 1520 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:08:35.0423 1520 NdisTapi - ok
10:08:35.0423 1520 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:08:35.0485 1520 Ndisuio - ok
10:08:35.0501 1520 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:08:35.0547 1520 NdisWan - ok
10:08:35.0563 1520 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:08:35.0594 1520 NDProxy - ok
10:08:35.0625 1520 [ 47DA0A01D8AD23B83F690DCF25C859A8 ] NEOFLTR_700_16899 C:\WINDOWS\system32\Drivers\NEOFLTR_700_16899.SYS
10:08:35.0641 1520 NEOFLTR_700_16899 - ok
10:08:35.0703 1520 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:08:35.0735 1520 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:08:35.0735 1520 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:08:35.0750 1520 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl64.sys
10:08:35.0813 1520 Netaapl - ok
10:08:35.0844 1520 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:08:35.0906 1520 NetBIOS - ok
10:08:35.0937 1520 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:08:35.0984 1520 NetBT - ok
10:08:36.0015 1520 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:08:36.0031 1520 Netlogon - ok
10:08:36.0062 1520 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\WINDOWS\System32\netman.dll
10:08:36.0109 1520 Netman - ok
10:08:36.0140 1520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0187 1520 NetMsmqActivator - ok
10:08:36.0187 1520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0203 1520 NetPipeActivator - ok
10:08:36.0234 1520 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\WINDOWS\System32\netprofm.dll
10:08:36.0281 1520 netprofm - ok
10:08:36.0281 1520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0312 1520 NetTcpActivator - ok
10:08:36.0312 1520 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0327 1520 NetTcpPortSharing - ok
10:08:36.0452 1520 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\WINDOWS\system32\DRIVERS\netw5v64.sys
10:08:36.0639 1520 netw5v64 - ok
10:08:36.0827 1520 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
10:08:37.0061 1520 NETwNs64 - ok
10:08:37.0092 1520 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
10:08:37.0107 1520 nfrd960 - ok
10:08:37.0123 1520 [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv C:\WINDOWS\system32\DRIVERS\NisDrvWFP.sys
10:08:37.0139 1520 NisDrv - ok
10:08:37.0154 1520 [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:08:37.0185 1520 NisSrv - ok
10:08:37.0217 1520 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
10:08:37.0263 1520 NlaSvc - ok
10:08:37.0310 1520 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:08:37.0357 1520 Npfs - ok
10:08:37.0373 1520 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\WINDOWS\system32\nsisvc.dll
10:08:37.0419 1520 nsi - ok
10:08:37.0435 1520 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
10:08:37.0482 1520 nsiproxy - ok
10:08:37.0544 1520 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:08:37.0622 1520 Ntfs - ok
10:08:37.0622 1520 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\WINDOWS\system32\drivers\Null.sys
10:08:37.0669 1520 Null - ok
10:08:37.0685 1520 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\WINDOWS\system32\drivers\nusb3hub.sys
10:08:37.0731 1520 nusb3hub - ok
10:08:37.0747 1520 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\WINDOWS\system32\drivers\nusb3xhc.sys
10:08:37.0794 1520 nusb3xhc - ok
10:08:37.0809 1520 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
10:08:37.0825 1520 nvraid - ok
10:08:37.0841 1520 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
10:08:37.0856 1520 nvstor - ok
10:08:37.0903 1520 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
10:08:37.0919 1520 nv_agp - ok
10:08:37.0950 1520 [ 34D52ECC6DD8577600B392E06B74D4B7 ] nwdelgobi3kfilter C:\WINDOWS\system32\drivers\nwdelgobi3kfilter.sys
10:08:37.0997 1520 nwdelgobi3kfilter - ok
10:08:38.0012 1520 [ 49BC63FB646734567D6BDE76E10F5E8E ] nwdelserial C:\WINDOWS\system32\drivers\nwdelserial.sys
10:08:38.0075 1520 nwdelserial - ok
10:08:38.0106 1520 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\WINDOWS\system32\DRIVERS\o2flash.exe
10:08:38.0137 1520 O2FLASH - ok
10:08:38.0153 1520 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\WINDOWS\system32\drivers\O2MDFw7x64.sys
10:08:38.0168 1520 O2MDFRDR - ok
10:08:38.0184 1520 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\WINDOWS\system32\DRIVERS\O2MDRw7x64.sys
10:08:38.0215 1520 O2MDRRDR - ok
10:08:38.0231 1520 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\WINDOWS\system32\DRIVERS\o2sdjw7x64.sys
10:08:38.0246 1520 O2SDJRDR - ok
10:08:38.0262 1520 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\WINDOWS\system32\drivers\ohci1394.sys
10:08:38.0293 1520 ohci1394 - ok
10:08:38.0371 1520 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:38.0449 1520 ose - ok
10:08:38.0636 1520 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:08:38.0917 1520 osppsvc - ok
10:08:38.0948 1520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
10:08:39.0026 1520 p2pimsvc - ok
10:08:39.0057 1520 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:08:39.0089 1520 p2psvc - ok
10:08:39.0104 1520 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:08:39.0135 1520 Parport - ok
10:08:39.0167 1520 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
10:08:39.0167 1520 partmgr - ok
10:08:39.0182 1520 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
10:08:39.0213 1520 PcaSvc - ok
10:08:39.0245 1520 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\WINDOWS\system32\drivers\pci.sys
10:08:39.0260 1520 pci - ok
10:08:39.0291 1520 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\WINDOWS\system32\drivers\pciide.sys
10:08:39.0291 1520 pciide - ok
10:08:39.0323 1520 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
10:08:39.0338 1520 pcmcia - ok
10:08:39.0354 1520 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
10:08:39.0354 1520 pcw - ok
10:08:39.0369 1520 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
10:08:39.0447 1520 PEAUTH - ok
10:08:39.0494 1520 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
10:08:39.0588 1520 PeerDistSvc - ok
10:08:39.0681 1520 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
10:08:39.0775 1520 PerfHost - ok
10:08:39.0837 1520 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\WINDOWS\system32\pla.dll
10:08:39.0931 1520 pla - ok
10:08:39.0978 1520 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
10:08:40.0009 1520 PlugPlay - ok
10:08:40.0071 1520 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:08:40.0134 1520 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:08:40.0134 1520 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:08:40.0134 1520 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
10:08:40.0181 1520 PNRPAutoReg - ok
10:08:40.0196 1520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
10:08:40.0227 1520 PNRPsvc - ok
10:08:40.0259 1520 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
10:08:40.0337 1520 PolicyAgent - ok
10:08:40.0383 1520 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\WINDOWS\system32\umpo.dll
10:08:40.0446 1520 Power - ok
10:08:40.0477 1520 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:08:40.0524 1520 PptpMiniport - ok
10:08:40.0602 1520 [ 3A603DD6466569970BD99DFB4C63BBC7 ] prepdrvr C:\Windows\SysWOW64\CCM\prepdrv.sys
10:08:40.0633 1520 prepdrvr - ok
10:08:40.0649 1520 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\WINDOWS\system32\drivers\processr.sys
10:08:40.0695 1520 Processor - ok
10:08:40.0727 1520 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
10:08:40.0820 1520 ProfSvc - ok
10:08:40.0851 1520 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:08:40.0867 1520 ProtectedStorage - ok
10:08:40.0883 1520 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
10:08:40.0929 1520 Psched - ok
10:08:40.0961 1520 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\WINDOWS\system32\drivers\ql2300.sys
10:08:41.0023 1520 ql2300 - ok
10:08:41.0039 1520 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\WINDOWS\system32\drivers\ql40xx.sys
10:08:41.0054 1520 ql40xx - ok
10:08:41.0085 1520 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\WINDOWS\system32\qwave.dll
10:08:41.0117 1520 QWAVE - ok
10:08:41.0132 1520 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
10:08:41.0163 1520 QWAVEdrv - ok
10:08:41.0195 1520 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:08:41.0226 1520 RasAcd - ok
10:08:41.0241 1520 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
10:08:41.0273 1520 RasAgileVpn - ok
10:08:41.0288 1520 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:08:41.0335 1520 RasAuto - ok
10:08:41.0351 1520 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:08:41.0397 1520 Rasl2tp - ok
10:08:41.0413 1520 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:08:41.0460 1520 RasMan - ok
10:08:41.0460 1520 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:08:41.0507 1520 RasPppoe - ok
10:08:41.0522 1520 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
10:08:41.0553 1520 RasSstp - ok
10:08:41.0569 1520 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:08:41.0631 1520 rdbss - ok
10:08:41.0647 1520 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\WINDOWS\system32\DRIVERS\rdpbus.sys
10:08:41.0663 1520 rdpbus - ok
10:08:41.0678 1520 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:08:41.0709 1520 RDPCDD - ok
10:08:41.0725 1520 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
10:08:41.0756 1520 RDPDR - ok
10:08:41.0756 1520 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\WINDOWS\system32\drivers\rdpencdd.sys
10:08:41.0819 1520 RDPENCDD - ok
10:08:41.0834 1520 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\WINDOWS\system32\drivers\rdprefmp.sys
10:08:41.0865 1520 RDPREFMP - ok
10:08:41.0881 1520 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:08:41.0943 1520 RdpVideoMiniport - ok
10:08:41.0975 1520 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:08:42.0053 1520 RDPWD - ok
10:08:42.0084 1520 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
10:08:42.0115 1520 rdyboost - ok
10:08:42.0146 1520 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:08:42.0209 1520 RemoteAccess - ok
10:08:42.0240 1520 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:08:42.0287 1520 RemoteRegistry - ok
10:08:42.0318 1520 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:08:42.0365 1520 RFCOMM - ok
10:08:42.0396 1520 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
10:08:42.0443 1520 RpcEptMapper - ok
10:08:42.0458 1520 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\WINDOWS\system32\locator.exe
10:08:42.0489 1520 RpcLocator - ok
10:08:42.0505 1520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:08:42.0552 1520 RpcSs - ok
10:08:42.0567 1520 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
10:08:42.0630 1520 rspndr - ok
10:08:42.0645 1520 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\WINDOWS\system32\drivers\vms3cap.sys
10:08:42.0661 1520 s3cap - ok
10:08:42.0677 1520 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\WINDOWS\system32\lsass.exe
10:08:42.0692 1520 SamSs - ok
10:08:42.0708 1520 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
10:08:42.0723 1520 sbp2port - ok
10:08:42.0739 1520 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
10:08:42.0801 1520 SCardSvr - ok
10:08:42.0817 1520 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:08:42.0848 1520 scfilter - ok
10:08:42.0879 1520 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:08:42.0942 1520 Schedule - ok
10:08:42.0957 1520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
10:08:43.0004 1520 SCPolicySvc - ok
10:08:43.0035 1520 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:08:43.0082 1520 sdbus - ok
10:08:43.0098 1520 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
10:08:43.0160 1520 SDRSVC - ok
10:08:43.0191 1520 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
10:08:43.0269 1520 secdrv - ok
10:08:43.0269 1520 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\WINDOWS\system32\seclogon.dll
10:08:43.0316 1520 seclogon - ok
10:08:43.0332 1520 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\WINDOWS\system32\sens.dll
10:08:43.0363 1520 SENS - ok
10:08:43.0379 1520 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
10:08:43.0410 1520 SensrSvc - ok
10:08:43.0441 1520 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:08:43.0457 1520 Serenum - ok
10:08:43.0488 1520 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:08:43.0519 1520 Serial - ok
10:08:43.0519 1520 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\WINDOWS\system32\drivers\sermouse.sys
10:08:43.0550 1520 sermouse - ok
10:08:43.0566 1520 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
10:08:43.0613 1520 SessionEnv - ok
10:08:43.0628 1520 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\WINDOWS\system32\drivers\sffdisk.sys
10:08:43.0644 1520 sffdisk - ok
10:08:43.0644 1520 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\WINDOWS\system32\drivers\sffp_mmc.sys
10:08:43.0659 1520 sffp_mmc - ok
10:08:43.0675 1520 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\WINDOWS\system32\drivers\sffp_sd.sys
10:08:43.0691 1520 sffp_sd - ok
10:08:43.0722 1520 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\WINDOWS\system32\drivers\sfloppy.sys
10:08:43.0737 1520 sfloppy - ok
10:08:43.0753 1520 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:08:43.0847 1520 SharedAccess - ok
10:08:43.0893 1520 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:08:43.0971 1520 ShellHWDetection - ok
10:08:43.0987 1520 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:08:44.0003 1520 SiSRaid2 - ok
10:08:44.0018 1520 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
10:08:44.0034 1520 SiSRaid4 - ok
10:08:44.0065 1520 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:08:44.0190 1520 SkypeUpdate - ok
10:08:44.0221 1520 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\WINDOWS\system32\DRIVERS\smb.sys
10:08:44.0268 1520 Smb - ok
10:08:44.0283 1520 smstsmgr - ok
10:08:44.0299 1520 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:08:44.0361 1520 SNMPTRAP - ok
10:08:44.0393 1520 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\WINDOWS\system32\drivers\spldr.sys
10:08:44.0424 1520 spldr - ok
10:08:44.0455 1520 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\WINDOWS\System32\spoolsv.exe
10:08:44.0533 1520 Spooler - ok
10:08:44.0627 1520 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\WINDOWS\system32\sppsvc.exe
10:08:44.0798 1520 sppsvc - ok
10:08:44.0814 1520 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\WINDOWS\system32\sppuinotify.dll
10:08:44.0845 1520 sppuinotify - ok
10:08:44.0876 1520 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:08:44.0939 1520 srv - ok
10:08:44.0954 1520 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
10:08:45.0017 1520 srv2 - ok
10:08:45.0032 1520 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:08:45.0048 1520 srvnet - ok
10:08:45.0079 1520 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:08:45.0110 1520 SSDPSRV - ok
10:08:45.0126 1520 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
10:08:45.0157 1520 SstpSvc - ok
10:08:45.0188 1520 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
10:08:45.0266 1520 STacSV - ok
10:08:45.0297 1520 [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
10:08:45.0313 1520 stdcfltn - ok
10:08:45.0329 1520 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
10:08:45.0344 1520 stexstor - ok
10:08:45.0360 1520 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
10:08:45.0391 1520 STHDA - ok
10:08:45.0422 1520 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\WINDOWS\System32\wiaservc.dll
10:08:45.0469 1520 stisvc - ok
10:08:45.0469 1520 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
10:08:45.0485 1520 storflt - ok
10:08:45.0500 1520 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\WINDOWS\system32\storsvc.dll
10:08:45.0563 1520 StorSvc - ok
10:08:45.0594 1520 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
10:08:45.0625 1520 storvsc - ok
10:08:45.0641 1520 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:08:45.0656 1520 swenum - ok
10:08:45.0719 1520 [ 78ED7E7D9720BB425645CAC0BD8EF8F6 ] SwiCardDetectSvc C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
10:08:45.0843 1520 SwiCardDetectSvc - ok
10:08:45.0859 1520 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\WINDOWS\System32\swprv.dll
10:08:45.0921 1520 swprv - ok
10:08:45.0921 1520 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\WINDOWS\system32\drivers\Synth3dVsc.sys
10:08:45.0937 1520 Synth3dVsc - ok
10:08:45.0968 1520 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\WINDOWS\system32\sysmain.dll
10:08:46.0046 1520 SysMain - ok
10:08:46.0046 1520 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:08:46.0077 1520 TabletInputService - ok
10:08:46.0093 1520 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:08:46.0155 1520 TapiSrv - ok
10:08:46.0155 1520 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\WINDOWS\System32\tbssvc.dll
10:08:46.0202 1520 TBS - ok
10:08:46.0233 1520 [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm C:\WINDOWS\system32\drivers\tcm.sys
10:08:46.0265 1520 tcm - ok
10:08:46.0311 1520 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
10:08:46.0389 1520 Tcpip - ok
10:08:46.0452 1520 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:08:46.0514 1520 TCPIP6 - ok
10:08:46.0530 1520 [ FA5B20182028C06756CF273AAAD608D5 ] tcpipBM C:\WINDOWS\system32\drivers\tcpipBM.sys
10:08:46.0561 1520 tcpipBM ( UnsignedFile.Multi.Generic ) - warning
10:08:46.0561 1520 tcpipBM - detected UnsignedFile.Multi.Generic (1)
10:08:46.0592 1520 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
10:08:46.0623 1520 tcpipreg - ok
10:08:46.0655 1520 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\WINDOWS\system32\drivers\tdpipe.sys
10:08:46.0701 1520 TDPIPE - ok
10:08:46.0717 1520 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\WINDOWS\system32\drivers\tdtcp.sys
10:08:46.0779 1520 TDTCP - ok
10:08:46.0795 1520 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
10:08:46.0857 1520 tdx - ok
10:08:46.0873 1520 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:08:46.0889 1520 TermDD - ok
10:08:46.0904 1520 [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt C:\WINDOWS\system32\drivers\terminpt.sys
10:08:46.0935 1520 terminpt - ok
10:08:46.0967 1520 [ 2E648163254233755035B46DD7B89123 ] TermService C:\WINDOWS\System32\termsrv.dll
10:08:47.0045 1520 TermService - ok
10:08:47.0060 1520 [ F0344071948D1A1FA732231785A0664C ] Themes C:\WINDOWS\system32\themeservice.dll
10:08:47.0076 1520 Themes - ok
10:08:47.0107 1520 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
10:08:47.0138 1520 THREADORDER - ok
10:08:47.0138 1520 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\WINDOWS\System32\trkwks.dll
10:08:47.0201 1520 TrkWks - ok
10:08:47.0232 1520 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:08:47.0310 1520 TrustedInstaller - ok
10:08:47.0325 1520 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\WINDOWS\system32\DRIVERS\tssecsrv.sys
10:08:47.0357 1520 tssecsrv - ok
10:08:47.0388 1520 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
10:08:47.0419 1520 TsUsbFlt - ok
10:08:47.0419 1520 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\WINDOWS\system32\drivers\TsUsbGD.sys
10:08:47.0435 1520 TsUsbGD - ok
10:08:47.0450 1520 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
10:08:47.0466 1520 tsusbhub - ok
10:08:47.0497 1520 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
10:08:47.0544 1520 tunnel - ok
10:08:47.0559 1520 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
10:08:47.0591 1520 uagp35 - ok
10:08:47.0606 1520 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
10:08:47.0684 1520 udfs - ok
10:08:47.0700 1520 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
10:08:47.0731 1520 UI0Detect - ok
10:08:47.0747 1520 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
10:08:47.0762 1520 uliagpkx - ok
10:08:47.0778 1520 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\WINDOWS\system32\DRIVERS\umbus.sys
10:08:47.0809 1520 umbus - ok
10:08:47.0825 1520 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\WINDOWS\system32\drivers\umpass.sys
10:08:47.0840 1520 UmPass - ok
10:08:47.0856 1520 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\WINDOWS\System32\umrdp.dll
10:08:47.0887 1520 UmRdpService - ok
10:08:47.0903 1520 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\WINDOWS\System32\upnphost.dll
10:08:47.0965 1520 upnphost - ok
10:08:47.0996 1520 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\WINDOWS\system32\Drivers\usbaapl64.sys
10:08:48.0059 1520 USBAAPL64 - ok
10:08:48.0105 1520 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:08:48.0183 1520 usbccgp - ok
10:08:48.0199 1520 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\WINDOWS\system32\drivers\usbcir.sys
10:08:48.0230 1520 usbcir - ok
10:08:48.0246 1520 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\WINDOWS\system32\drivers\usbehci.sys
10:08:48.0293 1520 usbehci - ok
10:08:48.0324 1520 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:08:48.0371 1520 usbhub - ok
10:08:48.0386 1520 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\WINDOWS\system32\drivers\usbohci.sys
10:08:48.0402 1520 usbohci - ok
10:08:48.0417 1520 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:08:48.0449 1520 usbprint - ok
10:08:48.0480 1520 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:08:48.0495 1520 usbscan - ok
10:08:48.0511 1520 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:08:48.0573 1520 USBSTOR - ok
10:08:48.0605 1520 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\WINDOWS\system32\drivers\usbuhci.sys
10:08:48.0605 1520 usbuhci - ok
10:08:48.0651 1520 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
10:08:48.0667 1520 usbvideo - ok
10:08:48.0683 1520 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\WINDOWS\System32\uxsms.dll
10:08:48.0745 1520 UxSms - ok
10:08:48.0761 1520 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
10:08:48.0776 1520 VaultSvc - ok
10:08:48.0776 1520 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
10:08:48.0792 1520 vdrvroot - ok
10:08:48.0807 1520 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\WINDOWS\System32\vds.exe
10:08:48.0885 1520 vds - ok
10:08:48.0917 1520 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\WINDOWS\system32\DRIVERS\vgapnp.sys
10:08:48.0932 1520 vga - ok
10:08:48.0948 1520 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:08:48.0979 1520 VgaSave - ok
10:08:48.0995 1520 VGPU - ok
10:08:49.0010 1520 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\WINDOWS\system32\drivers\vhdmp.sys
10:08:49.0026 1520 vhdmp - ok
10:08:49.0041 1520 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
10:08:49.0057 1520 viaide - ok
10:08:49.0119 1520 [ F03AAF289687B13FA6331806EF99691E ] VmbService C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
10:08:49.0166 1520 VmbService ( UnsignedFile.Multi.Generic ) - warning
10:08:49.0166 1520 VmbService - detected UnsignedFile.Multi.Generic (1)
10:08:49.0182 1520 [ 80E731A278695B47345D0171A19E428B ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
10:08:49.0197 1520 vmbus - ok
10:08:49.0213 1520 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\WINDOWS\system32\drivers\VMBusHID.sys
10:08:49.0229 1520 VMBusHID - ok
10:08:49.0244 1520 [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
10:08:49.0275 1520 vodafone_K3805-z_dc_enum - ok
10:08:49.0307 1520 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
10:08:49.0322 1520 volmgr - ok
10:08:49.0338 1520 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
10:08:49.0385 1520 volmgrx - ok
10:08:49.0400 1520 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
10:08:49.0416 1520 volsnap - ok
10:08:49.0447 1520 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
10:08:49.0463 1520 vsmraid - ok
10:08:49.0525 1520 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\WINDOWS\system32\vssvc.exe
10:08:49.0665 1520 VSS - ok
10:08:49.0697 1520 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\WINDOWS\system32\DRIVERS\vwifibus.sys
10:08:49.0712 1520 vwifibus - ok
10:08:49.0728 1520 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
10:08:49.0775 1520 vwififlt - ok
10:08:49.0790 1520 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\WINDOWS\system32\w32time.dll
10:08:49.0837 1520 W32Time - ok
10:08:49.0853 1520 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\WINDOWS\system32\drivers\wacompen.sys
10:08:49.0884 1520 WacomPen - ok
10:08:49.0915 1520 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:08:49.0962 1520 WANARP - ok
10:08:49.0962 1520 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:08:49.0993 1520 Wanarpv6 - ok
10:08:50.0040 1520 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\WINDOWS\system32\wbengine.exe
10:08:50.0133 1520 wbengine - ok
10:08:50.0165 1520 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
10:08:50.0196 1520 WbioSrvc - ok
10:08:50.0196 1520 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
10:08:50.0243 1520 wcncsvc - ok
10:08:50.0243 1520 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:08:50.0336 1520 WcsPlugInService - ok
10:08:50.0367 1520 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\WINDOWS\system32\drivers\wd.sys
10:08:50.0367 1520 Wd - ok
10:08:50.0399 1520 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
10:08:50.0445 1520 Wdf01000 - ok
10:08:50.0477 1520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
10:08:50.0570 1520 WdiServiceHost - ok
10:08:50.0570 1520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
10:08:50.0601 1520 WdiSystemHost - ok
10:08:50.0617 1520 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:08:50.0664 1520 WebClient - ok
10:08:50.0664 1520 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
10:08:50.0726 1520 Wecsvc - ok
10:08:50.0757 1520 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
10:08:50.0835 1520 wercplsupport - ok
10:08:50.0835 1520 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
10:08:50.0882 1520 WerSvc - ok
10:08:50.0898 1520 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\WINDOWS\system32\DRIVERS\wfplwf.sys
10:08:50.0945 1520 WfpLwf - ok
10:08:50.0976 1520 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
10:08:50.0991 1520 WIMMount - ok
10:08:50.0991 1520 WinDefend - ok
10:08:51.0007 1520 WinHttpAutoProxySvc - ok
10:08:51.0054 1520 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:08:51.0101 1520 Winmgmt - ok
10:08:51.0132 1520 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
10:08:51.0210 1520 WinRM - ok
10:08:51.0257 1520 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:08:51.0319 1520 WinUsb - ok
10:08:51.0335 1520 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\WINDOWS\System32\wlansvc.dll
10:08:51.0428 1520 Wlansvc - ok
10:08:51.0444 1520 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:08:51.0459 1520 WmiAcpi - ok
10:08:51.0491 1520 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:08:51.0522 1520 wmiApSrv - ok
10:08:51.0537 1520 WMPNetworkSvc - ok
10:08:51.0584 1520 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
10:08:51.0631 1520 WPCSvc - ok
10:08:51.0647 1520 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
10:08:51.0678 1520 WPDBusEnum - ok
10:08:51.0678 1520 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:08:51.0709 1520 ws2ifsl - ok
10:08:51.0725 1520 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:08:51.0756 1520 wscsvc - ok
10:08:51.0756 1520 WSearch - ok
10:08:51.0818 1520 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
10:08:51.0974 1520 wuauserv - ok
10:08:52.0005 1520 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
10:08:52.0083 1520 WudfPf - ok
10:08:52.0115 1520 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:08:52.0146 1520 WUDFRd - ok
10:08:52.0161 1520 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
10:08:52.0193 1520 wudfsvc - ok
10:08:52.0224 1520 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
10:08:52.0255 1520 WwanSvc - ok
10:08:52.0271 1520 ================ Scan global ===============================
10:08:52.0302 1520 [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\system32\basesrv.dll
10:08:52.0333 1520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
10:08:52.0349 1520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
10:08:52.0380 1520 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\system32\sxssrv.dll
10:08:52.0427 1520 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\system32\services.exe
10:08:52.0442 1520 [Global] - ok
10:08:52.0442 1520 ================ Scan MBR ==================================
10:08:52.0458 1520 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:08:52.0785 1520 \Device\Harddisk0\DR0 - ok
10:08:52.0785 1520 ================ Scan VBR ==================================
10:08:52.0785 1520 [ C5A88EBD37D41D54E6EDCB11A151D42B ] \Device\Harddisk0\DR0\Partition1
10:08:52.0785 1520 \Device\Harddisk0\DR0\Partition1 - ok
10:08:52.0817 1520 [ 1CA80E7814819108FBA82B465219D21F ] \Device\Harddisk0\DR0\Partition2
10:08:52.0817 1520 \Device\Harddisk0\DR0\Partition2 - ok
10:08:52.0817 1520 ============================================================
10:08:52.0817 1520 Scan finished
10:08:52.0817 1520 ============================================================
10:08:52.0848 1260 Detected object count: 8
10:08:52.0848 1260 Actual detected object count: 8
10:09:29.0010 1260 BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0010 1260 BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0025 1260 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0025 1260 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0025 1260 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0025 1260 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0025 1260 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0041 1260 tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0041 1260 tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:09:29.0041 1260 VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0041 1260 VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
21.04.2013, 22:18
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Probleme mit Yahoo Search Eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.04.2013, 13:16
| #15 |
| | Probleme mit Yahoo Search OTL: Code:
ATTFilter OTL logfile created on: 22.04.2013 14:05:07 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spargo\Desktop 64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,88 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,03% Memory free 7,77 Gb Paging File | 5,86 Gb Available in Paging File | 75,41% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 297,89 Gb Total Space | 157,18 Gb Free Space | 52,76% Space Free | Partition Type: NTFS Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - File not found PRC - C:\Users\Spargo\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmop.exe (Bytemobile, Inc.) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe (Bytemobile, Inc.) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\3b21f0b55f7c0dc1fe2295613c3cb921\Interop.FNCClient11Lib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\692afb6aa3ecd0c71c9cea09c2eae2ed\Vodafone.UpdateManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\647443dc0f81de96a84d4d4db789cc42\Vodafone.View.SecondaryWindows.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\153b2dd90af2ed145208944103101d65\Vodafone.Model.Connection.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\322749c2fbd26266ef8378513cf439bc\Vodafone.Core.Remoting.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\f52d12a80cd22baf114cbe6c178ea653\Interop.INSTALLERCONTROLLib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\0ff7b572ccc932b41cd2d1eb67045d6c\Vodafone.Base.Internals.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\5c2c61c4d70a6706e0f30164cddd614f\Vodafone.DeviceAccess.Internals.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\718d20210ed30f44294ecde6cfb04d0c\Vodafone.DeviceAccess.Factory.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1f209a64bf52d5c7d663efb1475d31a9\Vodafone.DeviceAccess.Interfaces.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\66d2d8ce84bf89f049a02c499cc6b0f6\Vodafone.Vpn.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\f5e838d40617381b3ff924b9560e0227\Vodafone.LanWlanManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\db3ad96a4eabdaf8c6d3621dfbef2379\Interop.VpnApiLib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\6d09b9bc2989a46f86e424de338fa4f7\Vodafone.Base.Factory.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\d22f87b0c2a72cb67b2171f9ae12c46c\Interop.FCCOMINTDLLLib.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\b470c0145f1efb6ad5c8b1e7bd7353bc\Vodafone.BusinessLogic.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\d9dc106e80c04099dd52cfb025488934\Vodafone.Core.CoreInstanceProvider.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\9b9e089271e12f12629c6dd4c28a17ab\Vodafone.Contracts.Adapter.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\81874d295af0a5acdf4439d1e993735a\Vodafone.ReportingManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\28e927aefa407437945e6d6148a5963b\Vodafone.Core.Interfaces.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\be99bfb6b672913329019aed5af2b438\Vodafone.OutlookConnector.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Spring.Core\4a69d3bfa1111bcd9328e15165ee78ad\Spring.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\9ed375fd93ec3ff0a11c3a03afb084ac\Vodafone.SmsContactManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Common.Logging\0c5008375abad2d7074f91953acd7158\Common.Logging.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\d65e3892ff3bfd90b6b37f7ef0c8761c\Interop.Shell32.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\2e2f51624793d37af79fec4e31e9c526\Vodafone.SmsProfileManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\bac4366647500291fa77f70a8698625f\Vodafone.SettingsManager.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\4fafee69e5ba2a98d6d46d2a52568595\Vodafone.InstanceProvider.Impl.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\d1fd414ec0cc1054205b2288efca8a59\Vodafone.View.Shared.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\dd58c977bd687a25a3fca70f42823d64\Vodafone.DataAccessor.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\301e862ff848c3bdb219d92a3f8bf0ab\Vodafone.View.ManagedToolTip.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\cbb3dd676decfa4ea4c8ca2598f0ae95\Vodafone.CommonDialogs.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\f4ca72c3d9638d73b47c35ca730b0381\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\75298ac9b1442d682eb275e0af55c54a\Infragistics2.Win.Misc.v9.2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\b100ea9c0606c9e1f265c1f610c3ca88\Infragistics2.Win.v9.2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\1bd47dc0e94ca0b2e7834b697cef6d59\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\1ebe24369c92a181b263b1426fce18f2\Infragistics2.Shared.v9.2.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\ea8f7363640229e960a5cc7d0af3cc74\Vodafone.Core.Contracts.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\637a9000e10f24056bad88a99b373ea3\Vodafone.Contracts.Presenter.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\cd1e0f2db302f54b64c5875162d30562\MobileBroadbandResources.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\6fbbdfb3476c03830778328858225e90\Vodafone.Contracts.Model.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\c02c2b70f0aa6a3ceaa2e5557f3d1a92\Vodafone.Contracts.View.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\d5b04b0f2d0202887ab8b07bb37aa876\Vodafone.Contracts.Common.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\c41f6a7ab89af0ab36028b3e610e98b9\Vodafone.DeviceAccess.Contracts.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\ae16d1c2a67ad16252492f63f965d81a\Vodafone.ApplicationHost.Impl.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Mondrian\74ec52478cf6336c04c2b395cc4caa8e\Vodafone.Mondrian.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\a86466fc2e5b4cf65a16796aa384788c\Vodafone.Base.Win32.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\21424d9809eade410fbb8d4e724e47ef\Vodafone.Common.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\ab447bac91a20964705c797ddeb4fb6b\Vodafone.Base.Contracts.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\fea5d71bb858ce110259395035feec8c\Vodafone.LogEngine.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\f0410779d3c0333eebdebbbd10de4392\Vodafone.MobileBroadband.CallbackHandler.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\289aa77ce94eec188a3b17ddc16caf1e\Vodafone.Platform.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\fc5a7f356272e75ec53c6a707911d6b9\Vodafone.Data.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadband\7afe76097b2a183db950a44b4e710d5c\MobileBroadband.ni.exe () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\rdiff.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll () MOD - C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () ========== Services (SafeList) ========== SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.) SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation) SRV - (SwiCardDetectSvc) -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe (Sierra Wireless, Inc.) SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation) SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (CcmExec) -- C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation) SRV - (smstsmgr) -- C:\Windows\SysWOW64\CCM\TSManager.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) ========== Driver Services (SafeList) ========== DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.) DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (GTUQBUS) -- C:\Windows\SysNative\drivers\gtuqbus.sys (Option N.V.) DRV:64bit: - (GTPTSER) -- C:\Windows\SysNative\drivers\gtptser.sys (Option N.V.) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\drivers\cvusbdrv.sys (Broadcom Corporation) DRV:64bit: - (tcm) -- C:\Windows\SysNative\drivers\tcm.sys () DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (ecnssndisfltr) -- C:\Windows\SysNative\drivers\wwussf64.sys (Ericsson AB) DRV:64bit: - (ecnssndis) -- C:\Windows\SysNative\drivers\wwuss64.sys (Ericsson AB) DRV:64bit: - (Mbm3DevMt) -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys (MCCI Corporation) DRV:64bit: - (Mbm3CBus) -- C:\Windows\SysNative\drivers\Mbm3CBus.sys (MCCI Corporation) DRV:64bit: - (nwdelserial) -- C:\Windows\SysNative\drivers\nwdelserial.sys (Novatel Wireless Inc.) DRV:64bit: - (d554gps) -- C:\Windows\SysNative\drivers\d554gps64.sys (Ericsson AB) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (nwdelgobi3kfilter) -- C:\Windows\SysNative\drivers\nwdelgobi3kfilter.sys (Novatel Wireless Inc) DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro ) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation) DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation) DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro ) DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro ) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics) DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics) DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation) DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (NEOFLTR_700_16899) -- C:\Windows\SysNative\drivers\NEOFLTR_700_16899.SYS (Juniper Networks) DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.) DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (prepdrvr) -- C:\Windows\SysWOW64\CCM\PrepDrv.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKU\.DEFAULT\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 36 34 B6 3F 08 CE 01 [binary data] IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes,DefaultScope = {E82A0F06-3219-42A2-8B1B-C1E83D6DBAED} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0470BEF3-D195-401A-969D-99698EE0C86D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename,S: S", "" FF - prefs.js..browser.search.defaultthis.engineName: "" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Google" FF - prefs.js..browser.search.order.1,S: S", "" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.selectedEngine,S: S", "" FF - prefs.js..browser.search.update: false FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7BB0D70E72-2FC1-4b9f-A3D4-5921C854D906%7D:1.2 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.3.2 FF - prefs.js..extensions.enabledAddons: dnshelp%40dnshelp.com:1.0.0 FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14 FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.3.2 FF - prefs.js..extensions.enabledItems: dnshelp@dnshelp.com:1.0.0 FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..keyword.enabled: false FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2013.02.12 17:38:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dnshelp@dnshelp.com: C:\Users\Spargo\AppData\Roaming\Helper [2013.02.17 17:47:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 15:23:23 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.24 21:13:13 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\ FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M] [2013.03.20 00:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Extensions [2013.04.17 17:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions [2013.03.20 00:20:37 | 000,000,000 | ---D | M] ("Biet-O-Matic Firefox Erweiterung") -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906} [2013.02.23 09:16:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.04.06 20:41:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\ich@maltegoetz.de [2013.04.15 20:31:55 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013.03.25 17:48:34 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.17 09:42:44 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013.02.17 17:47:08 | 000,002,080 | ---- | M] () -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\searchplugins\162914d9-19a2-4f6d-89d4-1c462fa1c5a7.xml [2013.03.20 00:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.12 17:38:42 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES (X86)\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON [2013.02.17 17:47:08 | 000,000,000 | ---D | M] (Helper) -- C:\USERS\Spargo\APPDATA\ROAMING\HELPER [2013.04.15 15:23:23 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.15 15:23:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.15 15:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.15 15:23:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.15 15:23:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.15 15:23:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.15 15:23:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Google Update (Enabled) = C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\SysWOW64\npDeployJava1.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll O1 HOSTS File: ([2013.03.21 22:13:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313..\Run: [iDevice Manager Launcher] "C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe" /run File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = c1-group.dom O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{089B01F7-BD28-4E94-B1B2-F71A221D104B}: NameServer = 139.7.30.125 139.7.30.126 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4041F258-562D-4870-82A8-A97F9126C551}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B8DB33-E4F3-4212-BC9F-015072DC6FB8}: DhcpNameServer = 139.7.30.126 139.7.30.125 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD2F28D-BCFE-4A7D-8384-538E4AB24A3B}: DhcpNameServer = 192.168.108.10 192.168.110.5 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.20 21:05:24 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Spargo\Desktop\tdsskiller.exe [2013.04.20 20:46:08 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Spargo\Desktop\aswMBR.exe [2013.04.20 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Desktop\mbar [2013.04.20 12:54:53 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.20 12:54:37 | 000,552,158 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe [2013.04.18 18:44:24 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.17 13:53:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe [2013.04.17 11:02:13 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Malwarebytes [2013.04.17 00:15:52 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\gnupg [2013.04.16 07:47:40 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Vodafone Mobile Broadband [2013.04.15 23:00:32 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.04.15 23:00:31 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.04.15 23:00:31 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.04.15 23:00:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.04.15 23:00:26 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.04.15 23:00:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.04.15 23:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.04.13 11:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.04.12 20:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPlayer for Windows [2013.04.12 20:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPlayer for Windows [2013.04.12 20:16:07 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Documents\GomPlayer [2013.04.12 20:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [2013.04.12 20:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar [2013.04.12 20:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.04.12 20:11:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\GRETECH [2013.04.12 20:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH [2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaJoin [2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaJoin [2013.04.07 10:10:01 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Application Data [2013.04.05 22:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.03.29 18:46:04 | 000,020,488 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\SysNative\roboot64.exe [2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Google [2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrrOwwsie2save [2013.03.29 18:38:56 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\WindSolutions [2013.03.29 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions [2013.03.29 16:07:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Skype [2013.03.29 16:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.29 16:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.03.29 16:07:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2013.03.29 16:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2013.03.29 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\FreePDF_XP [2013.03.29 15:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF [2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP [2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF [2013.03.29 15:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript [2013.03.29 15:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\gs [2013.03.27 15:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SAP [2013.03.24 21:02:37 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.03.24 21:02:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.03.24 20:56:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT [2013.03.24 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Notepad++ [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.22 13:59:14 | 000,000,392 | ---- | M] () -- C:\WINDOWS\SMSCFG.INI [2013.04.22 13:58:36 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.22 13:58:15 | 3127,652,352 | -HS- | M] () -- C:\hiberfil.sys [2013.04.22 13:53:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job [2013.04.22 07:34:26 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.22 07:34:26 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.20 21:06:52 | 463,049,403 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013.04.20 21:05:41 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Spargo\Desktop\tdsskiller.exe [2013.04.20 21:00:56 | 000,000,512 | ---- | M] () -- C:\Users\Spargo\Desktop\MBR.dat [2013.04.20 20:47:31 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Spargo\Desktop\aswMBR.exe [2013.04.20 20:30:26 | 012,917,756 | ---- | M] () -- C:\Users\Spargo\Desktop\mbar-1.05.0.1001.zip [2013.04.20 20:19:20 | 000,613,083 | ---- | M] () -- C:\Users\Spargo\Desktop\adwcleaner.exe [2013.04.20 18:53:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job [2013.04.20 12:54:45 | 000,552,158 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe [2013.04.17 13:53:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe [2013.04.15 23:00:19 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll [2013.04.15 23:00:18 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe [2013.04.15 23:00:18 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe [2013.04.15 23:00:17 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll [2013.04.15 23:00:17 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll [2013.04.15 23:00:17 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe [2013.04.11 07:01:14 | 001,624,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.04.11 07:01:14 | 000,700,978 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.04.11 07:01:14 | 000,655,970 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.04.11 07:01:14 | 000,149,878 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.04.11 07:01:14 | 000,122,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.04.07 10:10:22 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MediaJoin.lnk [2013.03.29 17:26:28 | 000,009,644 | ---- | M] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel [2013.03.29 15:37:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\SysWow64\~.inf [2013.03.27 15:25:01 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk [2013.03.25 19:19:55 | 000,002,209 | ---- | M] () -- C:\Users\Spargo\Desktop\RKA² C1 Group.lnk [2013.03.24 21:02:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll [2013.03.24 21:02:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll [2013.03.24 21:02:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe [2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe [2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe [2013.03.24 21:02:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll [1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ] [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.20 21:00:56 | 000,000,512 | ---- | C] () -- C:\Users\Spargo\Desktop\MBR.dat [2013.04.20 20:29:01 | 012,917,756 | ---- | C] () -- C:\Users\Spargo\Desktop\mbar-1.05.0.1001.zip [2013.04.20 20:19:08 | 000,613,083 | ---- | C] () -- C:\Users\Spargo\Desktop\adwcleaner.exe [2013.04.18 18:43:24 | 000,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job [2013.04.18 18:43:23 | 000,001,072 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job [2013.04.14 15:28:56 | 463,049,403 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2013.04.07 10:10:22 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MediaJoin.lnk [2013.03.29 17:26:28 | 000,009,644 | ---- | C] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel [2013.03.29 15:45:51 | 000,087,040 | ---- | C] () -- C:\WINDOWS\SysNative\redmonnt.dll [2013.03.29 15:45:51 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysNative\unredmon.exe [2013.03.29 15:33:27 | 000,000,214 | ---- | C] () -- C:\WINDOWS\SysWow64\~.inf [2013.03.27 15:25:01 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWeaver Business Client 4.0.lnk [2013.03.27 15:25:01 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk [2013.03.24 21:13:14 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.03.11 23:10:30 | 000,239,021 | ---- | C] () -- C:\WINDOWS\hpwins26.dat [2013.02.14 17:23:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib [2013.02.12 01:01:37 | 000,024,645 | ---- | C] () -- C:\WINDOWS\saplogon.ini [2013.02.11 12:43:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2013.02.11 11:37:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\h5menu32.dll [2013.02.11 11:37:46 | 000,095,744 | ---- | C] () -- C:\WINDOWS\SysWow64\h5rtf32.dll [2013.02.11 11:37:46 | 000,051,200 | ---- | C] () -- C:\WINDOWS\SysWow64\h5tool32.dll [2013.02.11 11:37:45 | 001,064,960 | ---- | C] () -- C:\WINDOWS\SysWow64\h5krnl32.dll [2013.02.11 11:37:45 | 000,188,928 | ---- | C] () -- C:\WINDOWS\SysWow64\h5icon32.dll [2013.02.11 11:25:21 | 000,029,824 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2013.02.11 11:12:32 | 000,023,116 | ---- | C] () -- C:\WINDOWS\SysWow64\CcmFramework.ini [2012.09.03 18:52:19 | 000,963,116 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng600.bin [2012.09.03 18:51:55 | 000,218,304 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg600m.bin [2012.09.03 18:51:14 | 000,056,832 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012.09.03 18:50:14 | 000,145,804 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng600.bin [2012.09.03 18:49:22 | 013,906,944 | ---- | C] () -- C:\WINDOWS\SysWow64\ig4icd32.dll [2012.04.20 18:43:54 | 000,286,680 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 22.04.2013 14:05:07 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,88 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,03% Memory free
7,77 Gb Paging File | 5,86 Gb Available in Paging File | 75,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 157,18 Gb Free Space | 52,76% Space Free | Partition Type: NTFS
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20408570-75E1-47ED-B7EF-E6222D44698B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02683DBA-B965-400D-88F5-A822D3ED04F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{0594BED9-718F-4A4F-9F75-2C2F32E408F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{05ED3405-0DBD-448B-A569-0D102BF2B961}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{091AEB78-1FA7-4008-8417-88D88BFE2BE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{165A3863-FE6C-4D95-A028-E93BE3A26218}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D14EEEE-7151-4FB0-8869-E78D5FEE5079}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{2069E3EB-9BF6-4B95-80CB-DC4320C754D8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{3B6833AE-870C-4546-8A8A-F0F21CA469C3}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{45D07E25-1C1D-4915-83B7-7F2E3D2F1760}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{4BA0F375-F61C-4D7A-9F39-4B6C8CF87747}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5126E153-C927-4B8C-A100-4607C7E6228E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{58B68113-70D2-4024-8E9B-EC82BAF54756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{63C877C9-A1D6-46B3-AD9A-C414C588C286}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{63CB5D04-632A-4CA3-8982-154E8B717B17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{66163320-4486-4DCB-8324-8E4CA9BBA802}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{66F50025-BF85-43B3-96FC-1375E5A0B8DE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{6F2A416E-B896-45F4-8AAC-538BE12B9DCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{7FAE411F-85A3-46C4-895B-0F4DF82E14FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{80BFE729-0616-4DF1-A6CA-9C30598C38B3}" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"{839A87F1-496B-41E7-9A5E-39661032C538}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{884765F8-3DCE-456F-A4C4-D8D92AE4D75D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{943CD4EE-5B0C-4221-938E-943233DE2D6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{9613F50A-D928-476A-9985-36C663062F27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{979B92B1-500B-409E-B62A-F6A73A5E322F}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe |
"{99ECF810-8F99-4349-B3E6-50457C589ADB}" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"{9C5A2205-301F-4ACE-A05B-2BC1EAA8C936}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{ADF99605-800F-41E7-8D1C-288E5D36EC77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{B6B36481-5365-4807-B086-87CAE86F5A6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C0A67A3C-94CD-45A8-9445-7FD7C397570F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{C2ADB7B6-CD6A-43AD-B6B0-CDD3DDA8655F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C78F320F-4B35-4139-AFF9-EBDFB83C3231}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CC8D03B4-945F-4F64-B65D-1C72F69C8186}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D1EDB923-4EBC-4426-BA3E-83BBEA81ED84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{D7FE8339-FD6A-47FC-AC0A-34D4981E67DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E45FB759-4B85-4B2F-BB2F-B7DD4BFF5070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"TCP Query User{13984FA3-4E1C-4C01-AFE6-36380FE58811}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{4140FB21-5CD0-450B-9E90-DB0A49B09E7A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{B6E8B19A-D286-4ED7-A0B3-14EB8126F3C6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FBA52E8E-4DF6-4821-8417-072390ACE976}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{189B5BDD-AC05-49AC-82BF-687AEFD80344}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{22B82929-56F3-468A-802D-788E33378D3E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{628959E7-0503-4035-B77B-75B724D434C8}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{BEF50D4F-3FF5-43F4-8502-EB33ECE00E71}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{0E0818E4-C87B-4211-9791-E958BD34B96C}" = Microsoft Forefront Endpoint Protection 2010 Server Management
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{421976B6-DEC6-4CA5-941F-F0663B3A2B74}" = Adobe Flash Player 11 ActiveX (x64)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{A5ECFFBA-B6FD-45A5-879D-0B0DE7FF8F4B}" = O&O SafeErase Professional
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"GPL Ghostscript 9.04" = GPL Ghostscript
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Forefront Endpoint Protection
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}" = MediaJoin
"{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}" = Nero BurningROM 12
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E9CB04E7-E221-45BE-90BD-7444B8F65F01}" =
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{97D341C8-B0D1-4E4A-A49A-C30B52F168E9}" = MPlayer für Windows
"{98AA657D-9790-4454-9DB2-E8ED0EF8C571}" = Configuration Manager Client
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"DiskAid_is1" = DiskAid 5.45
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Image Viewer" = FastStone Image Viewer 4.7
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"FreePDF_XP" = FreePDF (Remove only)
"GOM Player" = GOM Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"MediaJoin" = MediaJoin
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SAP_NWBC40" = SAP Netweaver Business Client 4.0
"SAPGUI710" = SAP GUI for Windows 7.20
"Undelete 360_is1" = Undelete 360
"VLC media player" = VLC media player 2.0.5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.04.2013 17:43:10 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
Zeitstempel: 0x51650aee Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
Zeitstempel: 0x51650a09 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000b10e8 ID des fehlerhaften
Prozesses: 0x1370 Startzeit der fehlerhaften Anwendung: 0x01ce3e0fc5d87d68 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll Berichtskennung:
4b4f92ea-aa03-11e2-9d3e-d0df9a41bea3
Error - 20.04.2013 17:44:43 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description =
Error - 21.04.2013 03:31:59 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description =
Error - 21.04.2013 13:55:58 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description =
Error - 21.04.2013 18:19:34 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 21.04.2013 18:20:39 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition:
SMC,processorArchitecture="x86",type="win32",version="12.0.0.0". Verwenden Sie das
Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 21.04.2013 18:30:38 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 21.04.2013 18:30:54 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Fehler in Manifest-
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST"
in Zeile 3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
angeforderten Komponente überein. Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition:
SMC,processorArchitecture="x86",type="win32",version="12.0.0.0". Verwenden Sie das
Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 22.04.2013 01:06:55 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description =
Error - 22.04.2013 07:58:55 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 22.04.2013 01:06:47 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 22.04.2013 01:07:05 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 22.04.2013 01:07:28 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10016
Description =
Error - 22.04.2013 01:52:51 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 22.04.2013 06:20:48 | Computer Name = CIGHHNBK166.c1-group.dom | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem Domänencontroller
in der Domäne C1-GROUP aufgrund der folgenden Ursache nicht einrichten: %%1311 Dies
kann zu Authentifizierungsproblemen führen. Stellen Sie sicher, dass der Computer
mit dem Netzwerk verbunden ist. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht. ZUSÄTZLICHE INFORMATIONEN Wenn dieser Computer ein
Domänencontroller der bestimmten Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator
in der bestimmten Domäne eingerichtet. Andernfalls richtet dieser Computer eine
sichere Sitzung zu einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error - 22.04.2013 07:58:38 | Computer Name = CIGHHNBK166.c1-group.dom | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem Domänencontroller
in der Domäne C1-GROUP aufgrund der folgenden Ursache nicht einrichten: %%1311 Dies
kann zu Authentifizierungsproblemen führen. Stellen Sie sicher, dass der Computer
mit dem Netzwerk verbunden ist. Wenden Sie sich an den Domänenadministrator, wenn
das Problem weiterhin besteht. ZUSÄTZLICHE INFORMATIONEN Wenn dieser Computer ein
Domänencontroller der bestimmten Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator
in der bestimmten Domäne eingerichtet. Andernfalls richtet dieser Computer eine
sichere Sitzung zu einem beliebigen Domänencontroller in der bestimmten Domäne ein.
Error - 22.04.2013 07:58:43 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 22.04.2013 07:58:44 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
Error - 22.04.2013 07:59:01 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 22.04.2013 07:59:22 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
| Themen zu Probleme mit Yahoo Search |
| adresszeile, deaktivierung, firefox, immer wieder, irgendetwas, klasse, kleines, korrekte, könntet, logfiles, probleme, search, search nu, suche, surfe, surfen, tagen, yahoo, yahoo search |
Linear-Darstellung
