Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Probleme mit Yahoo Search

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.04.2013, 13:48   #1
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Hallo,

so wie es aussieht habe ich schon wieder ein kleines Problem. Seit ein paar Tagen lande ich beim surfen immer wieder in der yahoo search obwohl ich in der Adresszeile die korrekte URL eingegeben habe, das passiert nicht immer, aber häufig. Normal surfe ich mit Firefox, dort ist yahoo search nun auch mein Standardsuchdienst, egal was ich bei keyword.URL hinterlege.

Selbst nach Deaktivierung der Keyword Suche im Firefox lande ich bei yahoo search wenn ich irgendetwas in die Adresszeile eintrage.

Wäre klasse wenn ihr mir helfen könntet diesem Mist wieder loszuwerden.

Anbei noch die logfiles als Zip



Spargo

Alt 17.04.2013, 15:12   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Hallo,

Zitat:
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Wow eine Enterprise-Edition



Zitat:
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = c***.dom
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4041F258-562D-4870-82A8-A97F9126C551}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B8DB33-E4F3-4212-BC9F-015072DC6FB8}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD2F28D-BCFE-4A7D-8384-538E4AB24A3B}: DhcpNameServer = 192.168.108.10 192.168.110.5

Firmenrechner werden hier eigentlich nicht bereinigt

Siehe => http://www.trojaner-board.de/108422-...-anfragen.html

Zitat:
3. Grundsätzlich bereinigen wir keine gewerblich genutzten Rechner. Dafür ist die IT Abteilung eurer Firma zuständig.

Bei Kleinunternehmen, welche keinen IT Support haben, machen wir da eine Ausnahme und helfen gerne ( kleine Spende hilft auch uns ).
Voraussetzung: Ihr teilt uns dies in eurer ersten Antwort mit.

Bedenkt jedoch, dass Logfiles viele heikle Informationen enthalten können ( Kundendaten, Bankdaten, etc ) sowie das Malware die Möglichkeit besitzt, diese auszuspähen und zu missbrauchen. Hier legen wir euch ein Formatieren und Neuaufsetzen nahe.
__________________

__________________

Alt 17.04.2013, 15:30   #3
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Das war ein Firmenrechner, inzwischen ausrangiert aber ich darf ihn behalten zur privaten Nutzung. Ich kann mit dem Laptop machen was ich will, erhalte aber keinerlei Support mehr. Ich kann nicht einmal den Virenscanner deaktivieren da ich nicht die notwendigen Adminrechte habe.

Wäre nett, wenn du mir helfen könntest, falls es nicht möglich ist muss ich das natürlich akzeptieren.
__________________

Alt 17.04.2013, 22:41   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Zitat:
da ich nicht die notwendigen Adminrechte habe
Ist ja auch folgerichtig, denn das Teil stand in einer Windows-Server-Domäne mit Gruppenrichtlinien.
Wenn du das Teil einfach rausreißt, ohne die nur den Admins bekannten und gesetzten Gruppenrichtlinien wieder rückgängig zu machen, hast du sehr schlechte Karten. Sehr viele solche Gruppenrichtlinien verhindern trotz lokaler Adminrechte das notwendige Deaktivieren der Virenscanner oder anderer Settings, die für eine Analyse hier unbedingt ein Muss sind.

Verrat mir doch mal bitte warum das ausrangierte Gerät nicht sauber aus der Domäne genommen bzw. warum es dir nicht neu aufgesetzt überreicht wurde.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.04.2013, 23:09   #5
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Das läuft bei uns recht hemdsärmlig. Der Rechner ist bei mir schon mehrfach in der Vergangenheit abgeschmiert (Festplatte war defekt,motherboard wurde auch schon getauscht). Als er dann auch aus der Dell Wartung rausgefallen ist und ich wieder ein Problem hatte wurde entschieden, dass ich wohl besser einen neuen bekomme. Den alten konnte ich dann so wie er ist behalten oder abgeben. Den Vorgänger habe ich auch noch zu Hause, den nutzt jetzt meine Tochter zum Spielen.

Unser IT Support beschränkt sich ohnehin darauf, dass bei Bedarf ein Rechner platt gemacht wird und ein neues Image aufgespielt wird, Hardwareprobleme werden vom Dell Support bearbeitet.

Wie gesagt, für diesen Rechner erhalte ich keinen Support mehr. Hätte ich das geschilderte Problem mit meinem Firmenrechner würde ich auch nur Schulterzucken ernten man würde mir empfehlen den Rechner neu aufzusetzen und das möchte ich sowieso nicht.

Es ist also wirklich so, entweder ihr könnt mir hier helfen oder ich habe Pech gehabt. Ich wäre daher wirklich für jede Hilfe sehr dankbar.


Alt 17.04.2013, 23:18   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Allein weil das Ding in der Domäne hing und man so nicht mal ebenso alle Gruppenrichtlinieneinstellungen rückgängig machen kann, würde ich dir eine saubere Neuinstallation empfehlen

Muss es denn immer Windows ein? Wenn keine Windows-Lizenz über ist kann man auch wirklich mal über den Einsatz von Linux nachdenken.
__________________
--> Probleme mit Yahoo Search

Alt 17.04.2013, 23:28   #7
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Tja, dann bleibt mir wohl nichts anderes übrig als den Rechner tatsächlich neu aufzusetzen. Schöner Mist, wollte ich eigentlich vermeiden.

Mit Linux habe ich mich ehrlich gesagt noch nie wirklich beschäftigt, wäre vielleicht aber tatsächlich einmal eine Überlegung wert.

Auf jeden Fall Danke für deine Hilfe.

Alt 18.04.2013, 11:58   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Naja, wir können schon eine Analyse probieren, aber empfehlenswert ist das nicht.
Wenn es wirklich nur um irgendwelche mülligen Toolbars und Adware handelt kannst du das hier erstmal machen:

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.04.2013, 12:17   #9
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Prima, Danke!

So, hier mal die logfiles:

JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.6 (04.19.2013:1)
OS: Windows 7 Enterprise x64
Ran by Spargo on 20.04.2013 at 12:55:43,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\sprotector
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sp global
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sprotector



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\Spargo\AppData\Roaming\software4u"
Successfully deleted: [Folder] "C:\Users\Spargo\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\software4u"



~~~ FireFox

Successfully deleted the following from C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Emptied folder: C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\minidumps [143 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2013 at 13:02:06,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
OTL:
Code:
ATTFilter
OTL logfile created on: 20.04.2013 13:08:16 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,88 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 51,87% Memory free
7,77 Gb Paging File | 5,69 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 158,65 Gb Free Space | 53,26% Space Free | Partition Type: NTFS
 
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Spargo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (SwiCardDetectSvc) -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe (Sierra Wireless, Inc.)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (CcmExec) -- C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation)
SRV - (smstsmgr) -- C:\Windows\SysWOW64\CCM\TSManager.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (GTUQBUS) -- C:\Windows\SysNative\drivers\gtuqbus.sys (Option N.V.)
DRV:64bit: - (GTPTSER) -- C:\Windows\SysNative\drivers\gtptser.sys (Option N.V.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV:64bit: - (tcm) -- C:\Windows\SysNative\drivers\tcm.sys ()
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (ecnssndisfltr) -- C:\Windows\SysNative\drivers\wwussf64.sys (Ericsson AB)
DRV:64bit: - (ecnssndis) -- C:\Windows\SysNative\drivers\wwuss64.sys (Ericsson AB)
DRV:64bit: - (Mbm3DevMt) -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys (MCCI Corporation)
DRV:64bit: - (Mbm3CBus) -- C:\Windows\SysNative\drivers\Mbm3CBus.sys (MCCI Corporation)
DRV:64bit: - (nwdelserial) -- C:\Windows\SysNative\drivers\nwdelserial.sys (Novatel Wireless Inc.)
DRV:64bit: - (d554gps) -- C:\Windows\SysNative\drivers\d554gps64.sys (Ericsson AB)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (nwdelgobi3kfilter) -- C:\Windows\SysNative\drivers\nwdelgobi3kfilter.sys (Novatel Wireless Inc)
DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro )
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro )
DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro )
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (NEOFLTR_700_16899) -- C:\Windows\SysNative\drivers\NEOFLTR_700_16899.SYS (Juniper Networks)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (prepdrvr) -- C:\Windows\SysWOW64\CCM\PrepDrv.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 36 34 B6 3F 08 CE 01  [binary data]
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes,DefaultScope = {E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0470BEF3-D195-401A-969D-99698EE0C86D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7BB0D70E72-2FC1-4b9f-A3D4-5921C854D906%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.3.2
FF - prefs.js..extensions.enabledAddons: dnshelp%40dnshelp.com:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.3.2
FF - prefs.js..extensions.enabledItems: dnshelp@dnshelp.com:1.0.0
FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..keyword.enabled: false
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2013.02.12 17:38:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dnshelp@dnshelp.com: C:\Users\Spargo\AppData\Roaming\Helper [2013.02.17 17:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 15:23:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.24 21:13:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M]
 
[2013.03.20 00:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Extensions
[2013.04.17 17:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions
[2013.03.20 00:20:37 | 000,000,000 | ---D | M] ("Biet-O-Matic Firefox Erweiterung") -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}
[2013.02.23 09:16:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.04.06 20:41:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\ich@maltegoetz.de
[2013.04.15 20:31:55 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013.03.25 17:48:34 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.17 09:42:44 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.02.17 17:47:08 | 000,002,080 | ---- | M] () -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\searchplugins\162914d9-19a2-4f6d-89d4-1c462fa1c5a7.xml
[2013.03.20 00:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.12 17:38:42 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES (X86)\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON
[2013.02.17 17:47:08 | 000,000,000 | ---D | M] (Helper) -- C:\USERS\Spargo\APPDATA\ROAMING\HELPER
[2013.04.15 15:23:23 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.15 15:23:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.15 15:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.15 15:23:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.15 15:23:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.15 15:23:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.15 15:23:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
 
O1 HOSTS File: ([2013.03.21 22:13:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313..\Run: [iDevice Manager Launcher] "C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe" /run File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = c1-group.dom
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4041F258-562D-4870-82A8-A97F9126C551}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B8DB33-E4F3-4212-BC9F-015072DC6FB8}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD2F28D-BCFE-4A7D-8384-538E4AB24A3B}: DhcpNameServer = 192.168.108.10 192.168.110.5
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.20 12:54:53 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.20 12:54:37 | 000,552,158 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe
[2013.04.18 18:44:24 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.17 13:53:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe
[2013.04.17 11:02:13 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Malwarebytes
[2013.04.17 11:00:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.17 11:00:45 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013.04.17 11:00:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.17 00:15:52 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\gnupg
[2013.04.16 07:47:40 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Vodafone Mobile Broadband
[2013.04.15 23:00:32 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll
[2013.04.15 23:00:31 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll
[2013.04.15 23:00:31 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013.04.15 23:00:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013.04.15 23:00:26 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013.04.15 23:00:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013.04.15 23:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.04.13 11:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.12 20:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPlayer for Windows
[2013.04.12 20:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPlayer for Windows
[2013.04.12 20:16:07 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Documents\GomPlayer
[2013.04.12 20:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013.04.12 20:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013.04.12 20:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.04.12 20:11:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\GRETECH
[2013.04.12 20:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaJoin
[2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaJoin
[2013.04.07 10:10:01 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Application Data
[2013.04.05 22:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.29 18:46:04 | 000,020,488 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\SysNative\roboot64.exe
[2013.03.29 18:45:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave
[2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Google
[2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrrOwwsie2save
[2013.03.29 18:38:56 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\WindSolutions
[2013.03.29 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2013.03.29 16:07:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Skype
[2013.03.29 16:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.03.29 16:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.29 16:07:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.03.29 16:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.03.29 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\FreePDF_XP
[2013.03.29 15:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
[2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP
[2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF
[2013.03.29 15:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2013.03.29 15:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2013.03.27 15:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SAP
[2013.03.24 21:02:37 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013.03.24 21:02:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013.03.24 20:56:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.03.24 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Notepad++
[2013.03.22 21:47:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.03.21 23:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.03.21 13:29:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.20 12:54:45 | 000,552,158 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe
[2013.04.20 12:53:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job
[2013.04.20 10:24:50 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.20 10:24:50 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.20 10:18:32 | 000,000,392 | ---- | M] () -- C:\WINDOWS\SMSCFG.INI
[2013.04.20 10:17:24 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.20 10:17:17 | 3127,652,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.19 18:53:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job
[2013.04.18 18:44:27 | 000,002,329 | ---- | M] () -- C:\Users\Spargo\Desktop\Google Chrome.lnk
[2013.04.17 13:53:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe
[2013.04.17 11:00:54 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.15 23:00:19 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013.04.15 23:00:18 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013.04.15 23:00:18 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013.04.15 23:00:17 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll
[2013.04.15 23:00:17 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll
[2013.04.15 23:00:17 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013.04.14 15:28:56 | 480,572,723 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013.04.11 07:01:14 | 001,624,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.04.11 07:01:14 | 000,700,978 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.04.11 07:01:14 | 000,655,970 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.04.11 07:01:14 | 000,149,878 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.04.11 07:01:14 | 000,122,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.04.07 10:10:22 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MediaJoin.lnk
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2013.03.29 17:26:28 | 000,009,644 | ---- | M] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel
[2013.03.29 15:37:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\SysWow64\~.inf
[2013.03.27 15:25:01 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk
[2013.03.25 19:19:55 | 000,002,209 | ---- | M] () -- C:\Users\Spargo\Desktop\RKA² C1 Group.lnk
[2013.03.24 21:02:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013.03.24 21:02:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2013.03.24 21:02:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013.03.24 21:02:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll
[2013.03.21 22:13:11 | 000,000,027 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.18 18:44:24 | 000,002,329 | ---- | C] () -- C:\Users\Spargo\Desktop\Google Chrome.lnk
[2013.04.18 18:43:24 | 000,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job
[2013.04.18 18:43:23 | 000,001,072 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job
[2013.04.17 11:00:54 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.14 15:28:56 | 480,572,723 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013.04.07 10:10:22 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MediaJoin.lnk
[2013.03.29 17:26:28 | 000,009,644 | ---- | C] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel
[2013.03.29 15:45:51 | 000,087,040 | ---- | C] () -- C:\WINDOWS\SysNative\redmonnt.dll
[2013.03.29 15:45:51 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysNative\unredmon.exe
[2013.03.29 15:33:27 | 000,000,214 | ---- | C] () -- C:\WINDOWS\SysWow64\~.inf
[2013.03.27 15:25:01 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWeaver Business Client 4.0.lnk
[2013.03.27 15:25:01 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk
[2013.03.24 21:13:14 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.11 23:10:30 | 000,239,021 | ---- | C] () -- C:\WINDOWS\hpwins26.dat
[2013.02.14 17:23:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.02.12 01:01:37 | 000,024,645 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2013.02.11 12:43:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.02.11 11:37:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\h5menu32.dll
[2013.02.11 11:37:46 | 000,095,744 | ---- | C] () -- C:\WINDOWS\SysWow64\h5rtf32.dll
[2013.02.11 11:37:46 | 000,051,200 | ---- | C] () -- C:\WINDOWS\SysWow64\h5tool32.dll
[2013.02.11 11:37:45 | 001,064,960 | ---- | C] () -- C:\WINDOWS\SysWow64\h5krnl32.dll
[2013.02.11 11:37:45 | 000,188,928 | ---- | C] () -- C:\WINDOWS\SysWow64\h5icon32.dll
[2013.02.11 11:25:21 | 000,029,824 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.02.11 11:12:32 | 000,023,116 | ---- | C] () -- C:\WINDOWS\SysWow64\CcmFramework.ini
[2012.09.03 18:52:19 | 000,963,116 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng600.bin
[2012.09.03 18:51:55 | 000,218,304 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg600m.bin
[2012.09.03 18:51:14 | 000,056,832 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012.09.03 18:50:14 | 000,145,804 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng600.bin
[2012.09.03 18:49:22 | 013,906,944 | ---- | C] () -- C:\WINDOWS\SysWow64\ig4icd32.dll
[2012.04.20 18:43:54 | 000,286,680 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Extras:
Code:
ATTFilter
OTL Extras logfile created on: 20.04.2013 13:08:16 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,88 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 51,87% Memory free
7,77 Gb Paging File | 5,69 Gb Available in Paging File | 73,27% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 158,65 Gb Free Space | 53,26% Space Free | Partition Type: NTFS
 
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20408570-75E1-47ED-B7EF-E6222D44698B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02683DBA-B965-400D-88F5-A822D3ED04F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{0594BED9-718F-4A4F-9F75-2C2F32E408F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{05ED3405-0DBD-448B-A569-0D102BF2B961}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{091AEB78-1FA7-4008-8417-88D88BFE2BE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{165A3863-FE6C-4D95-A028-E93BE3A26218}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1D14EEEE-7151-4FB0-8869-E78D5FEE5079}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{2069E3EB-9BF6-4B95-80CB-DC4320C754D8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{3B6833AE-870C-4546-8A8A-F0F21CA469C3}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{45D07E25-1C1D-4915-83B7-7F2E3D2F1760}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{4BA0F375-F61C-4D7A-9F39-4B6C8CF87747}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{5126E153-C927-4B8C-A100-4607C7E6228E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{58B68113-70D2-4024-8E9B-EC82BAF54756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{63C877C9-A1D6-46B3-AD9A-C414C588C286}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{63CB5D04-632A-4CA3-8982-154E8B717B17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{66163320-4486-4DCB-8324-8E4CA9BBA802}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{66F50025-BF85-43B3-96FC-1375E5A0B8DE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{6F2A416E-B896-45F4-8AAC-538BE12B9DCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{7FAE411F-85A3-46C4-895B-0F4DF82E14FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{80BFE729-0616-4DF1-A6CA-9C30598C38B3}" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"{839A87F1-496B-41E7-9A5E-39661032C538}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{884765F8-3DCE-456F-A4C4-D8D92AE4D75D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{943CD4EE-5B0C-4221-938E-943233DE2D6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{9613F50A-D928-476A-9985-36C663062F27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{979B92B1-500B-409E-B62A-F6A73A5E322F}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{99ECF810-8F99-4349-B3E6-50457C589ADB}" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"{9C5A2205-301F-4ACE-A05B-2BC1EAA8C936}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{ADF99605-800F-41E7-8D1C-288E5D36EC77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{B6B36481-5365-4807-B086-87CAE86F5A6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{C0A67A3C-94CD-45A8-9445-7FD7C397570F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{C2ADB7B6-CD6A-43AD-B6B0-CDD3DDA8655F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C78F320F-4B35-4139-AFF9-EBDFB83C3231}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CC8D03B4-945F-4F64-B65D-1C72F69C8186}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{D1EDB923-4EBC-4426-BA3E-83BBEA81ED84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{D7FE8339-FD6A-47FC-AC0A-34D4981E67DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{E45FB759-4B85-4B2F-BB2F-B7DD4BFF5070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"TCP Query User{13984FA3-4E1C-4C01-AFE6-36380FE58811}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{4140FB21-5CD0-450B-9E90-DB0A49B09E7A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{B6E8B19A-D286-4ED7-A0B3-14EB8126F3C6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{FBA52E8E-4DF6-4821-8417-072390ACE976}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{189B5BDD-AC05-49AC-82BF-687AEFD80344}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{22B82929-56F3-468A-802D-788E33378D3E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{628959E7-0503-4035-B77B-75B724D434C8}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{BEF50D4F-3FF5-43F4-8502-EB33ECE00E71}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{0E0818E4-C87B-4211-9791-E958BD34B96C}" = Microsoft Forefront Endpoint Protection 2010 Server Management
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{421976B6-DEC6-4CA5-941F-F0663B3A2B74}" = Adobe Flash Player 11 ActiveX (x64)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{A5ECFFBA-B6FD-45A5-879D-0B0DE7FF8F4B}" = O&O SafeErase Professional
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"GPL Ghostscript 9.04" = GPL Ghostscript
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Forefront Endpoint Protection
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}" = MediaJoin
"{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}" = Nero BurningROM 12
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E9CB04E7-E221-45BE-90BD-7444B8F65F01}" = 
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{97D341C8-B0D1-4E4A-A49A-C30B52F168E9}" = MPlayer für Windows
"{98AA657D-9790-4454-9DB2-E8ED0EF8C571}" = Configuration Manager Client
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"DiskAid_is1" = DiskAid 5.45
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Image Viewer" = FastStone Image Viewer 4.7
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"FreePDF_XP" = FreePDF (Remove only)
"GOM Player" = GOM Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MediaJoin" = MediaJoin
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SAP_NWBC40" = SAP Netweaver Business Client 4.0
"SAPGUI710" = SAP GUI for Windows 7.20
"Undelete 360_is1" = Undelete 360
"VLC media player" = VLC media player 2.0.5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 20.04.2013 07:04:00 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         

Alt 20.04.2013, 17:46   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten


MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.04.2013, 20:20   #11
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



So, ich bin dir auch noch den logfile von AdwCleaner schuldig.

AdwCleaner
Code:
ATTFilter
# AdwCleaner v2.200 - Datei am 20/04/2013 um 20:20:13 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzer : Spargo - CIGHHNBK166
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Spargo\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Spargo\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Spargo\AppData\Roaming\Mozilla\Firefox\Profiles\9qll3d9s.default\foxydeal.sqlite
Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\Spargo\AppData\Roaming\Mozilla\Firefox\Profiles\9qll3d9s.default\prefs.js

Gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Gelöscht : user_pref("aol_toolbar.default.search.check", false);
Gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\Spargo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [3757 octets] - [17/04/2013 13:35:01]
AdwCleaner[S1].txt - [325 octets] - [17/04/2013 13:36:09]
AdwCleaner[S2].txt - [3270 octets] - [20/04/2013 20:20:13]

########## EOF - C:\AdwCleaner[S2].txt - [3330 octets] ##########
         
Malwarebytes
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.03.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
OStahn :: CIGHHNBK166 [administrator]

20.04.2013 20:41:02
mbar-log-2013-04-20 (20-41-02).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30819
Time elapsed: 9 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         
aswMBR
Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-20 20:59:59
-----------------------------
20:59:59.894    OS Version: Windows x64 6.1.7601 Service Pack 1
20:59:59.894    Number of processors: 4 586 0x2A07
20:59:59.895    ComputerName: CIGHHNBK166  UserName: Spargo
21:00:00.985    Initialize success
21:00:10.857    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:00:10.863    Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 8
21:00:10.985    Disk 0 MBR read successfully
21:00:10.990    Disk 0 MBR scan
21:00:10.996    Disk 0 Windows 7 default MBR code
21:00:11.011    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          200 MB offset 2048
21:00:11.018    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       305043 MB offset 411648
21:00:11.040    Disk 0 scanning C:\WINDOWS\system32\drivers
21:00:16.638    Service scanning
21:00:25.017    Service MpNWMon C:\WINDOWS\system32\DRIVERS\MpNWMon.sys **LOCKED** 32
21:00:50.993    Modules scanning
21:00:51.008    Disk 0 trace - called modules:
21:00:51.008    
21:00:51.024    Scan finished successfully
21:00:56.765    Disk 0 MBR has been saved successfully to "C:\Users\Spargo\Desktop\MBR.dat"
21:00:56.765    The log file has been saved successfully to "C:\Users\Spargo\Desktop\aswMBR.txt"
         
TDSS-Killer:
Code:
ATTFilter
21:11:28.0832 0888  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:11:29.0128 0888  ============================================================
21:11:29.0128 0888  Current date / time: 2013/04/20 21:11:29.0128
21:11:29.0128 0888  SystemInfo:
21:11:29.0128 0888  
21:11:29.0128 0888  OS Version: 6.1.7601 ServicePack: 1.0
21:11:29.0128 0888  Product type: Workstation
21:11:29.0128 0888  ComputerName: CIGHHNBK166
21:11:29.0128 0888  UserName: Spargo
21:11:29.0128 0888  Windows directory: C:\WINDOWS
21:11:29.0128 0888  System windows directory: C:\WINDOWS
21:11:29.0128 0888  Running under WOW64
21:11:29.0128 0888  Processor architecture: Intel x64
21:11:29.0128 0888  Number of processors: 4
21:11:29.0128 0888  Page size: 0x1000
21:11:29.0128 0888  Boot type: Normal boot
21:11:29.0128 0888  ============================================================
21:11:30.0860 0888  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:30.0860 0888  ============================================================
21:11:30.0860 0888  \Device\Harddisk0\DR0:
21:11:30.0860 0888  MBR partitions:
21:11:30.0860 0888  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
21:11:30.0860 0888  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x253C9800
21:11:30.0860 0888  ============================================================
21:11:30.0891 0888  C: <-> \Device\Harddisk0\DR0\Partition2
21:11:30.0891 0888  ============================================================
21:11:30.0891 0888  Initialize success
21:11:30.0891 0888  ============================================================
21:11:34.0604 4912  ============================================================
21:11:34.0604 4912  Scan started
21:11:34.0604 4912  Mode: Manual; 
21:11:34.0604 4912  ============================================================
21:11:34.0806 4912  ================ Scan system memory ========================
21:11:34.0806 4912  System memory - ok
21:11:34.0806 4912  ================ Scan services =============================
21:11:35.0009 4912  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\WINDOWS\system32\DRIVERS\1394ohci.sys
21:11:35.0009 4912  1394ohci - ok
21:11:35.0040 4912  [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler         C:\WINDOWS\system32\DRIVERS\accelern.sys
21:11:35.0040 4912  Acceler - ok
21:11:35.0087 4912  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:11:35.0087 4912  ACPI - ok
21:11:35.0103 4912  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\WINDOWS\system32\drivers\acpipmi.sys
21:11:35.0103 4912  AcpiPmi - ok
21:11:35.0181 4912  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:11:35.0196 4912  AdobeARMservice - ok
21:11:35.0243 4912  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
21:11:35.0243 4912  adp94xx - ok
21:11:35.0306 4912  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
21:11:35.0321 4912  adpahci - ok
21:11:35.0384 4912  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
21:11:35.0384 4912  adpu320 - ok
21:11:35.0415 4912  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
21:11:35.0415 4912  AeLookupSvc - ok
21:11:35.0477 4912  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
21:11:35.0477 4912  AESTFilters - ok
21:11:35.0508 4912  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:11:35.0524 4912  AFD - ok
21:11:35.0555 4912  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
21:11:35.0555 4912  agp440 - ok
21:11:35.0602 4912  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\WINDOWS\System32\alg.exe
21:11:35.0602 4912  ALG - ok
21:11:35.0633 4912  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\WINDOWS\system32\drivers\aliide.sys
21:11:35.0633 4912  aliide - ok
21:11:35.0649 4912  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\WINDOWS\system32\drivers\amdide.sys
21:11:35.0649 4912  amdide - ok
21:11:35.0680 4912  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\WINDOWS\system32\drivers\amdk8.sys
21:11:35.0680 4912  AmdK8 - ok
21:11:35.0696 4912  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\WINDOWS\system32\drivers\amdppm.sys
21:11:35.0696 4912  AmdPPM - ok
21:11:35.0742 4912  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:11:35.0742 4912  amdsata - ok
21:11:35.0758 4912  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:11:35.0774 4912  amdsbs - ok
21:11:35.0789 4912  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:11:35.0789 4912  amdxata - ok
21:11:35.0836 4912  [ 313CE6F6F1AF6878F8AD46542FB07D17 ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
21:11:35.0836 4912  AnyDVD - ok
21:11:35.0867 4912  [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
21:11:35.0883 4912  ApfiltrService - ok
21:11:35.0914 4912  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:11:35.0930 4912  AppID - ok
21:11:35.0961 4912  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:11:35.0961 4912  AppIDSvc - ok
21:11:35.0961 4912  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:11:35.0976 4912  Appinfo - ok
21:11:36.0023 4912  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:11:36.0023 4912  Apple Mobile Device - ok
21:11:36.0070 4912  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
21:11:36.0070 4912  AppMgmt - ok
21:11:36.0117 4912  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\WINDOWS\system32\drivers\arc.sys
21:11:36.0117 4912  arc - ok
21:11:36.0132 4912  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:11:36.0132 4912  arcsas - ok
21:11:36.0242 4912  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:11:36.0257 4912  aspnet_state - ok
21:11:36.0273 4912  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:11:36.0273 4912  AsyncMac - ok
21:11:36.0304 4912  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:11:36.0320 4912  atapi - ok
21:11:36.0366 4912  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\WINDOWS\System32\Audiosrv.dll
21:11:36.0398 4912  AudioEndpointBuilder - ok
21:11:36.0413 4912  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\WINDOWS\System32\Audiosrv.dll
21:11:36.0429 4912  AudioSrv - ok
21:11:36.0460 4912  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:11:36.0460 4912  AxInstSV - ok
21:11:36.0522 4912  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:11:36.0538 4912  b06bdrv - ok
21:11:36.0554 4912  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\WINDOWS\system32\DRIVERS\b57nd60a.sys
21:11:36.0569 4912  b57nd60a - ok
21:11:36.0600 4912  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:11:36.0600 4912  BDESVC - ok
21:11:36.0616 4912  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:11:36.0616 4912  Beep - ok
21:11:36.0678 4912  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\WINDOWS\System32\bfe.dll
21:11:36.0694 4912  BFE - ok
21:11:36.0756 4912  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\WINDOWS\System32\qmgr.dll
21:11:36.0803 4912  BITS - ok
21:11:36.0819 4912  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\WINDOWS\system32\DRIVERS\blbdrive.sys
21:11:36.0834 4912  blbdrive - ok
21:11:36.0850 4912  [ E10EC5AE51B38C84894CEBF4B4308A14 ] BMLoad          C:\WINDOWS\system32\drivers\BMLoad.sys
21:11:36.0897 4912  BMLoad - ok
21:11:36.0944 4912  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:11:36.0959 4912  Bonjour Service - ok
21:11:37.0006 4912  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:11:37.0022 4912  bowser - ok
21:11:37.0022 4912  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\WINDOWS\system32\drivers\BrFiltLo.sys
21:11:37.0037 4912  BrFiltLo - ok
21:11:37.0053 4912  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\WINDOWS\system32\drivers\BrFiltUp.sys
21:11:37.0053 4912  BrFiltUp - ok
21:11:37.0068 4912  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\WINDOWS\system32\DRIVERS\bridge.sys
21:11:37.0068 4912  BridgeMP - ok
21:11:37.0100 4912  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\WINDOWS\System32\browser.dll
21:11:37.0115 4912  Browser - ok
21:11:37.0131 4912  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\WINDOWS\System32\Drivers\Brserid.sys
21:11:37.0131 4912  Brserid - ok
21:11:37.0146 4912  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\WINDOWS\System32\Drivers\BrSerWdm.sys
21:11:37.0146 4912  BrSerWdm - ok
21:11:37.0146 4912  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
21:11:37.0146 4912  BrUsbMdm - ok
21:11:37.0162 4912  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\WINDOWS\System32\Drivers\BrUsbSer.sys
21:11:37.0162 4912  BrUsbSer - ok
21:11:37.0193 4912  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\WINDOWS\system32\drivers\BthEnum.sys
21:11:37.0193 4912  BthEnum - ok
21:11:37.0209 4912  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\WINDOWS\system32\drivers\bthmodem.sys
21:11:37.0209 4912  BTHMODEM - ok
21:11:37.0240 4912  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
21:11:37.0240 4912  BthPan - ok
21:11:37.0287 4912  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
21:11:37.0302 4912  BTHPORT - ok
21:11:37.0365 4912  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:11:37.0365 4912  bthserv - ok
21:11:37.0396 4912  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
21:11:37.0396 4912  BTHUSB - ok
21:11:37.0412 4912  catchme - ok
21:11:37.0552 4912  [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec         C:\Windows\SysWOW64\CCM\CcmExec.exe
21:11:37.0583 4912  CcmExec - ok
21:11:37.0614 4912  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:11:37.0630 4912  cdfs - ok
21:11:37.0661 4912  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:11:37.0661 4912  cdrom - ok
21:11:37.0692 4912  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:11:37.0708 4912  CertPropSvc - ok
21:11:37.0724 4912  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\WINDOWS\system32\drivers\circlass.sys
21:11:37.0724 4912  circlass - ok
21:11:37.0739 4912  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\WINDOWS\system32\CLFS.sys
21:11:37.0755 4912  CLFS - ok
21:11:37.0817 4912  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:11:37.0864 4912  clr_optimization_v2.0.50727_32 - ok
21:11:37.0911 4912  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:11:37.0911 4912  clr_optimization_v2.0.50727_64 - ok
21:11:37.0973 4912  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:11:38.0004 4912  clr_optimization_v4.0.30319_32 - ok
21:11:38.0036 4912  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:11:38.0036 4912  clr_optimization_v4.0.30319_64 - ok
21:11:38.0067 4912  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
21:11:38.0067 4912  CmBatt - ok
21:11:38.0082 4912  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\WINDOWS\system32\drivers\cmdide.sys
21:11:38.0098 4912  cmdide - ok
21:11:38.0129 4912  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:11:38.0145 4912  CNG - ok
21:11:38.0160 4912  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\WINDOWS\system32\drivers\compbatt.sys
21:11:38.0160 4912  Compbatt - ok
21:11:38.0176 4912  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\WINDOWS\system32\DRIVERS\CompositeBus.sys
21:11:38.0176 4912  CompositeBus - ok
21:11:38.0192 4912  COMSysApp - ok
21:11:38.0223 4912  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\WINDOWS\system32\drivers\crcdisk.sys
21:11:38.0223 4912  crcdisk - ok
21:11:38.0254 4912  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:11:38.0254 4912  CryptSvc - ok
21:11:38.0285 4912  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
21:11:38.0301 4912  CSC - ok
21:11:38.0348 4912  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\WINDOWS\System32\cscsvc.dll
21:11:38.0363 4912  CscService - ok
21:11:38.0394 4912  [ 8D23B1F950CF285957FEAF8833DBD2C7 ] cvusbdrv        C:\WINDOWS\system32\Drivers\cvusbdrv.sys
21:11:38.0410 4912  cvusbdrv - ok
21:11:38.0441 4912  [ B58959ADC3ECD9C87C5959D0E3802F55 ] d554gps         C:\WINDOWS\system32\drivers\d554gps64.sys
21:11:38.0441 4912  d554gps - ok
21:11:38.0504 4912  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:11:38.0519 4912  DcomLaunch - ok
21:11:38.0566 4912  [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc    C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
21:11:38.0597 4912  dcpsysmgrsvc - ok
21:11:38.0628 4912  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:11:38.0644 4912  defragsvc - ok
21:11:38.0660 4912  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\WINDOWS\system32\Drivers\dfsc.sys
21:11:38.0660 4912  DfsC - ok
21:11:38.0691 4912  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:11:38.0691 4912  Dhcp - ok
21:11:38.0722 4912  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\WINDOWS\system32\drivers\discache.sys
21:11:38.0722 4912  discache - ok
21:11:38.0769 4912  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\WINDOWS\system32\drivers\disk.sys
21:11:38.0769 4912  Disk - ok
21:11:38.0784 4912  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\WINDOWS\system32\drivers\dmvsc.sys
21:11:38.0800 4912  dmvsc - ok
21:11:38.0831 4912  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:11:38.0831 4912  Dnscache - ok
21:11:38.0862 4912  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:11:38.0878 4912  dot3svc - ok
21:11:38.0940 4912  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
21:11:38.0956 4912  Dot4 - ok
21:11:39.0003 4912  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
21:11:39.0034 4912  Dot4Print - ok
21:11:39.0065 4912  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
21:11:39.0081 4912  dot4usb - ok
21:11:39.0128 4912  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\WINDOWS\system32\dps.dll
21:11:39.0128 4912  DPS - ok
21:11:39.0159 4912  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:11:39.0159 4912  drmkaud - ok
21:11:39.0190 4912  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:11:39.0206 4912  DXGKrnl - ok
21:11:39.0237 4912  [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress      C:\WINDOWS\system32\DRIVERS\e1c62x64.sys
21:11:39.0237 4912  e1cexpress - ok
21:11:39.0268 4912  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\WINDOWS\system32\DRIVERS\e1y60x64.sys
21:11:39.0268 4912  e1yexpress - ok
21:11:39.0315 4912  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:11:39.0315 4912  EapHost - ok
21:11:39.0440 4912  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:11:39.0533 4912  ebdrv - ok
21:11:39.0580 4912  [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis       C:\WINDOWS\System32\Drivers\wwuss64.sys
21:11:39.0596 4912  ecnssndis - ok
21:11:39.0611 4912  [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr   C:\WINDOWS\System32\Drivers\wwussf64.sys
21:11:39.0611 4912  ecnssndisfltr - ok
21:11:39.0642 4912  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\WINDOWS\System32\lsass.exe
21:11:39.0642 4912  EFS - ok
21:11:39.0705 4912  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
21:11:39.0736 4912  ehRecvr - ok
21:11:39.0767 4912  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\WINDOWS\ehome\ehsched.exe
21:11:39.0767 4912  ehSched - ok
21:11:39.0798 4912  [ 3836E2DB9034543F63943CDBB52A691A ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
21:11:39.0798 4912  ElbyCDIO - ok
21:11:39.0830 4912  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\WINDOWS\system32\drivers\elxstor.sys
21:11:39.0845 4912  elxstor - ok
21:11:39.0861 4912  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\WINDOWS\system32\drivers\errdev.sys
21:11:39.0861 4912  ErrDev - ok
21:11:39.0908 4912  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\WINDOWS\system32\es.dll
21:11:39.0923 4912  EventSystem - ok
21:11:39.0939 4912  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:11:39.0954 4912  exfat - ok
21:11:39.0970 4912  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:11:39.0986 4912  fastfat - ok
21:11:40.0048 4912  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:11:40.0064 4912  Fax - ok
21:11:40.0079 4912  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\WINDOWS\system32\drivers\fdc.sys
21:11:40.0079 4912  fdc - ok
21:11:40.0095 4912  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:11:40.0095 4912  fdPHost - ok
21:11:40.0110 4912  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:11:40.0126 4912  FDResPub - ok
21:11:40.0126 4912  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:11:40.0142 4912  FileInfo - ok
21:11:40.0142 4912  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:11:40.0142 4912  Filetrace - ok
21:11:40.0157 4912  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\WINDOWS\system32\drivers\flpydisk.sys
21:11:40.0157 4912  flpydisk - ok
21:11:40.0188 4912  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:11:40.0204 4912  FltMgr - ok
21:11:40.0235 4912  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:11:40.0266 4912  FontCache - ok
21:11:40.0329 4912  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:11:40.0329 4912  FontCache3.0.0.0 - ok
21:11:40.0344 4912  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:11:40.0344 4912  FsDepends - ok
21:11:40.0376 4912  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:11:40.0376 4912  Fs_Rec - ok
21:11:40.0391 4912  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:11:40.0391 4912  fvevol - ok
21:11:40.0422 4912  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
21:11:40.0422 4912  gagp30kx - ok
21:11:40.0454 4912  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:11:40.0454 4912  GEARAspiWDM - ok
21:11:40.0500 4912  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:11:40.0532 4912  gpsvc - ok
21:11:40.0563 4912  [ 2F3DBA5CDC388BC0500DE0EEDC8C81AE ] GTPTSER         C:\WINDOWS\system32\DRIVERS\gtptser.sys
21:11:40.0563 4912  GTPTSER - ok
21:11:40.0610 4912  [ 3DDC61C7F44238285990EACEA448C68B ] GTUQBUS         C:\WINDOWS\system32\DRIVERS\gtuqbus.sys
21:11:40.0610 4912  GTUQBUS - ok
21:11:40.0625 4912  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\WINDOWS\system32\drivers\hcw85cir.sys
21:11:40.0625 4912  hcw85cir - ok
21:11:40.0656 4912  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
21:11:40.0672 4912  HdAudAddService - ok
21:11:40.0703 4912  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:11:40.0703 4912  HDAudBus - ok
21:11:40.0703 4912  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\WINDOWS\system32\drivers\HidBatt.sys
21:11:40.0703 4912  HidBatt - ok
21:11:40.0719 4912  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\WINDOWS\system32\drivers\hidbth.sys
21:11:40.0719 4912  HidBth - ok
21:11:40.0734 4912  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\WINDOWS\system32\drivers\hidir.sys
21:11:40.0734 4912  HidIr - ok
21:11:40.0766 4912  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\WINDOWS\System32\hidserv.dll
21:11:40.0781 4912  hidserv - ok
21:11:40.0797 4912  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:11:40.0844 4912  HidUsb - ok
21:11:40.0890 4912  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
21:11:40.0890 4912  hkmsvc - ok
21:11:40.0906 4912  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:11:40.0906 4912  HomeGroupListener - ok
21:11:40.0922 4912  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:11:40.0937 4912  HomeGroupProvider - ok
21:11:41.0109 4912  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:11:41.0109 4912  hpqcxs08 - ok
21:11:41.0124 4912  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:11:41.0124 4912  hpqddsvc - ok
21:11:41.0156 4912  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:11:41.0156 4912  HpSAMD - ok
21:11:41.0202 4912  [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:11:41.0234 4912  HPSLPSVC - ok
21:11:41.0280 4912  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:11:41.0296 4912  HTTP - ok
21:11:41.0327 4912  [ CCE3DB0BA3C615CAA321EB1301532688 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
21:11:41.0327 4912  huawei_enumerator - ok
21:11:41.0343 4912  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:11:41.0343 4912  hwpolicy - ok
21:11:41.0374 4912  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:11:41.0374 4912  i8042prt - ok
21:11:41.0390 4912  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
21:11:41.0405 4912  iaStor - ok
21:11:41.0452 4912  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:11:41.0468 4912  iaStorV - ok
21:11:41.0514 4912  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:11:41.0546 4912  idsvc - ok
21:11:41.0826 4912  [ 9937600A1584FF00565D5379EB4C9EDB ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:11:42.0029 4912  igfx - ok
21:11:42.0060 4912  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
21:11:42.0060 4912  iirsp - ok
21:11:42.0092 4912  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:11:42.0123 4912  IKEEXT - ok
21:11:42.0154 4912  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\WINDOWS\system32\drivers\Impcd.sys
21:11:42.0154 4912  Impcd - ok
21:11:42.0185 4912  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:11:42.0185 4912  IntcDAud - ok
21:11:42.0216 4912  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:11:42.0216 4912  intelide - ok
21:11:42.0232 4912  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:11:42.0232 4912  intelppm - ok
21:11:42.0248 4912  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\WINDOWS\system32\ipbusenum.dll
21:11:42.0248 4912  IPBusEnum - ok
21:11:42.0263 4912  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:11:42.0263 4912  IpFilterDriver - ok
21:11:42.0310 4912  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:11:42.0326 4912  iphlpsvc - ok
21:11:42.0357 4912  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\WINDOWS\system32\drivers\IPMIDrv.sys
21:11:42.0357 4912  IPMIDRV - ok
21:11:42.0372 4912  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:11:42.0372 4912  IPNAT - ok
21:11:42.0419 4912  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:11:42.0435 4912  iPod Service - ok
21:11:42.0466 4912  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:11:42.0466 4912  IRENUM - ok
21:11:42.0482 4912  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:11:42.0482 4912  isapnp - ok
21:11:42.0513 4912  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\WINDOWS\system32\drivers\msiscsi.sys
21:11:42.0513 4912  iScsiPrt - ok
21:11:42.0544 4912  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:11:42.0544 4912  kbdclass - ok
21:11:42.0560 4912  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\WINDOWS\system32\drivers\kbdhid.sys
21:11:42.0560 4912  kbdhid - ok
21:11:42.0575 4912  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:11:42.0575 4912  KeyIso - ok
21:11:42.0606 4912  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:11:42.0606 4912  KSecDD - ok
21:11:42.0622 4912  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:11:42.0622 4912  KSecPkg - ok
21:11:42.0638 4912  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:11:42.0638 4912  ksthunk - ok
21:11:42.0684 4912  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:11:42.0684 4912  KtmRm - ok
21:11:42.0716 4912  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
21:11:42.0731 4912  LanmanServer - ok
21:11:42.0762 4912  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:11:42.0762 4912  LanmanWorkstation - ok
21:11:42.0794 4912  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
21:11:42.0794 4912  lltdio - ok
21:11:42.0809 4912  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:11:42.0825 4912  lltdsvc - ok
21:11:42.0856 4912  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:11:42.0856 4912  lmhosts - ok
21:11:42.0887 4912  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\WINDOWS\system32\drivers\lsi_fc.sys
21:11:42.0887 4912  LSI_FC - ok
21:11:42.0903 4912  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:11:42.0918 4912  LSI_SAS - ok
21:11:42.0934 4912  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
21:11:42.0934 4912  LSI_SAS2 - ok
21:11:42.0950 4912  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
21:11:42.0950 4912  LSI_SCSI - ok
21:11:42.0965 4912  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:11:42.0981 4912  luafv - ok
21:11:43.0012 4912  [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus        C:\WINDOWS\system32\drivers\Mbm3CBus.sys
21:11:43.0028 4912  Mbm3CBus - ok
21:11:43.0059 4912  [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt       C:\WINDOWS\system32\drivers\Mbm3DevMt.sys
21:11:43.0059 4912  Mbm3DevMt - ok
21:11:43.0090 4912  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
21:11:43.0090 4912  Mcx2Svc - ok
21:11:43.0106 4912  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:11:43.0106 4912  megasas - ok
21:11:43.0137 4912  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
21:11:43.0137 4912  MegaSR - ok
21:11:43.0168 4912  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\WINDOWS\system32\drivers\HECIx64.sys
21:11:43.0168 4912  MEIx64 - ok
21:11:43.0215 4912  Microsoft SharePoint Workspace Audit Service - ok
21:11:43.0246 4912  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
21:11:43.0246 4912  MMCSS - ok
21:11:43.0277 4912  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:11:43.0277 4912  Modem - ok
21:11:43.0277 4912  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\WINDOWS\system32\DRIVERS\monitor.sys
21:11:43.0277 4912  monitor - ok
21:11:43.0293 4912  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:11:43.0293 4912  mouclass - ok
21:11:43.0324 4912  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:11:43.0355 4912  mouhid - ok
21:11:43.0371 4912  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:11:43.0386 4912  mountmgr - ok
21:11:43.0402 4912  [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
21:11:43.0402 4912  MpFilter - ok
21:11:43.0433 4912  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\WINDOWS\system32\drivers\mpio.sys
21:11:43.0433 4912  mpio - ok
21:11:43.0449 4912  [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon         C:\WINDOWS\system32\DRIVERS\MpNWMon.sys
21:11:43.0464 4912  MpNWMon - ok
21:11:43.0480 4912  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:11:43.0480 4912  mpsdrv - ok
21:11:43.0527 4912  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:11:43.0558 4912  MpsSvc - ok
21:11:43.0574 4912  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:11:43.0589 4912  MRxDAV - ok
21:11:43.0605 4912  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:11:43.0620 4912  mrxsmb - ok
21:11:43.0636 4912  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:11:43.0636 4912  mrxsmb10 - ok
21:11:43.0667 4912  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:11:43.0667 4912  mrxsmb20 - ok
21:11:43.0698 4912  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\WINDOWS\system32\drivers\msahci.sys
21:11:43.0698 4912  msahci - ok
21:11:43.0714 4912  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\WINDOWS\system32\drivers\msdsm.sys
21:11:43.0714 4912  msdsm - ok
21:11:43.0730 4912  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:11:43.0745 4912  MSDTC - ok
21:11:43.0776 4912  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:11:43.0776 4912  Msfs - ok
21:11:43.0808 4912  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:11:43.0808 4912  mshidkmdf - ok
21:11:43.0823 4912  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:11:43.0823 4912  msisadrv - ok
21:11:43.0854 4912  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:11:43.0854 4912  MSiSCSI - ok
21:11:43.0870 4912  msiserver - ok
21:11:43.0886 4912  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:11:43.0886 4912  MSKSSRV - ok
21:11:43.0932 4912  [ 157E9E498206A3366BAA7E4697BDD947 ] MsMpSvc         c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
21:11:43.0932 4912  MsMpSvc - ok
21:11:43.0964 4912  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:11:43.0964 4912  MSPCLOCK - ok
21:11:43.0979 4912  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:11:43.0979 4912  MSPQM - ok
21:11:44.0010 4912  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:11:44.0010 4912  MsRPC - ok
21:11:44.0026 4912  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:11:44.0026 4912  mssmbios - ok
21:11:44.0057 4912  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:11:44.0057 4912  MSTEE - ok
21:11:44.0073 4912  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\WINDOWS\system32\drivers\MTConfig.sys
21:11:44.0073 4912  MTConfig - ok
21:11:44.0088 4912  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:11:44.0088 4912  Mup - ok
21:11:44.0120 4912  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\WINDOWS\system32\qagentRT.dll
21:11:44.0135 4912  napagent - ok
21:11:44.0166 4912  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:11:44.0182 4912  NativeWifiP - ok
21:11:44.0244 4912  [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
21:11:44.0276 4912  NAUpdate - ok
21:11:44.0338 4912  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:11:44.0354 4912  NDIS - ok
21:11:44.0385 4912  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
21:11:44.0385 4912  NdisCap - ok
21:11:44.0400 4912  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:11:44.0416 4912  NdisTapi - ok
21:11:44.0432 4912  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:11:44.0432 4912  Ndisuio - ok
21:11:44.0447 4912  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:11:44.0447 4912  NdisWan - ok
21:11:44.0463 4912  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:11:44.0478 4912  NDProxy - ok
21:11:44.0525 4912  [ 47DA0A01D8AD23B83F690DCF25C859A8 ] NEOFLTR_700_16899 C:\WINDOWS\system32\Drivers\NEOFLTR_700_16899.SYS
21:11:44.0525 4912  NEOFLTR_700_16899 - ok
21:11:44.0588 4912  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:11:44.0634 4912  Net Driver HPZ12 - ok
21:11:44.0666 4912  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
21:11:44.0666 4912  Netaapl - ok
21:11:44.0697 4912  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:11:44.0697 4912  NetBIOS - ok
21:11:44.0712 4912  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:11:44.0728 4912  NetBT - ok
21:11:44.0728 4912  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:11:44.0744 4912  Netlogon - ok
21:11:44.0775 4912  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\WINDOWS\System32\netman.dll
21:11:44.0775 4912  Netman - ok
21:11:44.0806 4912  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0837 4912  NetMsmqActivator - ok
21:11:44.0837 4912  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0853 4912  NetPipeActivator - ok
21:11:44.0868 4912  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\WINDOWS\System32\netprofm.dll
21:11:44.0884 4912  netprofm - ok
21:11:44.0884 4912  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0900 4912  NetTcpActivator - ok
21:11:44.0900 4912  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:44.0900 4912  NetTcpPortSharing - ok
21:11:45.0040 4912  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\WINDOWS\system32\DRIVERS\netw5v64.sys
21:11:45.0149 4912  netw5v64 - ok
21:11:45.0336 4912  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
21:11:45.0524 4912  NETwNs64 - ok
21:11:45.0555 4912  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
21:11:45.0555 4912  nfrd960 - ok
21:11:45.0586 4912  [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv          C:\WINDOWS\system32\DRIVERS\NisDrvWFP.sys
21:11:45.0586 4912  NisDrv - ok
21:11:45.0602 4912  [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv          c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
21:11:45.0602 4912  NisSrv - ok
21:11:45.0633 4912  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:11:45.0648 4912  NlaSvc - ok
21:11:45.0680 4912  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:11:45.0680 4912  Npfs - ok
21:11:45.0695 4912  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:11:45.0711 4912  nsi - ok
21:11:45.0711 4912  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:11:45.0711 4912  nsiproxy - ok
21:11:45.0773 4912  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:11:45.0804 4912  Ntfs - ok
21:11:45.0836 4912  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:11:45.0836 4912  Null - ok
21:11:45.0867 4912  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
21:11:45.0867 4912  nusb3hub - ok
21:11:45.0882 4912  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
21:11:45.0882 4912  nusb3xhc - ok
21:11:45.0914 4912  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:11:45.0929 4912  nvraid - ok
21:11:45.0960 4912  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:11:45.0960 4912  nvstor - ok
21:11:45.0992 4912  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
21:11:45.0992 4912  nv_agp - ok
21:11:46.0023 4912  [ 34D52ECC6DD8577600B392E06B74D4B7 ] nwdelgobi3kfilter C:\WINDOWS\system32\drivers\nwdelgobi3kfilter.sys
21:11:46.0023 4912  nwdelgobi3kfilter - ok
21:11:46.0054 4912  [ 49BC63FB646734567D6BDE76E10F5E8E ] nwdelserial     C:\WINDOWS\system32\drivers\nwdelserial.sys
21:11:46.0054 4912  nwdelserial - ok
21:11:46.0070 4912  [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH         C:\WINDOWS\system32\DRIVERS\o2flash.exe
21:11:46.0085 4912  O2FLASH - ok
21:11:46.0101 4912  [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR        C:\WINDOWS\system32\drivers\O2MDFw7x64.sys
21:11:46.0101 4912  O2MDFRDR - ok
21:11:46.0116 4912  [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR        C:\WINDOWS\system32\DRIVERS\O2MDRw7x64.sys
21:11:46.0132 4912  O2MDRRDR - ok
21:11:46.0132 4912  [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR        C:\WINDOWS\system32\DRIVERS\o2sdjw7x64.sys
21:11:46.0148 4912  O2SDJRDR - ok
21:11:46.0148 4912  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\WINDOWS\system32\drivers\ohci1394.sys
21:11:46.0163 4912  ohci1394 - ok
21:11:46.0241 4912  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:11:46.0241 4912  ose - ok
21:11:46.0413 4912  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:11:46.0522 4912  osppsvc - ok
21:11:46.0553 4912  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:11:46.0553 4912  p2pimsvc - ok
21:11:46.0584 4912  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:11:46.0584 4912  p2psvc - ok
21:11:46.0600 4912  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
21:11:46.0616 4912  Parport - ok
21:11:46.0631 4912  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:11:46.0631 4912  partmgr - ok
21:11:46.0647 4912  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:11:46.0647 4912  PcaSvc - ok
21:11:46.0694 4912  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:11:46.0694 4912  pci - ok
21:11:46.0725 4912  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:11:46.0725 4912  pciide - ok
21:11:46.0756 4912  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:11:46.0756 4912  pcmcia - ok
21:11:46.0772 4912  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:11:46.0772 4912  pcw - ok
21:11:46.0803 4912  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:11:46.0818 4912  PEAUTH - ok
21:11:46.0865 4912  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
21:11:46.0912 4912  PeerDistSvc - ok
21:11:47.0006 4912  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:11:47.0006 4912  PerfHost - ok
21:11:47.0068 4912  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\WINDOWS\system32\pla.dll
21:11:47.0115 4912  pla - ok
21:11:47.0146 4912  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:11:47.0162 4912  PlugPlay - ok
21:11:47.0224 4912  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:11:47.0271 4912  Pml Driver HPZ12 - ok
21:11:47.0286 4912  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:11:47.0286 4912  PNRPAutoReg - ok
21:11:47.0318 4912  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:11:47.0318 4912  PNRPsvc - ok
21:11:47.0349 4912  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:11:47.0380 4912  PolicyAgent - ok
21:11:47.0396 4912  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\WINDOWS\system32\umpo.dll
21:11:47.0396 4912  Power - ok
21:11:47.0427 4912  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:11:47.0427 4912  PptpMiniport - ok
21:11:47.0505 4912  [ 3A603DD6466569970BD99DFB4C63BBC7 ] prepdrvr        C:\Windows\SysWOW64\CCM\prepdrv.sys
21:11:47.0505 4912  prepdrvr - ok
21:11:47.0520 4912  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\WINDOWS\system32\drivers\processr.sys
21:11:47.0520 4912  Processor - ok
21:11:47.0567 4912  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:11:47.0567 4912  ProfSvc - ok
21:11:47.0583 4912  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:11:47.0583 4912  ProtectedStorage - ok
21:11:47.0614 4912  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
21:11:47.0614 4912  Psched - ok
21:11:47.0676 4912  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\WINDOWS\system32\drivers\ql2300.sys
21:11:47.0739 4912  ql2300 - ok
21:11:47.0786 4912  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\WINDOWS\system32\drivers\ql40xx.sys
21:11:47.0786 4912  ql40xx - ok
21:11:47.0817 4912  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:11:47.0832 4912  QWAVE - ok
21:11:47.0848 4912  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:11:47.0848 4912  QWAVEdrv - ok
21:11:47.0864 4912  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:11:47.0864 4912  RasAcd - ok
21:11:47.0895 4912  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
21:11:47.0895 4912  RasAgileVpn - ok
21:11:47.0910 4912  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:11:47.0910 4912  RasAuto - ok
21:11:47.0942 4912  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:11:47.0942 4912  Rasl2tp - ok
21:11:47.0973 4912  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:11:47.0988 4912  RasMan - ok
21:11:48.0004 4912  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:11:48.0004 4912  RasPppoe - ok
21:11:48.0020 4912  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
21:11:48.0020 4912  RasSstp - ok
21:11:48.0051 4912  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:11:48.0051 4912  rdbss - ok
21:11:48.0066 4912  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\WINDOWS\system32\DRIVERS\rdpbus.sys
21:11:48.0066 4912  rdpbus - ok
21:11:48.0082 4912  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:11:48.0082 4912  RDPCDD - ok
21:11:48.0113 4912  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:11:48.0113 4912  RDPDR - ok
21:11:48.0129 4912  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\WINDOWS\system32\drivers\rdpencdd.sys
21:11:48.0129 4912  RDPENCDD - ok
21:11:48.0144 4912  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\WINDOWS\system32\drivers\rdprefmp.sys
21:11:48.0144 4912  RDPREFMP - ok
21:11:48.0191 4912  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:11:48.0191 4912  RdpVideoMiniport - ok
21:11:48.0222 4912  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:11:48.0222 4912  RDPWD - ok
21:11:48.0254 4912  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:11:48.0254 4912  rdyboost - ok
21:11:48.0285 4912  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:11:48.0285 4912  RemoteAccess - ok
21:11:48.0316 4912  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:11:48.0332 4912  RemoteRegistry - ok
21:11:48.0363 4912  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
21:11:48.0378 4912  RFCOMM - ok
21:11:48.0410 4912  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:11:48.0410 4912  RpcEptMapper - ok
21:11:48.0425 4912  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:11:48.0441 4912  RpcLocator - ok
21:11:48.0456 4912  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:11:48.0456 4912  RpcSs - ok
21:11:48.0488 4912  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
21:11:48.0488 4912  rspndr - ok
21:11:48.0519 4912  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\WINDOWS\system32\drivers\vms3cap.sys
21:11:48.0519 4912  s3cap - ok
21:11:48.0534 4912  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:11:48.0534 4912  SamSs - ok
21:11:48.0550 4912  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:11:48.0550 4912  sbp2port - ok
21:11:48.0566 4912  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:11:48.0581 4912  SCardSvr - ok
21:11:48.0581 4912  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:11:48.0597 4912  scfilter - ok
21:11:48.0628 4912  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:11:48.0675 4912  Schedule - ok
21:11:48.0690 4912  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:11:48.0706 4912  SCPolicySvc - ok
21:11:48.0722 4912  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
21:11:48.0737 4912  sdbus - ok
21:11:48.0737 4912  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
21:11:48.0753 4912  SDRSVC - ok
21:11:48.0784 4912  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
21:11:48.0784 4912  secdrv - ok
21:11:48.0784 4912  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:11:48.0800 4912  seclogon - ok
21:11:48.0831 4912  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\WINDOWS\system32\sens.dll
21:11:48.0831 4912  SENS - ok
21:11:48.0846 4912  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:11:48.0862 4912  SensrSvc - ok
21:11:48.0893 4912  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
21:11:48.0893 4912  Serenum - ok
21:11:48.0924 4912  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:11:48.0924 4912  Serial - ok
21:11:48.0956 4912  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\WINDOWS\system32\drivers\sermouse.sys
21:11:48.0956 4912  sermouse - ok
21:11:48.0987 4912  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:11:49.0002 4912  SessionEnv - ok
21:11:49.0018 4912  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\WINDOWS\system32\drivers\sffdisk.sys
21:11:49.0018 4912  sffdisk - ok
21:11:49.0034 4912  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\WINDOWS\system32\drivers\sffp_mmc.sys
21:11:49.0034 4912  sffp_mmc - ok
21:11:49.0034 4912  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\WINDOWS\system32\drivers\sffp_sd.sys
21:11:49.0049 4912  sffp_sd - ok
21:11:49.0049 4912  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\WINDOWS\system32\drivers\sfloppy.sys
21:11:49.0065 4912  sfloppy - ok
21:11:49.0096 4912  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:11:49.0112 4912  SharedAccess - ok
21:11:49.0127 4912  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:11:49.0143 4912  ShellHWDetection - ok
21:11:49.0174 4912  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:11:49.0190 4912  SiSRaid2 - ok
21:11:49.0205 4912  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:11:49.0205 4912  SiSRaid4 - ok
21:11:49.0252 4912  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:11:49.0252 4912  SkypeUpdate - ok
21:11:49.0283 4912  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\WINDOWS\system32\DRIVERS\smb.sys
21:11:49.0283 4912  Smb - ok
21:11:49.0283 4912  smstsmgr - ok
21:11:49.0314 4912  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:11:49.0330 4912  SNMPTRAP - ok
21:11:49.0346 4912  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\WINDOWS\system32\drivers\spldr.sys
21:11:49.0346 4912  spldr - ok
21:11:49.0377 4912  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:11:49.0408 4912  Spooler - ok
21:11:49.0502 4912  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:11:49.0595 4912  sppsvc - ok
21:11:49.0611 4912  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\WINDOWS\system32\sppuinotify.dll
21:11:49.0611 4912  sppuinotify - ok
21:11:49.0642 4912  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:11:49.0642 4912  srv - ok
21:11:49.0658 4912  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:11:49.0658 4912  srv2 - ok
21:11:49.0673 4912  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:11:49.0673 4912  srvnet - ok
21:11:49.0704 4912  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:11:49.0720 4912  SSDPSRV - ok
21:11:49.0720 4912  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:11:49.0736 4912  SstpSvc - ok
21:11:49.0782 4912  [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
21:11:49.0782 4912  STacSV - ok
21:11:49.0829 4912  [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn        C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
21:11:49.0829 4912  stdcfltn - ok
21:11:49.0860 4912  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:11:49.0860 4912  stexstor - ok
21:11:49.0892 4912  [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
21:11:49.0892 4912  STHDA - ok
21:11:49.0970 4912  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:11:50.0001 4912  stisvc - ok
21:11:50.0016 4912  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
21:11:50.0016 4912  storflt - ok
21:11:50.0032 4912  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:11:50.0048 4912  StorSvc - ok
21:11:50.0063 4912  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:11:50.0063 4912  storvsc - ok
21:11:50.0079 4912  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:11:50.0079 4912  swenum - ok
21:11:50.0141 4912  [ 78ED7E7D9720BB425645CAC0BD8EF8F6 ] SwiCardDetectSvc C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
21:11:50.0328 4912  SwiCardDetectSvc - ok
21:11:50.0344 4912  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\WINDOWS\System32\swprv.dll
21:11:50.0360 4912  swprv - ok
21:11:50.0360 4912  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\WINDOWS\system32\drivers\Synth3dVsc.sys
21:11:50.0375 4912  Synth3dVsc - ok
21:11:50.0422 4912  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:11:50.0469 4912  SysMain - ok
21:11:50.0484 4912  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:11:50.0484 4912  TabletInputService - ok
21:11:50.0500 4912  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:11:50.0516 4912  TapiSrv - ok
21:11:50.0516 4912  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\WINDOWS\System32\tbssvc.dll
21:11:50.0531 4912  TBS - ok
21:11:50.0547 4912  [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm             C:\WINDOWS\system32\drivers\tcm.sys
21:11:50.0547 4912  tcm - ok
21:11:50.0625 4912  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:11:50.0672 4912  Tcpip - ok
21:11:50.0734 4912  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:11:50.0750 4912  TCPIP6 - ok
21:11:50.0781 4912  [ FA5B20182028C06756CF273AAAD608D5 ] tcpipBM         C:\WINDOWS\system32\drivers\tcpipBM.sys
21:11:50.0796 4912  tcpipBM - ok
21:11:50.0828 4912  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:11:50.0828 4912  tcpipreg - ok
21:11:50.0859 4912  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\WINDOWS\system32\drivers\tdpipe.sys
21:11:50.0859 4912  TDPIPE - ok
21:11:50.0890 4912  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\WINDOWS\system32\drivers\tdtcp.sys
21:11:50.0890 4912  TDTCP - ok
21:11:50.0921 4912  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:11:50.0921 4912  tdx - ok
21:11:50.0937 4912  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:11:50.0937 4912  TermDD - ok
21:11:50.0952 4912  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\WINDOWS\system32\drivers\terminpt.sys
21:11:50.0952 4912  terminpt - ok
21:11:50.0999 4912  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:11:51.0030 4912  TermService - ok
21:11:51.0030 4912  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\WINDOWS\system32\themeservice.dll
21:11:51.0046 4912  Themes - ok
21:11:51.0062 4912  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
21:11:51.0062 4912  THREADORDER - ok
21:11:51.0093 4912  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:11:51.0093 4912  TrkWks - ok
21:11:51.0140 4912  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:11:51.0140 4912  TrustedInstaller - ok
21:11:51.0155 4912  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\WINDOWS\system32\DRIVERS\tssecsrv.sys
21:11:51.0171 4912  tssecsrv - ok
21:11:51.0202 4912  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
21:11:51.0202 4912  TsUsbFlt - ok
21:11:51.0218 4912  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\WINDOWS\system32\drivers\TsUsbGD.sys
21:11:51.0218 4912  TsUsbGD - ok
21:11:51.0233 4912  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
21:11:51.0233 4912  tsusbhub - ok
21:11:51.0264 4912  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
21:11:51.0280 4912  tunnel - ok
21:11:51.0296 4912  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
21:11:51.0296 4912  uagp35 - ok
21:11:51.0327 4912  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:11:51.0327 4912  udfs - ok
21:11:51.0358 4912  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:11:51.0358 4912  UI0Detect - ok
21:11:51.0389 4912  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
21:11:51.0389 4912  uliagpkx - ok
21:11:51.0405 4912  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\WINDOWS\system32\DRIVERS\umbus.sys
21:11:51.0405 4912  umbus - ok
21:11:51.0420 4912  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\WINDOWS\system32\drivers\umpass.sys
21:11:51.0420 4912  UmPass - ok
21:11:51.0436 4912  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:11:51.0452 4912  UmRdpService - ok
21:11:51.0467 4912  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:11:51.0467 4912  upnphost - ok
21:11:51.0498 4912  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\WINDOWS\system32\Drivers\usbaapl64.sys
21:11:51.0498 4912  USBAAPL64 - ok
21:11:51.0545 4912  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:11:51.0561 4912  usbccgp - ok
21:11:51.0576 4912  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\WINDOWS\system32\drivers\usbcir.sys
21:11:51.0576 4912  usbcir - ok
21:11:51.0608 4912  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\WINDOWS\system32\drivers\usbehci.sys
21:11:51.0608 4912  usbehci - ok
21:11:51.0639 4912  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:11:51.0639 4912  usbhub - ok
21:11:51.0670 4912  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\WINDOWS\system32\drivers\usbohci.sys
21:11:51.0670 4912  usbohci - ok
21:11:51.0686 4912  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:11:51.0701 4912  usbprint - ok
21:11:51.0748 4912  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:11:51.0764 4912  usbscan - ok
21:11:51.0795 4912  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:11:51.0810 4912  USBSTOR - ok
21:11:51.0826 4912  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\WINDOWS\system32\drivers\usbuhci.sys
21:11:51.0826 4912  usbuhci - ok
21:11:51.0857 4912  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
21:11:51.0873 4912  usbvideo - ok
21:11:51.0888 4912  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\WINDOWS\System32\uxsms.dll
21:11:51.0904 4912  UxSms - ok
21:11:51.0920 4912  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:11:51.0935 4912  VaultSvc - ok
21:11:51.0951 4912  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:11:51.0951 4912  vdrvroot - ok
21:11:51.0966 4912  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\WINDOWS\System32\vds.exe
21:11:51.0982 4912  vds - ok
21:11:51.0998 4912  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\WINDOWS\system32\DRIVERS\vgapnp.sys
21:11:52.0013 4912  vga - ok
21:11:52.0013 4912  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:11:52.0013 4912  VgaSave - ok
21:11:52.0029 4912  VGPU - ok
21:11:52.0044 4912  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\WINDOWS\system32\drivers\vhdmp.sys
21:11:52.0044 4912  vhdmp - ok
21:11:52.0076 4912  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
21:11:52.0076 4912  viaide - ok
21:11:52.0138 4912  [ F03AAF289687B13FA6331806EF99691E ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
21:11:52.0216 4912  VmbService - ok
21:11:52.0247 4912  [ 80E731A278695B47345D0171A19E428B ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:11:52.0263 4912  vmbus - ok
21:11:52.0278 4912  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\WINDOWS\system32\drivers\VMBusHID.sys
21:11:52.0278 4912  VMBusHID - ok
21:11:52.0294 4912  [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
21:11:52.0294 4912  vodafone_K3805-z_dc_enum - ok
21:11:52.0310 4912  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:11:52.0310 4912  volmgr - ok
21:11:52.0325 4912  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:11:52.0341 4912  volmgrx - ok
21:11:52.0356 4912  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:11:52.0372 4912  volsnap - ok
21:11:52.0388 4912  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:11:52.0403 4912  vsmraid - ok
21:11:52.0466 4912  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\WINDOWS\system32\vssvc.exe
21:11:52.0512 4912  VSS - ok
21:11:52.0528 4912  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\WINDOWS\system32\DRIVERS\vwifibus.sys
21:11:52.0528 4912  vwifibus - ok
21:11:52.0559 4912  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
21:11:52.0559 4912  vwififlt - ok
21:11:52.0575 4912  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\WINDOWS\system32\w32time.dll
21:11:52.0590 4912  W32Time - ok
21:11:52.0606 4912  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\WINDOWS\system32\drivers\wacompen.sys
21:11:52.0606 4912  WacomPen - ok
21:11:52.0653 4912  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:11:52.0653 4912  WANARP - ok
21:11:52.0668 4912  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:11:52.0668 4912  Wanarpv6 - ok
21:11:52.0715 4912  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:11:52.0762 4912  wbengine - ok
21:11:52.0778 4912  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:11:52.0778 4912  WbioSrvc - ok
21:11:52.0793 4912  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:11:52.0809 4912  wcncsvc - ok
21:11:52.0824 4912  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:11:52.0824 4912  WcsPlugInService - ok
21:11:52.0840 4912  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\WINDOWS\system32\drivers\wd.sys
21:11:52.0840 4912  Wd - ok
21:11:52.0887 4912  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:11:52.0902 4912  Wdf01000 - ok
21:11:52.0918 4912  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:11:52.0918 4912  WdiServiceHost - ok
21:11:52.0934 4912  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:11:52.0934 4912  WdiSystemHost - ok
21:11:52.0965 4912  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:11:52.0965 4912  WebClient - ok
21:11:52.0980 4912  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:11:52.0996 4912  Wecsvc - ok
21:11:52.0996 4912  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:11:53.0012 4912  wercplsupport - ok
21:11:53.0043 4912  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:11:53.0043 4912  WerSvc - ok
21:11:53.0074 4912  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\WINDOWS\system32\DRIVERS\wfplwf.sys
21:11:53.0074 4912  WfpLwf - ok
21:11:53.0090 4912  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:11:53.0090 4912  WIMMount - ok
21:11:53.0105 4912  WinDefend - ok
21:11:53.0121 4912  WinHttpAutoProxySvc - ok
21:11:53.0183 4912  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:11:53.0183 4912  Winmgmt - ok
21:11:53.0246 4912  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:11:53.0308 4912  WinRM - ok
21:11:53.0355 4912  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
21:11:53.0355 4912  WinUsb - ok
21:11:53.0386 4912  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\WINDOWS\System32\wlansvc.dll
21:11:53.0417 4912  Wlansvc - ok
21:11:53.0448 4912  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:11:53.0448 4912  WmiAcpi - ok
21:11:53.0480 4912  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:11:53.0495 4912  wmiApSrv - ok
21:11:53.0511 4912  WMPNetworkSvc - ok
21:11:53.0526 4912  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
21:11:53.0526 4912  WPCSvc - ok
21:11:53.0558 4912  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:11:53.0558 4912  WPDBusEnum - ok
21:11:53.0573 4912  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:11:53.0573 4912  ws2ifsl - ok
21:11:53.0589 4912  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:11:53.0604 4912  wscsvc - ok
21:11:53.0604 4912  WSearch - ok
21:11:53.0698 4912  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:11:53.0760 4912  wuauserv - ok
21:11:53.0792 4912  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:11:53.0792 4912  WudfPf - ok
21:11:53.0823 4912  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:11:53.0823 4912  WUDFRd - ok
21:11:53.0854 4912  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:11:53.0870 4912  wudfsvc - ok
21:11:53.0901 4912  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:11:53.0901 4912  WwanSvc - ok
21:11:53.0932 4912  ================ Scan global ===============================
21:11:53.0963 4912  [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\system32\basesrv.dll
21:11:54.0010 4912  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
21:11:54.0026 4912  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
21:11:54.0057 4912  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\system32\sxssrv.dll
21:11:54.0088 4912  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\system32\services.exe
21:11:54.0104 4912  [Global] - ok
21:11:54.0104 4912  ================ Scan MBR ==================================
21:11:54.0119 4912  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:11:54.0384 4912  \Device\Harddisk0\DR0 - ok
21:11:54.0384 4912  ================ Scan VBR ==================================
21:11:54.0384 4912  [ C5A88EBD37D41D54E6EDCB11A151D42B ] \Device\Harddisk0\DR0\Partition1
21:11:54.0384 4912  \Device\Harddisk0\DR0\Partition1 - ok
21:11:54.0400 4912  [ 1CA80E7814819108FBA82B465219D21F ] \Device\Harddisk0\DR0\Partition2
21:11:54.0400 4912  \Device\Harddisk0\DR0\Partition2 - ok
21:11:54.0400 4912  ============================================================
21:11:54.0400 4912  Scan finished
21:11:54.0400 4912  ============================================================
21:11:54.0431 4544  Detected object count: 0
21:11:54.0431 4544  Actual detected object count: 0
21:12:46.0906 4604  Deinitialize success
         
Ich glaube Malwarebytes hatte ich vor zwei Tagen auch schon einmal drüber laufen lassen. Hatte es dann anschließend wieder deinstalliert.

Alt 20.04.2013, 21:04   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Zitat:
21:11:34.0604 4912 Scan started
21:11:34.0604 4912 Mode: Manual;
Bitte die Anleitungen genauer lesen, du hast den tdsskiller leider falsch eingestellt
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 21.04.2013, 09:12   #13
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Ups, die anleitung für den TDS Killer habe ich tatsächlich übersehen, sorry.

Okay, habe den TDS Killer noch einmal gemäß Anleitung durchgeführt:

Code:
ATTFilter
10:07:41.0212 2504  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:07:41.0555 2504  ============================================================
10:07:41.0555 2504  Current date / time: 2013/04/21 10:07:41.0555
10:07:41.0555 2504  SystemInfo:
10:07:41.0555 2504  
10:07:41.0555 2504  OS Version: 6.1.7601 ServicePack: 1.0
10:07:41.0555 2504  Product type: Workstation
10:07:41.0555 2504  ComputerName: CIGHHNBK166
10:07:41.0555 2504  UserName: Spargo
10:07:41.0555 2504  Windows directory: C:\WINDOWS
10:07:41.0555 2504  System windows directory: C:\WINDOWS
10:07:41.0555 2504  Running under WOW64
10:07:41.0555 2504  Processor architecture: Intel x64
10:07:41.0555 2504  Number of processors: 4
10:07:41.0555 2504  Page size: 0x1000
10:07:41.0555 2504  Boot type: Normal boot
10:07:41.0555 2504  ============================================================
10:07:42.0288 2504  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:07:42.0304 2504  ============================================================
10:07:42.0304 2504  \Device\Harddisk0\DR0:
10:07:42.0304 2504  MBR partitions:
10:07:42.0304 2504  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
10:07:42.0304 2504  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x253C9800
10:07:42.0304 2504  ============================================================
10:07:42.0319 2504  C: <-> \Device\Harddisk0\DR0\Partition2
10:07:42.0319 2504  ============================================================
10:07:42.0319 2504  Initialize success
10:07:42.0319 2504  ============================================================
10:08:17.0248 1520  ============================================================
10:08:17.0248 1520  Scan started
10:08:17.0248 1520  Mode: Manual; SigCheck; TDLFS; 
10:08:17.0248 1520  ============================================================
10:08:17.0372 1520  ================ Scan system memory ========================
10:08:17.0372 1520  System memory - ok
10:08:17.0372 1520  ================ Scan services =============================
10:08:17.0497 1520  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\WINDOWS\system32\DRIVERS\1394ohci.sys
10:08:17.0606 1520  1394ohci - ok
10:08:17.0653 1520  [ 1575A815C27789061F34B4F55AE0B5C3 ] Acceler         C:\WINDOWS\system32\DRIVERS\accelern.sys
10:08:17.0684 1520  Acceler - ok
10:08:17.0700 1520  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
10:08:17.0731 1520  ACPI - ok
10:08:17.0762 1520  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\WINDOWS\system32\drivers\acpipmi.sys
10:08:17.0856 1520  AcpiPmi - ok
10:08:17.0950 1520  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:08:18.0012 1520  AdobeARMservice - ok
10:08:18.0059 1520  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
10:08:18.0106 1520  adp94xx - ok
10:08:18.0137 1520  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
10:08:18.0168 1520  adpahci - ok
10:08:18.0168 1520  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
10:08:18.0199 1520  adpu320 - ok
10:08:18.0215 1520  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
10:08:18.0355 1520  AeLookupSvc - ok
10:08:18.0402 1520  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
10:08:18.0558 1520  AESTFilters - ok
10:08:18.0620 1520  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
10:08:18.0714 1520  AFD - ok
10:08:18.0745 1520  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
10:08:18.0792 1520  agp440 - ok
10:08:18.0808 1520  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\WINDOWS\System32\alg.exe
10:08:18.0917 1520  ALG - ok
10:08:18.0964 1520  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\WINDOWS\system32\drivers\aliide.sys
10:08:18.0995 1520  aliide - ok
10:08:19.0010 1520  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\WINDOWS\system32\drivers\amdide.sys
10:08:19.0026 1520  amdide - ok
10:08:19.0026 1520  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\WINDOWS\system32\drivers\amdk8.sys
10:08:19.0073 1520  AmdK8 - ok
10:08:19.0073 1520  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\WINDOWS\system32\drivers\amdppm.sys
10:08:19.0120 1520  AmdPPM - ok
10:08:19.0166 1520  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
10:08:19.0213 1520  amdsata - ok
10:08:19.0244 1520  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
10:08:19.0276 1520  amdsbs - ok
10:08:19.0291 1520  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
10:08:19.0307 1520  amdxata - ok
10:08:19.0354 1520  [ 313CE6F6F1AF6878F8AD46542FB07D17 ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
10:08:19.0385 1520  AnyDVD - ok
10:08:19.0416 1520  [ 6D4CB1F46A0AC05326F834FD6B822479 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
10:08:19.0494 1520  ApfiltrService - ok
10:08:19.0556 1520  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
10:08:19.0744 1520  AppID - ok
10:08:19.0775 1520  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
10:08:19.0868 1520  AppIDSvc - ok
10:08:19.0884 1520  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
10:08:19.0978 1520  Appinfo - ok
10:08:20.0009 1520  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:08:20.0071 1520  Apple Mobile Device - ok
10:08:20.0134 1520  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:08:20.0180 1520  AppMgmt - ok
10:08:20.0212 1520  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\WINDOWS\system32\drivers\arc.sys
10:08:20.0227 1520  arc - ok
10:08:20.0243 1520  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
10:08:20.0258 1520  arcsas - ok
10:08:20.0336 1520  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:08:20.0399 1520  aspnet_state - ok
10:08:20.0430 1520  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:08:20.0539 1520  AsyncMac - ok
10:08:20.0586 1520  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
10:08:20.0617 1520  atapi - ok
10:08:20.0664 1520  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\WINDOWS\System32\Audiosrv.dll
10:08:20.0758 1520  AudioEndpointBuilder - ok
10:08:20.0773 1520  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\WINDOWS\System32\Audiosrv.dll
10:08:20.0804 1520  AudioSrv - ok
10:08:20.0851 1520  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
10:08:20.0960 1520  AxInstSV - ok
10:08:21.0007 1520  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
10:08:21.0085 1520  b06bdrv - ok
10:08:21.0101 1520  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\WINDOWS\system32\DRIVERS\b57nd60a.sys
10:08:21.0132 1520  b57nd60a - ok
10:08:21.0179 1520  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
10:08:21.0257 1520  BDESVC - ok
10:08:21.0272 1520  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:08:21.0304 1520  Beep - ok
10:08:21.0350 1520  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\WINDOWS\System32\bfe.dll
10:08:21.0397 1520  BFE - ok
10:08:21.0444 1520  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\WINDOWS\System32\qmgr.dll
10:08:21.0553 1520  BITS - ok
10:08:21.0584 1520  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\WINDOWS\system32\DRIVERS\blbdrive.sys
10:08:21.0631 1520  blbdrive - ok
10:08:21.0647 1520  [ E10EC5AE51B38C84894CEBF4B4308A14 ] BMLoad          C:\WINDOWS\system32\drivers\BMLoad.sys
10:08:21.0694 1520  BMLoad ( UnsignedFile.Multi.Generic ) - warning
10:08:21.0694 1520  BMLoad - detected UnsignedFile.Multi.Generic (1)
10:08:21.0740 1520  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:08:21.0803 1520  Bonjour Service - ok
10:08:21.0834 1520  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
10:08:21.0881 1520  bowser - ok
10:08:21.0896 1520  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\WINDOWS\system32\drivers\BrFiltLo.sys
10:08:21.0943 1520  BrFiltLo - ok
10:08:21.0959 1520  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\WINDOWS\system32\drivers\BrFiltUp.sys
10:08:21.0974 1520  BrFiltUp - ok
10:08:21.0990 1520  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\WINDOWS\system32\DRIVERS\bridge.sys
10:08:22.0037 1520  BridgeMP - ok
10:08:22.0068 1520  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\WINDOWS\System32\browser.dll
10:08:22.0099 1520  Browser - ok
10:08:22.0115 1520  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\WINDOWS\System32\Drivers\Brserid.sys
10:08:22.0177 1520  Brserid - ok
10:08:22.0177 1520  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\WINDOWS\System32\Drivers\BrSerWdm.sys
10:08:22.0208 1520  BrSerWdm - ok
10:08:22.0208 1520  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\WINDOWS\System32\Drivers\BrUsbMdm.sys
10:08:22.0240 1520  BrUsbMdm - ok
10:08:22.0240 1520  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\WINDOWS\System32\Drivers\BrUsbSer.sys
10:08:22.0271 1520  BrUsbSer - ok
10:08:22.0302 1520  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\WINDOWS\system32\drivers\BthEnum.sys
10:08:22.0349 1520  BthEnum - ok
10:08:22.0364 1520  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\WINDOWS\system32\drivers\bthmodem.sys
10:08:22.0396 1520  BTHMODEM - ok
10:08:22.0427 1520  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
10:08:22.0489 1520  BthPan - ok
10:08:22.0520 1520  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
10:08:22.0583 1520  BTHPORT - ok
10:08:22.0630 1520  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\WINDOWS\system32\bthserv.dll
10:08:22.0692 1520  bthserv - ok
10:08:22.0708 1520  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
10:08:22.0739 1520  BTHUSB - ok
10:08:22.0754 1520  catchme - ok
10:08:22.0864 1520  [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec         C:\Windows\SysWOW64\CCM\CcmExec.exe
10:08:22.0988 1520  CcmExec - ok
10:08:23.0035 1520  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
10:08:23.0098 1520  cdfs - ok
10:08:23.0113 1520  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:08:23.0129 1520  cdrom - ok
10:08:23.0160 1520  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
10:08:23.0238 1520  CertPropSvc - ok
10:08:23.0269 1520  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\WINDOWS\system32\drivers\circlass.sys
10:08:23.0300 1520  circlass - ok
10:08:23.0332 1520  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\WINDOWS\system32\CLFS.sys
10:08:23.0378 1520  CLFS - ok
10:08:23.0425 1520  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:23.0503 1520  clr_optimization_v2.0.50727_32 - ok
10:08:23.0534 1520  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:08:23.0581 1520  clr_optimization_v2.0.50727_64 - ok
10:08:23.0628 1520  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:08:23.0659 1520  clr_optimization_v4.0.30319_32 - ok
10:08:23.0659 1520  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:08:23.0690 1520  clr_optimization_v4.0.30319_64 - ok
10:08:23.0722 1520  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:08:23.0768 1520  CmBatt - ok
10:08:23.0784 1520  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\WINDOWS\system32\drivers\cmdide.sys
10:08:23.0815 1520  cmdide - ok
10:08:23.0862 1520  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
10:08:23.0909 1520  CNG - ok
10:08:23.0909 1520  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\WINDOWS\system32\drivers\compbatt.sys
10:08:23.0924 1520  Compbatt - ok
10:08:23.0956 1520  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\WINDOWS\system32\DRIVERS\CompositeBus.sys
10:08:23.0971 1520  CompositeBus - ok
10:08:23.0987 1520  COMSysApp - ok
10:08:23.0987 1520  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\WINDOWS\system32\drivers\crcdisk.sys
10:08:24.0002 1520  crcdisk - ok
10:08:24.0034 1520  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
10:08:24.0112 1520  CryptSvc - ok
10:08:24.0143 1520  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
10:08:24.0190 1520  CSC - ok
10:08:24.0221 1520  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\WINDOWS\System32\cscsvc.dll
10:08:24.0252 1520  CscService - ok
10:08:24.0283 1520  [ 8D23B1F950CF285957FEAF8833DBD2C7 ] cvusbdrv        C:\WINDOWS\system32\Drivers\cvusbdrv.sys
10:08:24.0314 1520  cvusbdrv - ok
10:08:24.0361 1520  [ B58959ADC3ECD9C87C5959D0E3802F55 ] d554gps         C:\WINDOWS\system32\drivers\d554gps64.sys
10:08:24.0408 1520  d554gps - ok
10:08:24.0470 1520  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:08:24.0548 1520  DcomLaunch - ok
10:08:24.0580 1520  [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc    C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
10:08:24.0658 1520  dcpsysmgrsvc - ok
10:08:24.0689 1520  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
10:08:24.0736 1520  defragsvc - ok
10:08:24.0767 1520  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\WINDOWS\system32\Drivers\dfsc.sys
10:08:24.0845 1520  DfsC - ok
10:08:24.0876 1520  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
10:08:24.0985 1520  Dhcp - ok
10:08:25.0001 1520  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\WINDOWS\system32\drivers\discache.sys
10:08:25.0063 1520  discache - ok
10:08:25.0110 1520  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\WINDOWS\system32\drivers\disk.sys
10:08:25.0157 1520  Disk - ok
10:08:25.0188 1520  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\WINDOWS\system32\drivers\dmvsc.sys
10:08:25.0235 1520  dmvsc - ok
10:08:25.0250 1520  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:08:25.0297 1520  Dnscache - ok
10:08:25.0328 1520  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:08:25.0375 1520  dot3svc - ok
10:08:25.0422 1520  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
10:08:25.0453 1520  Dot4 - ok
10:08:25.0469 1520  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
10:08:25.0500 1520  Dot4Print - ok
10:08:25.0531 1520  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\WINDOWS\system32\DRIVERS\dot4usb.sys
10:08:25.0578 1520  dot4usb - ok
10:08:25.0594 1520  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\WINDOWS\system32\dps.dll
10:08:25.0672 1520  DPS - ok
10:08:25.0687 1520  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:08:25.0718 1520  drmkaud - ok
10:08:25.0734 1520  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
10:08:25.0765 1520  DXGKrnl - ok
10:08:25.0781 1520  [ EAFCB4551836FF44EE775CEDDFA7A77E ] e1cexpress      C:\WINDOWS\system32\DRIVERS\e1c62x64.sys
10:08:25.0796 1520  e1cexpress - ok
10:08:25.0812 1520  [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress      C:\WINDOWS\system32\DRIVERS\e1y60x64.sys
10:08:25.0843 1520  e1yexpress - ok
10:08:25.0874 1520  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:08:25.0952 1520  EapHost - ok
10:08:26.0030 1520  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
10:08:26.0171 1520  ebdrv - ok
10:08:26.0186 1520  [ B90BEFCCEB59C83AC65BFD39EF7404F4 ] ecnssndis       C:\WINDOWS\System32\Drivers\wwuss64.sys
10:08:26.0202 1520  ecnssndis - ok
10:08:26.0202 1520  [ 1CF09C0555BE49EFE96B33BDA514A334 ] ecnssndisfltr   C:\WINDOWS\System32\Drivers\wwussf64.sys
10:08:26.0218 1520  ecnssndisfltr - ok
10:08:26.0249 1520  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\WINDOWS\System32\lsass.exe
10:08:26.0265 1520  EFS - ok
10:08:26.0328 1520  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
10:08:26.0437 1520  ehRecvr - ok
10:08:26.0453 1520  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\WINDOWS\ehome\ehsched.exe
10:08:26.0499 1520  ehSched - ok
10:08:26.0531 1520  [ 3836E2DB9034543F63943CDBB52A691A ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:08:26.0577 1520  ElbyCDIO - ok
10:08:26.0624 1520  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\WINDOWS\system32\drivers\elxstor.sys
10:08:26.0655 1520  elxstor - ok
10:08:26.0671 1520  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\WINDOWS\system32\drivers\errdev.sys
10:08:26.0702 1520  ErrDev - ok
10:08:26.0733 1520  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\WINDOWS\system32\es.dll
10:08:26.0780 1520  EventSystem - ok
10:08:26.0811 1520  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
10:08:26.0843 1520  exfat - ok
10:08:26.0858 1520  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
10:08:26.0921 1520  fastfat - ok
10:08:26.0952 1520  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\WINDOWS\system32\fxssvc.exe
10:08:27.0045 1520  Fax - ok
10:08:27.0077 1520  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\WINDOWS\system32\drivers\fdc.sys
10:08:27.0123 1520  fdc - ok
10:08:27.0139 1520  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
10:08:27.0186 1520  fdPHost - ok
10:08:27.0186 1520  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
10:08:27.0233 1520  FDResPub - ok
10:08:27.0264 1520  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
10:08:27.0279 1520  FileInfo - ok
10:08:27.0279 1520  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
10:08:27.0326 1520  Filetrace - ok
10:08:27.0326 1520  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\WINDOWS\system32\drivers\flpydisk.sys
10:08:27.0342 1520  flpydisk - ok
10:08:27.0357 1520  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:08:27.0373 1520  FltMgr - ok
10:08:27.0404 1520  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
10:08:27.0513 1520  FontCache - ok
10:08:27.0560 1520  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:08:27.0591 1520  FontCache3.0.0.0 - ok
10:08:27.0607 1520  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
10:08:27.0623 1520  FsDepends - ok
10:08:27.0654 1520  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:08:27.0654 1520  Fs_Rec - ok
10:08:27.0685 1520  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
10:08:27.0701 1520  fvevol - ok
10:08:27.0732 1520  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
10:08:27.0732 1520  gagp30kx - ok
10:08:27.0779 1520  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:08:27.0810 1520  GEARAspiWDM - ok
10:08:27.0841 1520  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
10:08:27.0903 1520  gpsvc - ok
10:08:27.0950 1520  [ 2F3DBA5CDC388BC0500DE0EEDC8C81AE ] GTPTSER         C:\WINDOWS\system32\DRIVERS\gtptser.sys
10:08:28.0028 1520  GTPTSER - ok
10:08:28.0059 1520  [ 3DDC61C7F44238285990EACEA448C68B ] GTUQBUS         C:\WINDOWS\system32\DRIVERS\gtuqbus.sys
10:08:28.0122 1520  GTUQBUS - ok
10:08:28.0169 1520  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\WINDOWS\system32\drivers\hcw85cir.sys
10:08:28.0215 1520  hcw85cir - ok
10:08:28.0231 1520  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
10:08:28.0262 1520  HdAudAddService - ok
10:08:28.0278 1520  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:08:28.0309 1520  HDAudBus - ok
10:08:28.0309 1520  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\WINDOWS\system32\drivers\HidBatt.sys
10:08:28.0356 1520  HidBatt - ok
10:08:28.0356 1520  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\WINDOWS\system32\drivers\hidbth.sys
10:08:28.0418 1520  HidBth - ok
10:08:28.0449 1520  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\WINDOWS\system32\drivers\hidir.sys
10:08:28.0465 1520  HidIr - ok
10:08:28.0481 1520  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\WINDOWS\System32\hidserv.dll
10:08:28.0527 1520  hidserv - ok
10:08:28.0574 1520  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:08:28.0605 1520  HidUsb - ok
10:08:28.0652 1520  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
10:08:28.0777 1520  hkmsvc - ok
10:08:28.0793 1520  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
10:08:28.0839 1520  HomeGroupListener - ok
10:08:28.0855 1520  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
10:08:28.0886 1520  HomeGroupProvider - ok
10:08:29.0042 1520  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:08:29.0167 1520  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0167 1520  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:08:29.0183 1520  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:08:29.0261 1520  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0261 1520  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
10:08:29.0292 1520  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
10:08:29.0323 1520  HpSAMD - ok
10:08:29.0354 1520  [ D972F48D0CE396759B788693CD665926 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:08:29.0417 1520  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
10:08:29.0417 1520  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
10:08:29.0448 1520  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
10:08:29.0526 1520  HTTP - ok
10:08:29.0557 1520  [ CCE3DB0BA3C615CAA321EB1301532688 ] huawei_enumerator C:\WINDOWS\system32\DRIVERS\ew_jubusenum.sys
10:08:29.0588 1520  huawei_enumerator - ok
10:08:29.0619 1520  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
10:08:29.0619 1520  hwpolicy - ok
10:08:29.0651 1520  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:08:29.0682 1520  i8042prt - ok
10:08:29.0713 1520  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
10:08:29.0744 1520  iaStor - ok
10:08:29.0791 1520  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
10:08:29.0853 1520  iaStorV - ok
10:08:29.0900 1520  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:08:29.0931 1520  idsvc - ok
10:08:30.0150 1520  [ 9937600A1584FF00565D5379EB4C9EDB ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
10:08:30.0540 1520  igfx - ok
10:08:30.0571 1520  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
10:08:30.0587 1520  iirsp - ok
10:08:30.0618 1520  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
10:08:30.0680 1520  IKEEXT - ok
10:08:30.0696 1520  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\WINDOWS\system32\drivers\Impcd.sys
10:08:30.0743 1520  Impcd - ok
10:08:30.0774 1520  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
10:08:30.0805 1520  IntcDAud - ok
10:08:30.0821 1520  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
10:08:30.0836 1520  intelide - ok
10:08:30.0852 1520  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:08:30.0883 1520  intelppm - ok
10:08:30.0914 1520  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\WINDOWS\system32\ipbusenum.dll
10:08:30.0961 1520  IPBusEnum - ok
10:08:30.0992 1520  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:08:31.0023 1520  IpFilterDriver - ok
10:08:31.0086 1520  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
10:08:31.0179 1520  iphlpsvc - ok
10:08:31.0195 1520  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\WINDOWS\system32\drivers\IPMIDrv.sys
10:08:31.0226 1520  IPMIDRV - ok
10:08:31.0257 1520  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
10:08:31.0289 1520  IPNAT - ok
10:08:31.0335 1520  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:08:31.0398 1520  iPod Service - ok
10:08:31.0429 1520  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
10:08:31.0476 1520  IRENUM - ok
10:08:31.0491 1520  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
10:08:31.0523 1520  isapnp - ok
10:08:31.0538 1520  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\WINDOWS\system32\drivers\msiscsi.sys
10:08:31.0585 1520  iScsiPrt - ok
10:08:31.0616 1520  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:08:31.0647 1520  kbdclass - ok
10:08:31.0663 1520  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\WINDOWS\system32\drivers\kbdhid.sys
10:08:31.0694 1520  kbdhid - ok
10:08:31.0710 1520  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
10:08:31.0741 1520  KeyIso - ok
10:08:31.0741 1520  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
10:08:31.0788 1520  KSecDD - ok
10:08:31.0819 1520  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
10:08:31.0897 1520  KSecPkg - ok
10:08:31.0913 1520  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
10:08:31.0991 1520  ksthunk - ok
10:08:32.0006 1520  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
10:08:32.0100 1520  KtmRm - ok
10:08:32.0147 1520  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
10:08:32.0209 1520  LanmanServer - ok
10:08:32.0256 1520  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:08:32.0334 1520  LanmanWorkstation - ok
10:08:32.0365 1520  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
10:08:32.0443 1520  lltdio - ok
10:08:32.0459 1520  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
10:08:32.0521 1520  lltdsvc - ok
10:08:32.0552 1520  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
10:08:32.0583 1520  lmhosts - ok
10:08:32.0599 1520  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\WINDOWS\system32\drivers\lsi_fc.sys
10:08:32.0615 1520  LSI_FC - ok
10:08:32.0646 1520  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
10:08:32.0661 1520  LSI_SAS - ok
10:08:32.0677 1520  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
10:08:32.0693 1520  LSI_SAS2 - ok
10:08:32.0693 1520  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
10:08:32.0708 1520  LSI_SCSI - ok
10:08:32.0724 1520  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
10:08:32.0771 1520  luafv - ok
10:08:32.0802 1520  [ 62732AF9512B911C330ACBBDBCC2F284 ] Mbm3CBus        C:\WINDOWS\system32\drivers\Mbm3CBus.sys
10:08:32.0817 1520  Mbm3CBus - ok
10:08:32.0833 1520  [ BDC2D259CA9CFCED092B3B0B8557322D ] Mbm3DevMt       C:\WINDOWS\system32\drivers\Mbm3DevMt.sys
10:08:32.0880 1520  Mbm3DevMt - ok
10:08:32.0911 1520  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
10:08:32.0942 1520  Mcx2Svc - ok
10:08:32.0942 1520  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
10:08:32.0958 1520  megasas - ok
10:08:32.0973 1520  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
10:08:33.0020 1520  MegaSR - ok
10:08:33.0051 1520  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\WINDOWS\system32\drivers\HECIx64.sys
10:08:33.0098 1520  MEIx64 - ok
10:08:33.0145 1520  Microsoft SharePoint Workspace Audit Service - ok
10:08:33.0161 1520  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
10:08:33.0239 1520  MMCSS - ok
10:08:33.0254 1520  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
10:08:33.0301 1520  Modem - ok
10:08:33.0332 1520  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\WINDOWS\system32\DRIVERS\monitor.sys
10:08:33.0395 1520  monitor - ok
10:08:33.0395 1520  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:08:33.0441 1520  mouclass - ok
10:08:33.0457 1520  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:08:33.0473 1520  mouhid - ok
10:08:33.0488 1520  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
10:08:33.0504 1520  mountmgr - ok
10:08:33.0535 1520  [ C177A7EBF5E8A0B596F618870516CAB8 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
10:08:33.0597 1520  MpFilter - ok
10:08:33.0613 1520  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\WINDOWS\system32\drivers\mpio.sys
10:08:33.0629 1520  mpio - ok
10:08:33.0644 1520  [ 8FBF6B31FE8AF1833D93C5913D5B4D55 ] MpNWMon         C:\WINDOWS\system32\DRIVERS\MpNWMon.sys
10:08:33.0660 1520  MpNWMon - ok
10:08:33.0675 1520  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
10:08:33.0722 1520  mpsdrv - ok
10:08:33.0753 1520  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
10:08:33.0816 1520  MpsSvc - ok
10:08:33.0816 1520  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
10:08:33.0847 1520  MRxDAV - ok
10:08:33.0863 1520  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:08:33.0894 1520  mrxsmb - ok
10:08:33.0925 1520  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
10:08:33.0941 1520  mrxsmb10 - ok
10:08:33.0956 1520  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
10:08:33.0972 1520  mrxsmb20 - ok
10:08:33.0987 1520  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\WINDOWS\system32\drivers\msahci.sys
10:08:34.0003 1520  msahci - ok
10:08:34.0050 1520  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\WINDOWS\system32\drivers\msdsm.sys
10:08:34.0097 1520  msdsm - ok
10:08:34.0112 1520  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
10:08:34.0190 1520  MSDTC - ok
10:08:34.0206 1520  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:08:34.0253 1520  Msfs - ok
10:08:34.0268 1520  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
10:08:34.0299 1520  mshidkmdf - ok
10:08:34.0315 1520  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
10:08:34.0331 1520  msisadrv - ok
10:08:34.0346 1520  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
10:08:34.0409 1520  MSiSCSI - ok
10:08:34.0409 1520  msiserver - ok
10:08:34.0424 1520  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:08:34.0455 1520  MSKSSRV - ok
10:08:34.0502 1520  [ 157E9E498206A3366BAA7E4697BDD947 ] MsMpSvc         c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
10:08:34.0533 1520  MsMpSvc - ok
10:08:34.0549 1520  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:08:34.0596 1520  MSPCLOCK - ok
10:08:34.0611 1520  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:08:34.0643 1520  MSPQM - ok
10:08:34.0658 1520  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
10:08:34.0689 1520  MsRPC - ok
10:08:34.0689 1520  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:08:34.0705 1520  mssmbios - ok
10:08:34.0721 1520  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:08:34.0799 1520  MSTEE - ok
10:08:34.0814 1520  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\WINDOWS\system32\drivers\MTConfig.sys
10:08:34.0814 1520  MTConfig - ok
10:08:34.0830 1520  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
10:08:34.0861 1520  Mup - ok
10:08:34.0908 1520  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\WINDOWS\system32\qagentRT.dll
10:08:34.0970 1520  napagent - ok
10:08:35.0001 1520  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
10:08:35.0033 1520  NativeWifiP - ok
10:08:35.0111 1520  [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
10:08:35.0251 1520  NAUpdate - ok
10:08:35.0282 1520  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
10:08:35.0329 1520  NDIS - ok
10:08:35.0345 1520  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
10:08:35.0376 1520  NdisCap - ok
10:08:35.0391 1520  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:08:35.0423 1520  NdisTapi - ok
10:08:35.0423 1520  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:08:35.0485 1520  Ndisuio - ok
10:08:35.0501 1520  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:08:35.0547 1520  NdisWan - ok
10:08:35.0563 1520  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:08:35.0594 1520  NDProxy - ok
10:08:35.0625 1520  [ 47DA0A01D8AD23B83F690DCF25C859A8 ] NEOFLTR_700_16899 C:\WINDOWS\system32\Drivers\NEOFLTR_700_16899.SYS
10:08:35.0641 1520  NEOFLTR_700_16899 - ok
10:08:35.0703 1520  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:08:35.0735 1520  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:08:35.0735 1520  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:08:35.0750 1520  [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
10:08:35.0813 1520  Netaapl - ok
10:08:35.0844 1520  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:08:35.0906 1520  NetBIOS - ok
10:08:35.0937 1520  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:08:35.0984 1520  NetBT - ok
10:08:36.0015 1520  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:08:36.0031 1520  Netlogon - ok
10:08:36.0062 1520  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\WINDOWS\System32\netman.dll
10:08:36.0109 1520  Netman - ok
10:08:36.0140 1520  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0187 1520  NetMsmqActivator - ok
10:08:36.0187 1520  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0203 1520  NetPipeActivator - ok
10:08:36.0234 1520  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\WINDOWS\System32\netprofm.dll
10:08:36.0281 1520  netprofm - ok
10:08:36.0281 1520  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0312 1520  NetTcpActivator - ok
10:08:36.0312 1520  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:08:36.0327 1520  NetTcpPortSharing - ok
10:08:36.0452 1520  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\WINDOWS\system32\DRIVERS\netw5v64.sys
10:08:36.0639 1520  netw5v64 - ok
10:08:36.0827 1520  [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64        C:\WINDOWS\system32\DRIVERS\NETwNs64.sys
10:08:37.0061 1520  NETwNs64 - ok
10:08:37.0092 1520  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
10:08:37.0107 1520  nfrd960 - ok
10:08:37.0123 1520  [ 5F7D72CBCDD025AF1F38FDEEE5646968 ] NisDrv          C:\WINDOWS\system32\DRIVERS\NisDrvWFP.sys
10:08:37.0139 1520  NisDrv - ok
10:08:37.0154 1520  [ 566DDD5D82520DA01D75F81428AC4C38 ] NisSrv          c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
10:08:37.0185 1520  NisSrv - ok
10:08:37.0217 1520  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
10:08:37.0263 1520  NlaSvc - ok
10:08:37.0310 1520  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:08:37.0357 1520  Npfs - ok
10:08:37.0373 1520  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\WINDOWS\system32\nsisvc.dll
10:08:37.0419 1520  nsi - ok
10:08:37.0435 1520  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
10:08:37.0482 1520  nsiproxy - ok
10:08:37.0544 1520  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:08:37.0622 1520  Ntfs - ok
10:08:37.0622 1520  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:08:37.0669 1520  Null - ok
10:08:37.0685 1520  [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
10:08:37.0731 1520  nusb3hub - ok
10:08:37.0747 1520  [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
10:08:37.0794 1520  nusb3xhc - ok
10:08:37.0809 1520  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
10:08:37.0825 1520  nvraid - ok
10:08:37.0841 1520  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
10:08:37.0856 1520  nvstor - ok
10:08:37.0903 1520  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
10:08:37.0919 1520  nv_agp - ok
10:08:37.0950 1520  [ 34D52ECC6DD8577600B392E06B74D4B7 ] nwdelgobi3kfilter C:\WINDOWS\system32\drivers\nwdelgobi3kfilter.sys
10:08:37.0997 1520  nwdelgobi3kfilter - ok
10:08:38.0012 1520  [ 49BC63FB646734567D6BDE76E10F5E8E ] nwdelserial     C:\WINDOWS\system32\drivers\nwdelserial.sys
10:08:38.0075 1520  nwdelserial - ok
10:08:38.0106 1520  [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH         C:\WINDOWS\system32\DRIVERS\o2flash.exe
10:08:38.0137 1520  O2FLASH - ok
10:08:38.0153 1520  [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR        C:\WINDOWS\system32\drivers\O2MDFw7x64.sys
10:08:38.0168 1520  O2MDFRDR - ok
10:08:38.0184 1520  [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR        C:\WINDOWS\system32\DRIVERS\O2MDRw7x64.sys
10:08:38.0215 1520  O2MDRRDR - ok
10:08:38.0231 1520  [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR        C:\WINDOWS\system32\DRIVERS\o2sdjw7x64.sys
10:08:38.0246 1520  O2SDJRDR - ok
10:08:38.0262 1520  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\WINDOWS\system32\drivers\ohci1394.sys
10:08:38.0293 1520  ohci1394 - ok
10:08:38.0371 1520  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:38.0449 1520  ose - ok
10:08:38.0636 1520  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:08:38.0917 1520  osppsvc - ok
10:08:38.0948 1520  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
10:08:39.0026 1520  p2pimsvc - ok
10:08:39.0057 1520  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
10:08:39.0089 1520  p2psvc - ok
10:08:39.0104 1520  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:08:39.0135 1520  Parport - ok
10:08:39.0167 1520  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
10:08:39.0167 1520  partmgr - ok
10:08:39.0182 1520  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
10:08:39.0213 1520  PcaSvc - ok
10:08:39.0245 1520  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\WINDOWS\system32\drivers\pci.sys
10:08:39.0260 1520  pci - ok
10:08:39.0291 1520  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
10:08:39.0291 1520  pciide - ok
10:08:39.0323 1520  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
10:08:39.0338 1520  pcmcia - ok
10:08:39.0354 1520  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
10:08:39.0354 1520  pcw - ok
10:08:39.0369 1520  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
10:08:39.0447 1520  PEAUTH - ok
10:08:39.0494 1520  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
10:08:39.0588 1520  PeerDistSvc - ok
10:08:39.0681 1520  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
10:08:39.0775 1520  PerfHost - ok
10:08:39.0837 1520  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\WINDOWS\system32\pla.dll
10:08:39.0931 1520  pla - ok
10:08:39.0978 1520  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
10:08:40.0009 1520  PlugPlay - ok
10:08:40.0071 1520  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:08:40.0134 1520  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
10:08:40.0134 1520  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
10:08:40.0134 1520  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
10:08:40.0181 1520  PNRPAutoReg - ok
10:08:40.0196 1520  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
10:08:40.0227 1520  PNRPsvc - ok
10:08:40.0259 1520  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
10:08:40.0337 1520  PolicyAgent - ok
10:08:40.0383 1520  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\WINDOWS\system32\umpo.dll
10:08:40.0446 1520  Power - ok
10:08:40.0477 1520  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:08:40.0524 1520  PptpMiniport - ok
10:08:40.0602 1520  [ 3A603DD6466569970BD99DFB4C63BBC7 ] prepdrvr        C:\Windows\SysWOW64\CCM\prepdrv.sys
10:08:40.0633 1520  prepdrvr - ok
10:08:40.0649 1520  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\WINDOWS\system32\drivers\processr.sys
10:08:40.0695 1520  Processor - ok
10:08:40.0727 1520  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
10:08:40.0820 1520  ProfSvc - ok
10:08:40.0851 1520  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:08:40.0867 1520  ProtectedStorage - ok
10:08:40.0883 1520  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
10:08:40.0929 1520  Psched - ok
10:08:40.0961 1520  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\WINDOWS\system32\drivers\ql2300.sys
10:08:41.0023 1520  ql2300 - ok
10:08:41.0039 1520  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\WINDOWS\system32\drivers\ql40xx.sys
10:08:41.0054 1520  ql40xx - ok
10:08:41.0085 1520  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\WINDOWS\system32\qwave.dll
10:08:41.0117 1520  QWAVE - ok
10:08:41.0132 1520  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
10:08:41.0163 1520  QWAVEdrv - ok
10:08:41.0195 1520  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:08:41.0226 1520  RasAcd - ok
10:08:41.0241 1520  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
10:08:41.0273 1520  RasAgileVpn - ok
10:08:41.0288 1520  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:08:41.0335 1520  RasAuto - ok
10:08:41.0351 1520  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:08:41.0397 1520  Rasl2tp - ok
10:08:41.0413 1520  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:08:41.0460 1520  RasMan - ok
10:08:41.0460 1520  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:08:41.0507 1520  RasPppoe - ok
10:08:41.0522 1520  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
10:08:41.0553 1520  RasSstp - ok
10:08:41.0569 1520  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:08:41.0631 1520  rdbss - ok
10:08:41.0647 1520  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\WINDOWS\system32\DRIVERS\rdpbus.sys
10:08:41.0663 1520  rdpbus - ok
10:08:41.0678 1520  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:08:41.0709 1520  RDPCDD - ok
10:08:41.0725 1520  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
10:08:41.0756 1520  RDPDR - ok
10:08:41.0756 1520  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\WINDOWS\system32\drivers\rdpencdd.sys
10:08:41.0819 1520  RDPENCDD - ok
10:08:41.0834 1520  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\WINDOWS\system32\drivers\rdprefmp.sys
10:08:41.0865 1520  RDPREFMP - ok
10:08:41.0881 1520  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
10:08:41.0943 1520  RdpVideoMiniport - ok
10:08:41.0975 1520  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:08:42.0053 1520  RDPWD - ok
10:08:42.0084 1520  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
10:08:42.0115 1520  rdyboost - ok
10:08:42.0146 1520  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:08:42.0209 1520  RemoteAccess - ok
10:08:42.0240 1520  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:08:42.0287 1520  RemoteRegistry - ok
10:08:42.0318 1520  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
10:08:42.0365 1520  RFCOMM - ok
10:08:42.0396 1520  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
10:08:42.0443 1520  RpcEptMapper - ok
10:08:42.0458 1520  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:08:42.0489 1520  RpcLocator - ok
10:08:42.0505 1520  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:08:42.0552 1520  RpcSs - ok
10:08:42.0567 1520  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
10:08:42.0630 1520  rspndr - ok
10:08:42.0645 1520  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\WINDOWS\system32\drivers\vms3cap.sys
10:08:42.0661 1520  s3cap - ok
10:08:42.0677 1520  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:08:42.0692 1520  SamSs - ok
10:08:42.0708 1520  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
10:08:42.0723 1520  sbp2port - ok
10:08:42.0739 1520  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
10:08:42.0801 1520  SCardSvr - ok
10:08:42.0817 1520  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
10:08:42.0848 1520  scfilter - ok
10:08:42.0879 1520  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:08:42.0942 1520  Schedule - ok
10:08:42.0957 1520  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
10:08:43.0004 1520  SCPolicySvc - ok
10:08:43.0035 1520  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:08:43.0082 1520  sdbus - ok
10:08:43.0098 1520  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
10:08:43.0160 1520  SDRSVC - ok
10:08:43.0191 1520  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
10:08:43.0269 1520  secdrv - ok
10:08:43.0269 1520  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\WINDOWS\system32\seclogon.dll
10:08:43.0316 1520  seclogon - ok
10:08:43.0332 1520  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\WINDOWS\system32\sens.dll
10:08:43.0363 1520  SENS - ok
10:08:43.0379 1520  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
10:08:43.0410 1520  SensrSvc - ok
10:08:43.0441 1520  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:08:43.0457 1520  Serenum - ok
10:08:43.0488 1520  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:08:43.0519 1520  Serial - ok
10:08:43.0519 1520  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\WINDOWS\system32\drivers\sermouse.sys
10:08:43.0550 1520  sermouse - ok
10:08:43.0566 1520  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
10:08:43.0613 1520  SessionEnv - ok
10:08:43.0628 1520  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\WINDOWS\system32\drivers\sffdisk.sys
10:08:43.0644 1520  sffdisk - ok
10:08:43.0644 1520  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\WINDOWS\system32\drivers\sffp_mmc.sys
10:08:43.0659 1520  sffp_mmc - ok
10:08:43.0675 1520  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\WINDOWS\system32\drivers\sffp_sd.sys
10:08:43.0691 1520  sffp_sd - ok
10:08:43.0722 1520  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\WINDOWS\system32\drivers\sfloppy.sys
10:08:43.0737 1520  sfloppy - ok
10:08:43.0753 1520  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:08:43.0847 1520  SharedAccess - ok
10:08:43.0893 1520  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:08:43.0971 1520  ShellHWDetection - ok
10:08:43.0987 1520  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
10:08:44.0003 1520  SiSRaid2 - ok
10:08:44.0018 1520  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
10:08:44.0034 1520  SiSRaid4 - ok
10:08:44.0065 1520  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:08:44.0190 1520  SkypeUpdate - ok
10:08:44.0221 1520  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\WINDOWS\system32\DRIVERS\smb.sys
10:08:44.0268 1520  Smb - ok
10:08:44.0283 1520  smstsmgr - ok
10:08:44.0299 1520  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
10:08:44.0361 1520  SNMPTRAP - ok
10:08:44.0393 1520  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\WINDOWS\system32\drivers\spldr.sys
10:08:44.0424 1520  spldr - ok
10:08:44.0455 1520  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
10:08:44.0533 1520  Spooler - ok
10:08:44.0627 1520  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
10:08:44.0798 1520  sppsvc - ok
10:08:44.0814 1520  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\WINDOWS\system32\sppuinotify.dll
10:08:44.0845 1520  sppuinotify - ok
10:08:44.0876 1520  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:08:44.0939 1520  srv - ok
10:08:44.0954 1520  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
10:08:45.0017 1520  srv2 - ok
10:08:45.0032 1520  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
10:08:45.0048 1520  srvnet - ok
10:08:45.0079 1520  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:08:45.0110 1520  SSDPSRV - ok
10:08:45.0126 1520  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
10:08:45.0157 1520  SstpSvc - ok
10:08:45.0188 1520  [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
10:08:45.0266 1520  STacSV - ok
10:08:45.0297 1520  [ E4EA2412FB1B8AEE33667A9CC6D456A4 ] stdcfltn        C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
10:08:45.0313 1520  stdcfltn - ok
10:08:45.0329 1520  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
10:08:45.0344 1520  stexstor - ok
10:08:45.0360 1520  [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
10:08:45.0391 1520  STHDA - ok
10:08:45.0422 1520  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
10:08:45.0469 1520  stisvc - ok
10:08:45.0469 1520  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
10:08:45.0485 1520  storflt - ok
10:08:45.0500 1520  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\WINDOWS\system32\storsvc.dll
10:08:45.0563 1520  StorSvc - ok
10:08:45.0594 1520  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
10:08:45.0625 1520  storvsc - ok
10:08:45.0641 1520  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:08:45.0656 1520  swenum - ok
10:08:45.0719 1520  [ 78ED7E7D9720BB425645CAC0BD8EF8F6 ] SwiCardDetectSvc C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe
10:08:45.0843 1520  SwiCardDetectSvc - ok
10:08:45.0859 1520  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\WINDOWS\System32\swprv.dll
10:08:45.0921 1520  swprv - ok
10:08:45.0921 1520  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\WINDOWS\system32\drivers\Synth3dVsc.sys
10:08:45.0937 1520  Synth3dVsc - ok
10:08:45.0968 1520  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\WINDOWS\system32\sysmain.dll
10:08:46.0046 1520  SysMain - ok
10:08:46.0046 1520  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
10:08:46.0077 1520  TabletInputService - ok
10:08:46.0093 1520  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:08:46.0155 1520  TapiSrv - ok
10:08:46.0155 1520  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\WINDOWS\System32\tbssvc.dll
10:08:46.0202 1520  TBS - ok
10:08:46.0233 1520  [ 08228AC4B3EEF0DEE3D38D239692E510 ] tcm             C:\WINDOWS\system32\drivers\tcm.sys
10:08:46.0265 1520  tcm - ok
10:08:46.0311 1520  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
10:08:46.0389 1520  Tcpip - ok
10:08:46.0452 1520  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:08:46.0514 1520  TCPIP6 - ok
10:08:46.0530 1520  [ FA5B20182028C06756CF273AAAD608D5 ] tcpipBM         C:\WINDOWS\system32\drivers\tcpipBM.sys
10:08:46.0561 1520  tcpipBM ( UnsignedFile.Multi.Generic ) - warning
10:08:46.0561 1520  tcpipBM - detected UnsignedFile.Multi.Generic (1)
10:08:46.0592 1520  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
10:08:46.0623 1520  tcpipreg - ok
10:08:46.0655 1520  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\WINDOWS\system32\drivers\tdpipe.sys
10:08:46.0701 1520  TDPIPE - ok
10:08:46.0717 1520  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\WINDOWS\system32\drivers\tdtcp.sys
10:08:46.0779 1520  TDTCP - ok
10:08:46.0795 1520  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
10:08:46.0857 1520  tdx - ok
10:08:46.0873 1520  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:08:46.0889 1520  TermDD - ok
10:08:46.0904 1520  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\WINDOWS\system32\drivers\terminpt.sys
10:08:46.0935 1520  terminpt - ok
10:08:46.0967 1520  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:08:47.0045 1520  TermService - ok
10:08:47.0060 1520  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\WINDOWS\system32\themeservice.dll
10:08:47.0076 1520  Themes - ok
10:08:47.0107 1520  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
10:08:47.0138 1520  THREADORDER - ok
10:08:47.0138 1520  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
10:08:47.0201 1520  TrkWks - ok
10:08:47.0232 1520  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
10:08:47.0310 1520  TrustedInstaller - ok
10:08:47.0325 1520  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\WINDOWS\system32\DRIVERS\tssecsrv.sys
10:08:47.0357 1520  tssecsrv - ok
10:08:47.0388 1520  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
10:08:47.0419 1520  TsUsbFlt - ok
10:08:47.0419 1520  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\WINDOWS\system32\drivers\TsUsbGD.sys
10:08:47.0435 1520  TsUsbGD - ok
10:08:47.0450 1520  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
10:08:47.0466 1520  tsusbhub - ok
10:08:47.0497 1520  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
10:08:47.0544 1520  tunnel - ok
10:08:47.0559 1520  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
10:08:47.0591 1520  uagp35 - ok
10:08:47.0606 1520  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
10:08:47.0684 1520  udfs - ok
10:08:47.0700 1520  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
10:08:47.0731 1520  UI0Detect - ok
10:08:47.0747 1520  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
10:08:47.0762 1520  uliagpkx - ok
10:08:47.0778 1520  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\WINDOWS\system32\DRIVERS\umbus.sys
10:08:47.0809 1520  umbus - ok
10:08:47.0825 1520  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\WINDOWS\system32\drivers\umpass.sys
10:08:47.0840 1520  UmPass - ok
10:08:47.0856 1520  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
10:08:47.0887 1520  UmRdpService - ok
10:08:47.0903 1520  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:08:47.0965 1520  upnphost - ok
10:08:47.0996 1520  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\WINDOWS\system32\Drivers\usbaapl64.sys
10:08:48.0059 1520  USBAAPL64 - ok
10:08:48.0105 1520  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:08:48.0183 1520  usbccgp - ok
10:08:48.0199 1520  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\WINDOWS\system32\drivers\usbcir.sys
10:08:48.0230 1520  usbcir - ok
10:08:48.0246 1520  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\WINDOWS\system32\drivers\usbehci.sys
10:08:48.0293 1520  usbehci - ok
10:08:48.0324 1520  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:08:48.0371 1520  usbhub - ok
10:08:48.0386 1520  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\WINDOWS\system32\drivers\usbohci.sys
10:08:48.0402 1520  usbohci - ok
10:08:48.0417 1520  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:08:48.0449 1520  usbprint - ok
10:08:48.0480 1520  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:08:48.0495 1520  usbscan - ok
10:08:48.0511 1520  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:08:48.0573 1520  USBSTOR - ok
10:08:48.0605 1520  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\WINDOWS\system32\drivers\usbuhci.sys
10:08:48.0605 1520  usbuhci - ok
10:08:48.0651 1520  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
10:08:48.0667 1520  usbvideo - ok
10:08:48.0683 1520  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\WINDOWS\System32\uxsms.dll
10:08:48.0745 1520  UxSms - ok
10:08:48.0761 1520  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
10:08:48.0776 1520  VaultSvc - ok
10:08:48.0776 1520  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
10:08:48.0792 1520  vdrvroot - ok
10:08:48.0807 1520  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\WINDOWS\System32\vds.exe
10:08:48.0885 1520  vds - ok
10:08:48.0917 1520  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\WINDOWS\system32\DRIVERS\vgapnp.sys
10:08:48.0932 1520  vga - ok
10:08:48.0948 1520  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:08:48.0979 1520  VgaSave - ok
10:08:48.0995 1520  VGPU - ok
10:08:49.0010 1520  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\WINDOWS\system32\drivers\vhdmp.sys
10:08:49.0026 1520  vhdmp - ok
10:08:49.0041 1520  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
10:08:49.0057 1520  viaide - ok
10:08:49.0119 1520  [ F03AAF289687B13FA6331806EF99691E ] VmbService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
10:08:49.0166 1520  VmbService ( UnsignedFile.Multi.Generic ) - warning
10:08:49.0166 1520  VmbService - detected UnsignedFile.Multi.Generic (1)
10:08:49.0182 1520  [ 80E731A278695B47345D0171A19E428B ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
10:08:49.0197 1520  vmbus - ok
10:08:49.0213 1520  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\WINDOWS\system32\drivers\VMBusHID.sys
10:08:49.0229 1520  VMBusHID - ok
10:08:49.0244 1520  [ 1E4D31FEC921300C5F262C52F5FCC666 ] vodafone_K3805-z_dc_enum C:\WINDOWS\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
10:08:49.0275 1520  vodafone_K3805-z_dc_enum - ok
10:08:49.0307 1520  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
10:08:49.0322 1520  volmgr - ok
10:08:49.0338 1520  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
10:08:49.0385 1520  volmgrx - ok
10:08:49.0400 1520  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
10:08:49.0416 1520  volsnap - ok
10:08:49.0447 1520  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
10:08:49.0463 1520  vsmraid - ok
10:08:49.0525 1520  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\WINDOWS\system32\vssvc.exe
10:08:49.0665 1520  VSS - ok
10:08:49.0697 1520  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\WINDOWS\system32\DRIVERS\vwifibus.sys
10:08:49.0712 1520  vwifibus - ok
10:08:49.0728 1520  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
10:08:49.0775 1520  vwififlt - ok
10:08:49.0790 1520  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\WINDOWS\system32\w32time.dll
10:08:49.0837 1520  W32Time - ok
10:08:49.0853 1520  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\WINDOWS\system32\drivers\wacompen.sys
10:08:49.0884 1520  WacomPen - ok
10:08:49.0915 1520  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:08:49.0962 1520  WANARP - ok
10:08:49.0962 1520  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:08:49.0993 1520  Wanarpv6 - ok
10:08:50.0040 1520  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\WINDOWS\system32\wbengine.exe
10:08:50.0133 1520  wbengine - ok
10:08:50.0165 1520  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
10:08:50.0196 1520  WbioSrvc - ok
10:08:50.0196 1520  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
10:08:50.0243 1520  wcncsvc - ok
10:08:50.0243 1520  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
10:08:50.0336 1520  WcsPlugInService - ok
10:08:50.0367 1520  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\WINDOWS\system32\drivers\wd.sys
10:08:50.0367 1520  Wd - ok
10:08:50.0399 1520  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
10:08:50.0445 1520  Wdf01000 - ok
10:08:50.0477 1520  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
10:08:50.0570 1520  WdiServiceHost - ok
10:08:50.0570 1520  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
10:08:50.0601 1520  WdiSystemHost - ok
10:08:50.0617 1520  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:08:50.0664 1520  WebClient - ok
10:08:50.0664 1520  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
10:08:50.0726 1520  Wecsvc - ok
10:08:50.0757 1520  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
10:08:50.0835 1520  wercplsupport - ok
10:08:50.0835 1520  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
10:08:50.0882 1520  WerSvc - ok
10:08:50.0898 1520  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\WINDOWS\system32\DRIVERS\wfplwf.sys
10:08:50.0945 1520  WfpLwf - ok
10:08:50.0976 1520  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
10:08:50.0991 1520  WIMMount - ok
10:08:50.0991 1520  WinDefend - ok
10:08:51.0007 1520  WinHttpAutoProxySvc - ok
10:08:51.0054 1520  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:08:51.0101 1520  Winmgmt - ok
10:08:51.0132 1520  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
10:08:51.0210 1520  WinRM - ok
10:08:51.0257 1520  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:08:51.0319 1520  WinUsb - ok
10:08:51.0335 1520  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\WINDOWS\System32\wlansvc.dll
10:08:51.0428 1520  Wlansvc - ok
10:08:51.0444 1520  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:08:51.0459 1520  WmiAcpi - ok
10:08:51.0491 1520  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
10:08:51.0522 1520  wmiApSrv - ok
10:08:51.0537 1520  WMPNetworkSvc - ok
10:08:51.0584 1520  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
10:08:51.0631 1520  WPCSvc - ok
10:08:51.0647 1520  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
10:08:51.0678 1520  WPDBusEnum - ok
10:08:51.0678 1520  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
10:08:51.0709 1520  ws2ifsl - ok
10:08:51.0725 1520  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:08:51.0756 1520  wscsvc - ok
10:08:51.0756 1520  WSearch - ok
10:08:51.0818 1520  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
10:08:51.0974 1520  wuauserv - ok
10:08:52.0005 1520  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
10:08:52.0083 1520  WudfPf - ok
10:08:52.0115 1520  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
10:08:52.0146 1520  WUDFRd - ok
10:08:52.0161 1520  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
10:08:52.0193 1520  wudfsvc - ok
10:08:52.0224 1520  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
10:08:52.0255 1520  WwanSvc - ok
10:08:52.0271 1520  ================ Scan global ===============================
10:08:52.0302 1520  [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\system32\basesrv.dll
10:08:52.0333 1520  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
10:08:52.0349 1520  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\system32\winsrv.dll
10:08:52.0380 1520  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\system32\sxssrv.dll
10:08:52.0427 1520  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\system32\services.exe
10:08:52.0442 1520  [Global] - ok
10:08:52.0442 1520  ================ Scan MBR ==================================
10:08:52.0458 1520  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:08:52.0785 1520  \Device\Harddisk0\DR0 - ok
10:08:52.0785 1520  ================ Scan VBR ==================================
10:08:52.0785 1520  [ C5A88EBD37D41D54E6EDCB11A151D42B ] \Device\Harddisk0\DR0\Partition1
10:08:52.0785 1520  \Device\Harddisk0\DR0\Partition1 - ok
10:08:52.0817 1520  [ 1CA80E7814819108FBA82B465219D21F ] \Device\Harddisk0\DR0\Partition2
10:08:52.0817 1520  \Device\Harddisk0\DR0\Partition2 - ok
10:08:52.0817 1520  ============================================================
10:08:52.0817 1520  Scan finished
10:08:52.0817 1520  ============================================================
10:08:52.0848 1260  Detected object count: 8
10:08:52.0848 1260  Actual detected object count: 8
10:09:29.0010 1260  BMLoad ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0010 1260  BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0025 1260  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0025 1260  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0025 1260  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0025 1260  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0025 1260  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0025 1260  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0041 1260  tcpipBM ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0041 1260  tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
10:09:29.0041 1260  VmbService ( UnsignedFile.Multi.Generic ) - skipped by user
10:09:29.0041 1260  VmbService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 21.04.2013, 22:18   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



Eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 22.04.2013, 13:16   #15
Spargo
 
Probleme mit Yahoo Search - Standard

Probleme mit Yahoo Search



OTL:
Code:
ATTFilter
OTL logfile created on: 22.04.2013 14:05:07 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,88 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,03% Memory free
7,77 Gb Paging File | 5,86 Gb Available in Paging File | 75,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 157,18 Gb Free Space | 52,76% Space Free | Partition Type: NTFS
 
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\Spargo\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmop.exe (Bytemobile, Inc.)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\bmctl.exe (Bytemobile, Inc.)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FNCClient11#\3b21f0b55f7c0dc1fe2295613c3cb921\Interop.FNCClient11Lib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.UpdateMana#\692afb6aa3ecd0c71c9cea09c2eae2ed\Vodafone.UpdateManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Secon#\647443dc0f81de96a84d4d4db789cc42\Vodafone.View.SecondaryWindows.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Model.Conn#\153b2dd90af2ed145208944103101d65\Vodafone.Model.Connection.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Remot#\322749c2fbd26266ef8378513cf439bc\Vodafone.Core.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.INSTALLERCO#\f52d12a80cd22baf114cbe6c178ea653\Interop.INSTALLERCONTROLLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Inter#\0ff7b572ccc932b41cd2d1eb67045d6c\Vodafone.Base.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\5c2c61c4d70a6706e0f30164cddd614f\Vodafone.DeviceAccess.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\718d20210ed30f44294ecde6cfb04d0c\Vodafone.DeviceAccess.Factory.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\1f209a64bf52d5c7d663efb1475d31a9\Vodafone.DeviceAccess.Interfaces.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Vpn\66d2d8ce84bf89f049a02c499cc6b0f6\Vodafone.Vpn.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LanWlanMan#\f5e838d40617381b3ff924b9560e0227\Vodafone.LanWlanManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.VpnApiLib\db3ad96a4eabdaf8c6d3621dfbef2379\Interop.VpnApiLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Facto#\6d09b9bc2989a46f86e424de338fa4f7\Vodafone.Base.Factory.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.FCCOMINTDLL#\d22f87b0c2a72cb67b2171f9ae12c46c\Interop.FCCOMINTDLLLib.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.BusinessLo#\b470c0145f1efb6ad5c8b1e7bd7353bc\Vodafone.BusinessLogic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.CoreI#\d9dc106e80c04099dd52cfb025488934\Vodafone.Core.CoreInstanceProvider.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\9b9e089271e12f12629c6dd4c28a17ab\Vodafone.Contracts.Adapter.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.ReportingM#\81874d295af0a5acdf4439d1e993735a\Vodafone.ReportingManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Inter#\28e927aefa407437945e6d6148a5963b\Vodafone.Core.Interfaces.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.OutlookCon#\be99bfb6b672913329019aed5af2b438\Vodafone.OutlookConnector.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Spring.Core\4a69d3bfa1111bcd9328e15165ee78ad\Spring.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsContact#\9ed375fd93ec3ff0a11c3a03afb084ac\Vodafone.SmsContactManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Common.Logging\0c5008375abad2d7074f91953acd7158\Common.Logging.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Interop.Shell32\d65e3892ff3bfd90b6b37f7ef0c8761c\Interop.Shell32.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SmsProfile#\2e2f51624793d37af79fec4e31e9c526\Vodafone.SmsProfileManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.SettingsMa#\bac4366647500291fa77f70a8698625f\Vodafone.SettingsManager.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.InstancePr#\4fafee69e5ba2a98d6d46d2a52568595\Vodafone.InstanceProvider.Impl.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Shared\d1fd414ec0cc1054205b2288efca8a59\Vodafone.View.Shared.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DataAccess#\dd58c977bd687a25a3fca70f42823d64\Vodafone.DataAccessor.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.View.Manag#\301e862ff848c3bdb219d92a3f8bf0ab\Vodafone.View.ManagedToolTip.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.CommonDial#\cbb3dd676decfa4ea4c8ca2598f0ae95\Vodafone.CommonDialogs.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\f4ca72c3d9638d73b47c35ca730b0381\Infragistics2.Win.UltraWinEditors.v9.2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.M#\75298ac9b1442d682eb275e0af55c54a\Infragistics2.Win.Misc.v9.2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.v#\b100ea9c0606c9e1f265c1f610c3ca88\Infragistics2.Win.v9.2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Win.U#\1bd47dc0e94ca0b2e7834b697cef6d59\Infragistics2.Win.UltraWinToolbars.v9.2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Infragistics2.Share#\1ebe24369c92a181b263b1426fce18f2\Infragistics2.Shared.v9.2.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Core.Contr#\ea8f7363640229e960a5cc7d0af3cc74\Vodafone.Core.Contracts.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\637a9000e10f24056bad88a99b373ea3\Vodafone.Contracts.Presenter.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadbandReso#\cd1e0f2db302f54b64c5875162d30562\MobileBroadbandResources.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\6fbbdfb3476c03830778328858225e90\Vodafone.Contracts.Model.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\c02c2b70f0aa6a3ceaa2e5557f3d1a92\Vodafone.Contracts.View.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Contracts.#\d5b04b0f2d0202887ab8b07bb37aa876\Vodafone.Contracts.Common.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.DeviceAcce#\c41f6a7ab89af0ab36028b3e610e98b9\Vodafone.DeviceAccess.Contracts.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Applicatio#\ae16d1c2a67ad16252492f63f965d81a\Vodafone.ApplicationHost.Impl.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Mondrian\74ec52478cf6336c04c2b395cc4caa8e\Vodafone.Mondrian.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Win32\a86466fc2e5b4cf65a16796aa384788c\Vodafone.Base.Win32.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Common\21424d9809eade410fbb8d4e724e47ef\Vodafone.Common.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Base.Contr#\ab447bac91a20964705c797ddeb4fb6b\Vodafone.Base.Contracts.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.LogEngine\fea5d71bb858ce110259395035feec8c\Vodafone.LogEngine.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.MobileBroa#\f0410779d3c0333eebdebbbd10de4392\Vodafone.MobileBroadband.CallbackHandler.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Platform\289aa77ce94eec188a3b17ddc16caf1e\Vodafone.Platform.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Vodafone.Data\fc5a7f356272e75ec53c6a707911d6b9\Vodafone.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\MobileBroadband\7afe76097b2a183db950a44b4e710d5c\MobileBroadband.ni.exe ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d908c91e24616e6b8d38c9da61038b25\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\3abd733e8fa28fafbfc99458fdf691da\System.Security.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\Vodafone.View.Taskbar.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\rdiff.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll ()
MOD - C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (O2FLASH) -- C:\Windows\SysNative\drivers\o2flash.exe (O2Micro International)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (SwiCardDetectSvc) -- C:\Program Files (x86)\Sierra Wireless Inc\Common\SwiCardDetect64.exe (Sierra Wireless, Inc.)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (CcmExec) -- C:\Windows\SysWOW64\CCM\CcmExec.exe (Microsoft Corporation)
SRV - (smstsmgr) -- C:\Windows\SysWOW64\CCM\TSManager.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (GTUQBUS) -- C:\Windows\SysNative\drivers\gtuqbus.sys (Option N.V.)
DRV:64bit: - (GTPTSER) -- C:\Windows\SysNative\drivers\gtptser.sys (Option N.V.)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (cvusbdrv) -- C:\Windows\SysNative\drivers\cvusbdrv.sys (Broadcom Corporation)
DRV:64bit: - (tcm) -- C:\Windows\SysNative\drivers\tcm.sys ()
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (ecnssndisfltr) -- C:\Windows\SysNative\drivers\wwussf64.sys (Ericsson AB)
DRV:64bit: - (ecnssndis) -- C:\Windows\SysNative\drivers\wwuss64.sys (Ericsson AB)
DRV:64bit: - (Mbm3DevMt) -- C:\Windows\SysNative\drivers\Mbm3DevMt.sys (MCCI Corporation)
DRV:64bit: - (Mbm3CBus) -- C:\Windows\SysNative\drivers\Mbm3CBus.sys (MCCI Corporation)
DRV:64bit: - (nwdelserial) -- C:\Windows\SysNative\drivers\nwdelserial.sys (Novatel Wireless Inc.)
DRV:64bit: - (d554gps) -- C:\Windows\SysNative\drivers\d554gps64.sys (Ericsson AB)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (nwdelgobi3kfilter) -- C:\Windows\SysNative\drivers\nwdelgobi3kfilter.sys (Novatel Wireless Inc)
DRV:64bit: - (O2SDJRDR) -- C:\Windows\SysNative\drivers\o2sdjw7x64.sys (O2Micro )
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (O2MDRRDR) -- C:\Windows\SysNative\drivers\O2MDRw7x64.sys (O2Micro )
DRV:64bit: - (O2MDFRDR) -- C:\Windows\SysNative\drivers\o2mdfw7x64.sys (O2Micro )
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (NEOFLTR_700_16899) -- C:\Windows\SysNative\drivers\NEOFLTR_700_16899.SYS (Juniper Networks)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (prepdrvr) -- C:\Windows\SysWOW64\CCM\PrepDrv.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 36 34 B6 3F 08 CE 01  [binary data]
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes,DefaultScope = {E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0470BEF3-D195-401A-969D-99698EE0C86D}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}: "URL" = hxxp://de.search.yahoo.com/search/?p={searchTerms}&fr=vc_trans_de_8197&type=ds2se&d
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\..\SearchScopes\{E82A0F06-3219-42A2-8B1B-C1E83D6DBAED}: "URL" = hxxp://www.google.com/search?q={searchTerms}&amp;sourceid=ie7&amp;rls=com.microsoft:{language}:{referrer:source}&amp;ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7BB0D70E72-2FC1-4b9f-A3D4-5921C854D906%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: ff-bmboc%40bytemobile.com:4.3.2
FF - prefs.js..extensions.enabledAddons: dnshelp%40dnshelp.com:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B888d99e7-e8b5-46a3-851e-1ec45da1e644%7D:17.0.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.14
FF - prefs.js..extensions.enabledItems: ff-bmboc@bytemobile.com:4.3.2
FF - prefs.js..extensions.enabledItems: dnshelp@dnshelp.com:1.0.0
FF - prefs.js..extensions.enabledItems: {B0D70E72-2FC1-4b9f-A3D4-5921C854D906}:1.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3
FF - prefs.js..keyword.enabled: false
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\ [2013.02.12 17:38:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\dnshelp@dnshelp.com: C:\Users\Spargo\AppData\Roaming\Helper [2013.02.17 17:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 15:23:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.24 21:13:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.03.11 23:21:47 | 000,000,000 | ---D | M]
 
[2013.03.20 00:20:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Extensions
[2013.04.17 17:05:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions
[2013.03.20 00:20:37 | 000,000,000 | ---D | M] ("Biet-O-Matic Firefox Erweiterung") -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{B0D70E72-2FC1-4b9f-A3D4-5921C854D906}
[2013.02.23 09:16:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.04.06 20:41:10 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Spargo\AppData\Roaming\mozilla\Firefox\Profiles\9qll3d9s.default\extensions\ich@maltegoetz.de
[2013.04.15 20:31:55 | 000,030,502 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi
[2013.03.25 17:48:34 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.17 09:42:44 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013.02.17 17:47:08 | 000,002,080 | ---- | M] () -- C:\Users\Spargo\AppData\Roaming\mozilla\firefox\profiles\9qll3d9s.default\searchplugins\162914d9-19a2-4f6d-89d4-1c462fa1c5a7.xml
[2013.03.20 00:29:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.12 17:38:42 | 000,000,000 | ---D | M] (Bytemobile Optimization Client) -- C:\PROGRAM FILES (X86)\VODAFONE\VODAFONE MOBILE BROADBAND\OPTIMIZATION CLIENT\ADDON
[2013.02.17 17:47:08 | 000,000,000 | ---D | M] (Helper) -- C:\USERS\Spargo\APPDATA\ROAMING\HELPER
[2013.04.15 15:23:23 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.15 15:23:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.15 15:23:13 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.15 15:23:13 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.15 15:23:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.15 15:23:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.15 15:23:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Spargo\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java(TM) Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Spargo\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\WINDOWS\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
 
O1 HOSTS File: ([2013.03.21 22:13:11 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DNS Error Helper) - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313..\Run: [iDevice Manager Launcher] "C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe" /run File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = c1-group.dom
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{089B01F7-BD28-4E94-B1B2-F71A221D104B}: NameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4041F258-562D-4870-82A8-A97F9126C551}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45B8DB33-E4F3-4212-BC9F-015072DC6FB8}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCD2F28D-BCFE-4A7D-8384-538E4AB24A3B}: DhcpNameServer = 192.168.108.10 192.168.110.5
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.20 21:05:24 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Spargo\Desktop\tdsskiller.exe
[2013.04.20 20:46:08 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Spargo\Desktop\aswMBR.exe
[2013.04.20 20:30:50 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Desktop\mbar
[2013.04.20 12:54:53 | 000,000,000 | ---D | C] -- C:\JRT
[2013.04.20 12:54:37 | 000,552,158 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe
[2013.04.18 18:44:24 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.17 13:53:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe
[2013.04.17 11:02:13 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Malwarebytes
[2013.04.17 00:15:52 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\gnupg
[2013.04.16 07:47:40 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Vodafone Mobile Broadband
[2013.04.15 23:00:32 | 000,963,488 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll
[2013.04.15 23:00:31 | 001,085,344 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll
[2013.04.15 23:00:31 | 000,310,688 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013.04.15 23:00:26 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013.04.15 23:00:26 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013.04.15 23:00:26 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013.04.15 23:00:15 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.04.13 11:19:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.12 20:21:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPlayer for Windows
[2013.04.12 20:21:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPlayer for Windows
[2013.04.12 20:16:07 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Documents\GomPlayer
[2013.04.12 20:12:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
[2013.04.12 20:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG SafeGuard toolbar
[2013.04.12 20:11:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.04.12 20:11:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\GRETECH
[2013.04.12 20:11:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaJoin
[2013.04.07 10:10:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MediaJoin
[2013.04.07 10:10:01 | 000,000,000 | ---D | C] -- C:\Users\Spargo\Application Data
[2013.04.05 22:07:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.04.05 22:07:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.29 18:46:04 | 000,020,488 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\WINDOWS\SysNative\roboot64.exe
[2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\Google
[2013.03.29 18:45:06 | 000,000,000 | ---D | C] -- C:\ProgramData\BrrOwwsie2save
[2013.03.29 18:38:56 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\WindSolutions
[2013.03.29 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\WindSolutions
[2013.03.29 16:07:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Skype
[2013.03.29 16:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.03.29 16:07:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.03.29 16:07:34 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.03.29 16:07:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013.03.29 15:47:39 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Local\FreePDF_XP
[2013.03.29 15:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
[2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP
[2013.03.29 15:45:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF
[2013.03.29 15:45:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
[2013.03.29 15:44:59 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[2013.03.27 15:24:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SAP
[2013.03.24 21:02:37 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013.03.24 21:02:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013.03.24 21:02:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013.03.24 20:56:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.03.24 19:16:18 | 000,000,000 | ---D | C] -- C:\Users\Spargo\AppData\Roaming\Notepad++
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.22 13:59:14 | 000,000,392 | ---- | M] () -- C:\WINDOWS\SMSCFG.INI
[2013.04.22 13:58:36 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.22 13:58:15 | 3127,652,352 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.22 13:53:00 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job
[2013.04.22 07:34:26 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.22 07:34:26 | 000,019,104 | -H-- | M] () -- C:\WINDOWS\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.20 21:06:52 | 463,049,403 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013.04.20 21:05:41 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Spargo\Desktop\tdsskiller.exe
[2013.04.20 21:00:56 | 000,000,512 | ---- | M] () -- C:\Users\Spargo\Desktop\MBR.dat
[2013.04.20 20:47:31 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Spargo\Desktop\aswMBR.exe
[2013.04.20 20:30:26 | 012,917,756 | ---- | M] () -- C:\Users\Spargo\Desktop\mbar-1.05.0.1001.zip
[2013.04.20 20:19:20 | 000,613,083 | ---- | M] () -- C:\Users\Spargo\Desktop\adwcleaner.exe
[2013.04.20 18:53:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job
[2013.04.20 12:54:45 | 000,552,158 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Spargo\Desktop\JRT.exe
[2013.04.17 13:53:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Spargo\Desktop\OTL.exe
[2013.04.15 23:00:19 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2013.04.15 23:00:18 | 000,310,688 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaws.exe
[2013.04.15 23:00:18 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\javaw.exe
[2013.04.15 23:00:17 | 001,085,344 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\npDeployJava1.dll
[2013.04.15 23:00:17 | 000,963,488 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\deployJava1.dll
[2013.04.15 23:00:17 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\java.exe
[2013.04.11 07:01:14 | 001,624,476 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2013.04.11 07:01:14 | 000,700,978 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2013.04.11 07:01:14 | 000,655,970 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2013.04.11 07:01:14 | 000,149,878 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2013.04.11 07:01:14 | 000,122,656 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2013.04.07 10:10:22 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\MediaJoin.lnk
[2013.03.29 17:26:28 | 000,009,644 | ---- | M] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel
[2013.03.29 15:37:08 | 000,000,214 | ---- | M] () -- C:\WINDOWS\SysWow64\~.inf
[2013.03.27 15:25:01 | 000,001,063 | ---- | M] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk
[2013.03.25 19:19:55 | 000,002,209 | ---- | M] () -- C:\Users\Spargo\Desktop\RKA² C1 Group.lnk
[2013.03.24 21:02:30 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2013.03.24 21:02:28 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\npDeployJava1.dll
[2013.03.24 21:02:28 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaws.exe
[2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\javaw.exe
[2013.03.24 21:02:28 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\java.exe
[2013.03.24 21:02:27 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\deployJava1.dll
[1 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.20 21:00:56 | 000,000,512 | ---- | C] () -- C:\Users\Spargo\Desktop\MBR.dat
[2013.04.20 20:29:01 | 012,917,756 | ---- | C] () -- C:\Users\Spargo\Desktop\mbar-1.05.0.1001.zip
[2013.04.20 20:19:08 | 000,613,083 | ---- | C] () -- C:\Users\Spargo\Desktop\adwcleaner.exe
[2013.04.18 18:43:24 | 000,001,124 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313UA.job
[2013.04.18 18:43:23 | 000,001,072 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1340066755-4267106955-896122945-1313Core.job
[2013.04.14 15:28:56 | 463,049,403 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2013.04.07 10:10:22 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\MediaJoin.lnk
[2013.03.29 17:26:28 | 000,009,644 | ---- | C] () -- C:\Users\Spargo\AppData\Local\recently-used.xbel
[2013.03.29 15:45:51 | 000,087,040 | ---- | C] () -- C:\WINDOWS\SysNative\redmonnt.dll
[2013.03.29 15:45:51 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysNative\unredmon.exe
[2013.03.29 15:33:27 | 000,000,214 | ---- | C] () -- C:\WINDOWS\SysWow64\~.inf
[2013.03.27 15:25:01 | 000,001,075 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetWeaver Business Client 4.0.lnk
[2013.03.27 15:25:01 | 000,001,063 | ---- | C] () -- C:\Users\Public\Desktop\NetWeaver Business Client 4.0.lnk
[2013.03.24 21:13:14 | 000,001,148 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.03.11 23:10:30 | 000,239,021 | ---- | C] () -- C:\WINDOWS\hpwins26.dat
[2013.02.14 17:23:16 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.02.12 01:01:37 | 000,024,645 | ---- | C] () -- C:\WINDOWS\saplogon.ini
[2013.02.11 12:43:29 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.02.11 11:37:46 | 000,175,616 | ---- | C] () -- C:\WINDOWS\SysWow64\h5menu32.dll
[2013.02.11 11:37:46 | 000,095,744 | ---- | C] () -- C:\WINDOWS\SysWow64\h5rtf32.dll
[2013.02.11 11:37:46 | 000,051,200 | ---- | C] () -- C:\WINDOWS\SysWow64\h5tool32.dll
[2013.02.11 11:37:45 | 001,064,960 | ---- | C] () -- C:\WINDOWS\SysWow64\h5krnl32.dll
[2013.02.11 11:37:45 | 000,188,928 | ---- | C] () -- C:\WINDOWS\SysWow64\h5icon32.dll
[2013.02.11 11:25:21 | 000,029,824 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.02.11 11:12:32 | 000,023,116 | ---- | C] () -- C:\WINDOWS\SysWow64\CcmFramework.ini
[2012.09.03 18:52:19 | 000,963,116 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng600.bin
[2012.09.03 18:51:55 | 000,218,304 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg600m.bin
[2012.09.03 18:51:14 | 000,056,832 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2012.09.03 18:50:14 | 000,145,804 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng600.bin
[2012.09.03 18:49:22 | 013,906,944 | ---- | C] () -- C:\WINDOWS\SysWow64\ig4icd32.dll
[2012.04.20 18:43:54 | 000,286,680 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
Extra:
Code:
ATTFilter
OTL Extras logfile created on: 22.04.2013 14:05:07 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Spargo\Desktop
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,88 Gb Total Physical Memory | 2,22 Gb Available Physical Memory | 57,03% Memory free
7,77 Gb Paging File | 5,86 Gb Available in Paging File | 75,41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,89 Gb Total Space | 157,18 Gb Free Space | 52,76% Space Free | Partition Type: NTFS
 
Computer Name: CIGHHNBK166 | User Name: Spargo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with FastStone] -- "C:\Program Files (x86)\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
"PolicyVersion" = 522
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = 192.168.110.100
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\FirewallRules]
"WMI-ASYNC-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@FirewallAPI.dll,-34256|Desc=@FirewallAPI.dll,-34257|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-WINMGMT-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=%SystemRoot%\system32\svchost.exe|Svc=winmgmt|Name=@FirewallAPI.dll,-34254|Desc=@FirewallAPI.dll,-34255|EmbedCtxt=@FirewallAPI.dll,-34251|
"WMI-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@FirewallAPI.dll,-34252|Desc=@FirewallAPI.dll,-34253|EmbedCtxt=@FirewallAPI.dll,-34251|
"RemoteSvcAdmin-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|App=%SystemRoot%\system32\svchost.exe|Svc=RPCSS|Name=@FirewallAPI.dll,-29515|Desc=@FirewallAPI.dll,-29518|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-NP-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-29507|Desc=@FirewallAPI.dll,-29510|EmbedCtxt=@FirewallAPI.dll,-29502|
"RemoteSvcAdmin-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\services.exe|Name=@FirewallAPI.dll,-29503|Desc=@FirewallAPI.dll,-29506|EmbedCtxt=@FirewallAPI.dll,-29502|
"FPS-LLMNR-In-UDP" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5355|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@FirewallAPI.dll,-28548|Desc=@FirewallAPI.dll,-28549|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP6-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|ICMP6=128:*|Name=@FirewallAPI.dll,-28545|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-ICMP4-ERQ-In-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=1|Profile=Domain|ICMP4=8:*|Name=@FirewallAPI.dll,-28543|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-RPCSS-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC-EPMap|Svc=Rpcss|Name=@FirewallAPI.dll,-28539|Desc=@FirewallAPI.dll,-28542|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SpoolSvc-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=RPC|App=%SystemRoot%\system32\spoolsv.exe|Svc=Spooler|Name=@FirewallAPI.dll,-28535|Desc=@FirewallAPI.dll,-28538|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Datagram-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=138|App=System|Name=@FirewallAPI.dll,-28527|Desc=@FirewallAPI.dll,-28530|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Name-In-UDP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|LPort=137|App=System|Name=@FirewallAPI.dll,-28519|Desc=@FirewallAPI.dll,-28522|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-SMB-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=445|App=System|Name=@FirewallAPI.dll,-28511|Desc=@FirewallAPI.dll,-28514|EmbedCtxt=@FirewallAPI.dll,-28502|
"FPS-NB_Session-In-TCP-NoScope" = v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|LPort=139|App=System|Name=@FirewallAPI.dll,-28503|Desc=@FirewallAPI.dll,-28506|EmbedCtxt=@FirewallAPI.dll,-28502|
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20408570-75E1-47ED-B7EF-E6222D44698B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02683DBA-B965-400D-88F5-A822D3ED04F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{0594BED9-718F-4A4F-9F75-2C2F32E408F3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{05ED3405-0DBD-448B-A569-0D102BF2B961}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{091AEB78-1FA7-4008-8417-88D88BFE2BE1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{165A3863-FE6C-4D95-A028-E93BE3A26218}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{1D14EEEE-7151-4FB0-8869-E78D5FEE5079}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{2069E3EB-9BF6-4B95-80CB-DC4320C754D8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{3B6833AE-870C-4546-8A8A-F0F21CA469C3}" = protocol=17 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{45D07E25-1C1D-4915-83B7-7F2E3D2F1760}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{4BA0F375-F61C-4D7A-9F39-4B6C8CF87747}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{5126E153-C927-4B8C-A100-4607C7E6228E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{58B68113-70D2-4024-8E9B-EC82BAF54756}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{63C877C9-A1D6-46B3-AD9A-C414C588C286}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{63CB5D04-632A-4CA3-8982-154E8B717B17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{66163320-4486-4DCB-8324-8E4CA9BBA802}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{66F50025-BF85-43B3-96FC-1375E5A0B8DE}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{6F2A416E-B896-45F4-8AAC-538BE12B9DCB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{7FAE411F-85A3-46C4-895B-0F4DF82E14FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{80BFE729-0616-4DF1-A6CA-9C30598C38B3}" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"{839A87F1-496B-41E7-9A5E-39661032C538}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{884765F8-3DCE-456F-A4C4-D8D92AE4D75D}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{943CD4EE-5B0C-4221-938E-943233DE2D6B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{9613F50A-D928-476A-9985-36C663062F27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{979B92B1-500B-409E-B62A-F6A73A5E322F}" = protocol=6 | dir=in | app=c:\program files (x86)\software4u\idevice manager\software4u.idevicemanager.exe | 
"{99ECF810-8F99-4349-B3E6-50457C589ADB}" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"{9C5A2205-301F-4ACE-A05B-2BC1EAA8C936}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{ADF99605-800F-41E7-8D1C-288E5D36EC77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{B6B36481-5365-4807-B086-87CAE86F5A6A}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{C0A67A3C-94CD-45A8-9445-7FD7C397570F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{C2ADB7B6-CD6A-43AD-B6B0-CDD3DDA8655F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{C78F320F-4B35-4139-AFF9-EBDFB83C3231}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{CC8D03B4-945F-4F64-B65D-1C72F69C8186}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{D1EDB923-4EBC-4426-BA3E-83BBEA81ED84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{D7FE8339-FD6A-47FC-AC0A-34D4981E67DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{E45FB759-4B85-4B2F-BB2F-B7DD4BFF5070}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"TCP Query User{13984FA3-4E1C-4C01-AFE6-36380FE58811}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{4140FB21-5CD0-450B-9E90-DB0A49B09E7A}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{B6E8B19A-D286-4ED7-A0B3-14EB8126F3C6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{FBA52E8E-4DF6-4821-8417-072390ACE976}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{189B5BDD-AC05-49AC-82BF-687AEFD80344}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{22B82929-56F3-468A-802D-788E33378D3E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{628959E7-0503-4035-B77B-75B724D434C8}C:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\Spargo\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{BEF50D4F-3FF5-43F4-8502-EB33ECE00E71}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0DB0EA38-E806-44ED-A892-489F2E305080}" = Dell System Manager
"{0E0818E4-C87B-4211-9791-E958BD34B96C}" = Microsoft Forefront Endpoint Protection 2010 Server Management
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417017FF}" = Java 7 Update 17 (64-bit)
"{421976B6-DEC6-4CA5-941F-F0663B3A2B74}" = Adobe Flash Player 11 ActiveX (x64)
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{A5ECFFBA-B6FD-45A5-879D-0B0DE7FF8F4B}" = O&O SafeErase Professional
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.4
"GPL Ghostscript 9.04" = GPL Ghostscript
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Forefront Endpoint Protection
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{232FDC0C-12DE-41F2-9701-27EFCA18BEF9}" = MediaJoin
"{2385C070-EC26-4AB9-8718-E605C977C0ED}" = Microsoft redistributable runtime DLLs VS2010 SP1 (x86)
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min
"{2890E324-6F3B-4975-8B95-E7D6D80E0226}" = Nero Burning ROM Help (CHM)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}" = Nero BurningROM 12
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44D66AD9-AE19-4AFD-BE7E-A1B44C856697}" = MSXML4.0 redistributable
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5963F4B4-D138-47CD-ADEF-470E87E185BD}" = Nero Burning ROM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E9CB04E7-E221-45BE-90BD-7444B8F65F01}" = 
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{903B0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Project Professional 2003
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{97D341C8-B0D1-4E4A-A49A-C30B52F168E9}" = MPlayer für Windows
"{98AA657D-9790-4454-9DB2-E8ED0EF8C571}" = Configuration Manager Client
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AnyDVD" = AnyDVD
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"DiskAid_is1" = DiskAid 5.45
"ESET Online Scanner" = ESET Online Scanner v3
"FastStone Image Viewer" = FastStone Image Viewer 4.7
"FE5AE7DC-7B01-4263-A94C-B4526C276550_is1" = iDevice Manager
"FreePDF_XP" = FreePDF (Remove only)
"GOM Player" = GOM Player
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"MediaJoin" = MediaJoin
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"Neoteris_Secure_Application_Manager" = Juniper Networks Secure Application Manager
"Notepad++" = Notepad++
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"SAP_NWBC40" = SAP Netweaver Business Client 4.0
"SAPGUI710" = SAP GUI for Windows 7.20
"Undelete 360_is1" = Undelete 360
"VLC media player" = VLC media player 2.0.5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1340066755-4267106955-896122945-1313\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Juniper_Setup_Client" = Juniper Networks Setup Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 20.04.2013 17:43:10 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,
 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,
 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften
 Prozesses: 0x1370  Startzeit der fehlerhaften Anwendung: 0x01ce3e0fc5d87d68  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad 
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 4b4f92ea-aa03-11e2-9d3e-d0df9a41bea3
 
Error - 20.04.2013 17:44:43 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.04.2013 03:31:59 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.04.2013 13:55:58 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description = 
 
Error - 21.04.2013 18:19:34 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 21.04.2013 18:20:39 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Fehler in Manifest- 
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST"
 in Zeile  3.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
 angeforderten Komponente überein.  Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition:
 SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".  Verwenden Sie das
 Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 21.04.2013 18:30:38 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 21.04.2013 18:30:54 | Computer Name = CIGHHNBK166.c1-group.dom | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\Nero\Nero 12\nero burning rom\NeroCmd.exe.Manifest". Fehler in Manifest- 
oder Richtliniendatei "c:\program files (x86)\Nero\Nero 12\nero burning rom\SMC\SMC.MANIFEST"
 in Zeile  3.  Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der
 angeforderten Komponente überein.  Verweis: SMC,processorArchitecture="x86",type="win32",version="8.2.0.0".
Definition:
 SMC,processorArchitecture="x86",type="win32",version="12.0.0.0".  Verwenden Sie das
 Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 22.04.2013 01:06:55 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description = 
 
Error - 22.04.2013 07:58:55 | Computer Name = CIGHHNBK166.c1-group.dom | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 22.04.2013 01:06:47 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender 
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
 eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
 die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde 
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere 
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
 
Error - 22.04.2013 01:07:05 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 22.04.2013 01:07:28 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10016
Description = 
 
Error - 22.04.2013 01:52:51 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender 
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
 eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
 die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde 
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere 
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
 
Error - 22.04.2013 06:20:48 | Computer Name = CIGHHNBK166.c1-group.dom | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem  Domänencontroller
 in der Domäne C1-GROUP aufgrund der folgenden  Ursache nicht einrichten:   %%1311    Dies
 kann zu Authentifizierungsproblemen führen. Stellen  Sie sicher, dass der Computer
 mit dem Netzwerk verbunden ist.  Wenden Sie sich an den Domänenadministrator, wenn
 das Problem  weiterhin besteht.        ZUSÄTZLICHE INFORMATIONEN    Wenn dieser Computer ein 
Domänencontroller der bestimmten  Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator
 in der bestimmten Domäne eingerichtet.  Andernfalls richtet dieser Computer eine 
sichere Sitzung zu  einem beliebigen Domänencontroller in der bestimmten Domäne ein.
 
Error - 22.04.2013 07:58:38 | Computer Name = CIGHHNBK166.c1-group.dom | Source = NETLOGON | ID = 5719
Description = Der Computer konnte eine sichere Sitzung mit einem  Domänencontroller
 in der Domäne C1-GROUP aufgrund der folgenden  Ursache nicht einrichten:   %%1311    Dies
 kann zu Authentifizierungsproblemen führen. Stellen  Sie sicher, dass der Computer
 mit dem Netzwerk verbunden ist.  Wenden Sie sich an den Domänenadministrator, wenn
 das Problem  weiterhin besteht.        ZUSÄTZLICHE INFORMATIONEN    Wenn dieser Computer ein 
Domänencontroller der bestimmten  Domäne ist, wird eine sichere Sitzung zum primären
Domänencontrolleremulator
 in der bestimmten Domäne eingerichtet.  Andernfalls richtet dieser Computer eine 
sichere Sitzung zu  einem beliebigen Domänencontroller in der bestimmten Domäne ein.
 
Error - 22.04.2013 07:58:43 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender 
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
 eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
 die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde 
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere 
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
 
Error - 22.04.2013 07:58:44 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft-Windows-GroupPolicy | ID = 1129
Description = Bei der Verarbeitung der Gruppenrichtlinie ist aufgrund fehlender 
Netzwerkkonnektivität mit einem Domänencontroller ein Fehler aufgetreten. Dies kann
 eine vorübergehende Bedingung sein. Es wird eine Erfolgsmeldung generiert, wenn
 die Verbindung des Computers mit dem Domänencontroller wiederhergestellt wurde 
und wenn die Gruppenrichtlinie erfolgreich verarbeitet wurde. Falls für mehrere 
Stunden keine Erfolgsmeldung angezeigt wird, wenden Sie sich an den Administrator.
 
Error - 22.04.2013 07:59:01 | Computer Name = CIGHHNBK166.c1-group.dom | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion.     Funktion: %%835     Fehlercode: 
0x80004005     Fehlerbeschreibung: Unbekannter Fehler      Ursache: %%842
 
Error - 22.04.2013 07:59:22 | Computer Name = CIGHHNBK166.c1-group.dom | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
         

Antwort

Themen zu Probleme mit Yahoo Search
adresszeile, deaktivierung, firefox, immer wieder, irgendetwas, klasse, kleines, korrekte, könntet, logfiles, probleme, search, search nu, suche, surfe, surfen, tagen, yahoo, yahoo search



Ähnliche Themen: Probleme mit Yahoo Search


  1. Wiederkehrendes Problem mit Us.yhs4.search.yahoo.com - Facebook & itunes-Konten wegen Zugriff gesperrt
    Log-Analyse und Auswertung - 23.11.2015 (25)
  2. Search.yahoo.com redirect entfernen
    Anleitungen, FAQs & Links - 14.11.2015 (2)
  3. Plötzliches Yahoo-search Fenster
    Plagegeister aller Art und deren Bekämpfung - 05.09.2015 (9)
  4. Yahoo-Search, neuer Tab und weitere Nervtöter-.-
    Plagegeister aller Art und deren Bekämpfung - 09.06.2015 (3)
  5. Us.yhs4.search.yahoo.com entfernen
    Anleitungen, FAQs & Links - 17.02.2015 (2)
  6. Auch Probleme mit Yahoo Mails
    Plagegeister aller Art und deren Bekämpfung - 08.09.2014 (18)
  7. de.yhs4.search.yahoo.com
    Plagegeister aller Art und deren Bekämpfung - 26.08.2014 (27)
  8. Firefox leitet auf Yahoo Search um
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (12)
  9. Spigot-Infektion des Browsers (Startseite: http://ch.search.yahoo.com/?type=198484&fr=spigot-yhp-ie)
    Log-Analyse und Auswertung - 29.03.2014 (15)
  10. "InstallX Search Protect for Yahoo" entfernen
    Anleitungen, FAQs & Links - 13.02.2014 (2)
  11. Yahoo als Virenschleuder: Yahoo.com griff europäische Besucher an
    Nachrichten - 06.01.2014 (0)
  12. ungewollte Spigot Yahoo search Startseite
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (21)
  13. BatBrowse, Yahoo Toolbar und Amazon Search
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (9)
  14. Problem: http://de.search.yahoo.com/web?fr=vc_trans_de_8197&type=dsnt
    Log-Analyse und Auswertung - 07.05.2013 (1)
  15. Immer wieder Umleitung auf Yahoo-Search - Trojaner/Virus?
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (10)
  16. Hat Yahoo momentan Performance-Probleme?
    Überwachung, Datenschutz und Spam - 19.05.2012 (1)
  17. Yahoo Search Redirect Virus
    Plagegeister aller Art und deren Bekämpfung - 22.05.2011 (8)

Zum Thema Probleme mit Yahoo Search - Hallo, so wie es aussieht habe ich schon wieder ein kleines Problem. Seit ein paar Tagen lande ich beim surfen immer wieder in der yahoo search obwohl ich in der - Probleme mit Yahoo Search...
Archiv
Du betrachtest: Probleme mit Yahoo Search auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.