| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Problem mit wssetup Perion NetworkWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
13.06.2013, 23:19
| #1 |
 |  Problem mit wssetup Perion Network Hallo und guten Morgen, seit ca. 3 Wochen bekomme ich beim Start die Meldung das wssetup.exe installiert werden will. Habe das bisher immer abgelehnt aber es nervt langsam. Wie kann ich das beheben? Ich habe im Voraus schon OTL laufen lassen und hier sind die logs: OTL.txt: Code:
ATTFilter OTL logfile created on: 13.06.2013 23:54:40 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free 5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: THESEUS | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.) PRC - C:\Programme\Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Firefox\plugin-container.exe (Mozilla Corporation) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.) PRC - C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) PRC - C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) PRC - C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\Platform\Core\mchost.exe (McAfee, Inc.) PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) PRC - C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) PRC - C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\System32\CNAC4RPK.EXE (CANON INC.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll () MOD - C:\Programme\Notepad++\NppShell_04.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe () SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (RealNetworks Downloader Resolver Service) -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.) SRV - (UMVPFSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (MOBKbackup) -- C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.) DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.) DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (SSHDRV76) -- C:\Windows\System32\drivers\SSHDRV76.sys () DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek) DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek) DRV - (SaiK0836) -- C:\Windows\System32\drivers\SaiK0836.sys (Saitek) DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.) DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 A3 5C FE C0 F0 CD 01 [binary data] IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes,DefaultScope = {080BC3F9-B303-4217-B7B2-8CC17CBA9240} IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{080BC3F9-B303-4217-B7B2-8CC17CBA9240}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms} IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{AFC2003D-6F44-4DA5-AEF4-38FAEA91689D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=98A16DE5-141B-48BC-89B8-A39D7A795CB9&apn_sauid=A0AA8B91-DF02-4285-B272-8E5D67203863 IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Sichere Suche" FF - prefs.js..browser.search.order.1: "Sichere Suche" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "www.t-online.de" FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.06.07 23:24:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.29 00:55:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012.12.29 00:55:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.04 22:28:10 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2011.11.15 00:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.05.09 15:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dfmor2bm.default\extensions [2013.05.09 15:55:22 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.02.23 19:46:57 | 000,002,403 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\askcom.xml [2012.10.29 22:26:10 | 000,003,915 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\sweetim.xml [2013.06.07 23:24:44 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek) O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.17.2) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A527C9-A78F-4CF0-9884-A3362E5E6AB1}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1813C5F-D8CB-4CC3-9C8D-C30889154739}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.12.14 21:25:31 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.12.14 21:25:32 | 000,345,896 | R--- | M] (Valve Corporation) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.13 23:23:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.13 23:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2013.06.12 23:03:09 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.06.12 23:03:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.12 22:56:17 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.06.12 22:56:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.06.12 22:56:16 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.06.12 22:56:15 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.06.12 22:56:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.06.12 22:56:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.06.12 22:56:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.06.12 22:56:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.06.12 22:55:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll [2013.06.12 22:54:39 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe [2013.06.12 22:54:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll [2013.06.12 22:54:18 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.06.12 22:54:18 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.06.12 22:54:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.06.08 00:53:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Unity [2013.06.07 23:44:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Unity [2013.05.18 23:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Firefox [2013.05.15 20:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.13 23:45:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.13 23:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.06.13 23:14:03 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk [2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 22:58:28 | 000,697,082 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.06.13 22:58:28 | 000,652,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.06.13 22:58:28 | 000,148,346 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.06.13 22:58:28 | 000,121,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.06.13 22:51:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.13 22:51:36 | 2389,991,424 | -HS- | M] () -- C:\hiberfil.sys [2013.06.12 00:45:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.06.12 00:45:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.06.08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.06.02 23:19:34 | 003,971,347 | ---- | M] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf [2013.05.17 03:26:04 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.05.17 03:25:33 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.17 03:25:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.17 03:25:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.05.15 20:23:22 | 000,327,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.12 00:02:21 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2013.06.02 23:19:33 | 003,971,347 | ---- | C] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf [2013.01.10 21:50:45 | 000,010,495 | ---- | C] () -- C:\Users\***\MPLATHE_elster_2048.pfx [2012.07.01 10:59:00 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2012.06.14 22:08:26 | 000,053,760 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV76.sys [2012.06.14 21:22:05 | 000,007,168 | ---- | C] () -- C:\Users\***\.recently-used.xbel [2012.04.15 12:02:45 | 001,257,984 | ---- | C] () -- C:\Windows\System32\SaiC0836.Dll [2012.04.15 12:02:45 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_0C.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_10.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_0A.dll [2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_07.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_19.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_09.dll [2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_05.dll [2012.04.15 12:02:45 | 000,006,656 | ---- | C] () -- C:\Windows\System32\SaiC0836_0402.dll [2012.04.15 12:02:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\SaiC0836_11.dll [2012.04.15 12:02:45 | 000,004,608 | ---- | C] () -- C:\Windows\System32\SaiC0836_12.dll [2012.02.22 22:37:48 | 000,000,067 | ---- | C] () -- C:\Users\***\.gtk-bookmarks [2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2012.01.18 07:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2012.01.07 14:08:58 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin [2011.11.14 23:50:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.10.25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll [2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.23 15:40:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Firaxis [2012.06.12 21:50:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0 [2012.06.09 22:39:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kalypso Media [2012.04.28 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++ [2011.11.15 21:40:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird [2012.07.19 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client [2012.04.03 21:14:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay [2013.06.08 00:53:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unity [2012.04.19 22:07:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 13.06.2013 23:54:40 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: THESEUS | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047578E3-FD90-40E3-8322-15F375A12E1E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0D8EC35A-48ED-450E-A593-B1160D1D65BE}" = lport=139 | protocol=6 | dir=in | app=system |
"{0E66D132-C2DD-4AE4-BFDB-892330B2C60C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1ABCB9FB-0BAE-43B5-9B84-7604C77E3442}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{241404C0-427D-43FE-834E-17F6998AF511}" = rport=137 | protocol=17 | dir=out | app=system |
"{247F9E94-7091-4FAE-B25D-B0F082DA40A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{2A748E04-3B6C-410A-9828-BBF3258E07BE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{2E3A8DD2-4825-40A1-8E1E-9E80FDF86792}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{32E77889-E3A8-46A5-8E6E-B21874C1BD44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{37BA7636-BFA8-477E-9D9D-DBE59E9F75AE}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B73B7D0-F0E7-4727-A2BD-E8651B384F46}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48F09685-B280-46C9-A51E-E50C4E4D53F1}" = lport=10243 | protocol=6 | dir=in | app=system |
"{57DF3CD7-B869-4756-8E6B-8AB56E21CF7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{71F01EFA-416E-4144-A7E0-8D59B878D084}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7386F8FE-B480-4FE8-A46E-4240CD9907F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{77230255-315D-4502-816C-5A7D241BD38E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8873BE98-2231-4294-A354-1A2B706E7086}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88CA3A4F-E1EE-4876-ACC0-FBE687D27498}" = rport=445 | protocol=6 | dir=out | app=system |
"{8C55A10B-2A12-4B9E-B860-F2762FE3F361}" = lport=445 | protocol=6 | dir=in | app=system |
"{9128D010-3F4D-46B2-A835-86119302022A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9FA0D5DC-A41C-424D-8EE2-3B03A9040BEC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A6488BA6-AF9C-4479-B3DF-A1C084E2C159}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC43A7DC-896A-442B-9817-3E4C8A547B4D}" = lport=138 | protocol=17 | dir=in | app=system |
"{D96476F2-A915-44AD-A641-E0669C1CA56D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EF8CAECA-A2FA-4EB5-A742-88C3B5D364E6}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10ED9F71-5824-4A3D-9D93-FE8D17D3D54F}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe |
"{10F5A63B-24BF-43CD-A555-4E2437BEF3DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1615CD30-47CE-4098-9A24-B8985A460BC4}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe |
"{18B0BDA8-57DA-4D44-B440-2FDA25E94CC0}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{20E0DC4B-ECAC-47E5-B42F-2C63063C558E}" = protocol=6 | dir=in | app=d:\spiele\colonization\colonization.exe |
"{2C6A1D79-8C34-463E-B791-349519983281}" = protocol=6 | dir=out | app=system |
"{2E489351-5E54-49C8-B25D-D372FD672EBC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2E8ED053-9AFC-434D-BD5F-6771A02DF5B7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{386DA190-3E68-4CE7-B2B7-7FC9FBDD30F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3B64AEDD-8382-4A2F-87F0-B3411086D440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3C0F4880-8C33-4102-8BD8-A9A555DAA987}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{430BE9EB-64D1-4B19-B324-FE384415B1DB}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{486824E7-92FC-4DCD-92AC-D2C139B634E7}" = protocol=17 | dir=in | app=d:\spiele\colonization\colonization.exe |
"{4A34CFBC-25F8-46CB-A3B4-3402F5158802}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4AF5C763-DE40-4704-B46D-3FE56D912077}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{4B1B1ECC-BCB7-47DF-BEEB-D767016B9435}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E185E9C-14D0-46E6-85C3-FE6DDC774F2F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{63C3100B-5913-4B12-91FE-0845F7179E59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7238AA30-94D3-4B4E-9AF2-DE5AE57C4448}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7CDA8EF6-696F-4E19-847C-CDE21DC74109}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8BDD77B6-7754-49F0-AB55-C83CA79A080D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A766FA33-7555-44CB-8A07-901875EB8F3A}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{A8CAF932-A086-41AC-A789-35E73AC4DE2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AD6CFAE0-8574-494A-94F1-5AA796574B91}" = protocol=17 | dir=in | app=d:\steamscheiss\steam.exe |
"{B427DF04-719E-4C2A-83FE-8B4DD5503198}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B50662A5-8EA6-4D13-8619-9BFC291296FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C03CFB98-5191-43C4-A942-2B17F4CA13A7}" = protocol=6 | dir=in | app=c:\windows\system32\cnac4rpk.exe |
"{C2C302AF-D8D9-4BB9-9CD8-F905D024C726}" = protocol=17 | dir=in | app=c:\windows\system32\cnac4rpk.exe |
"{C54BB269-E0E9-4AAD-912E-0F0CA98D2F73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{C6F96043-CE87-4C1F-8A3A-90A6A9E6B0F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF5F56C9-FA1B-489B-89C1-39B22972C7EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D4A2C669-CED3-412C-BAD2-E0A36C053C78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6C351AE-5BC8-450C-889D-7EE73D0A71D3}" = protocol=6 | dir=in | app=d:\steamscheiss\steam.exe |
"{DB7BCDB8-3212-45B7-937F-16A483370BD0}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E5080E0E-70F7-4320-A350-6F9632CEC4AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EAF633DE-B6D5-4ADF-A391-F0CB44481290}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{EF3F0F9B-FDD3-4824-B083-D50074264200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD502A27-B463-474B-BBF0-BE392B1E2D75}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"TCP Query User{A835BE44-3DDB-437D-B3B9-12D3FB46E240}D:\spiele\panzer corps\update.exe" = protocol=6 | dir=in | app=d:\spiele\panzer corps\update.exe |
"UDP Query User{9DF2871F-B6AC-4FF2-8B96-BC3FB83FADBD}D:\spiele\panzer corps\update.exe" = protocol=17 | dir=in | app=d:\spiele\panzer corps\update.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011BF729-0369-EF59-4294-11D022AE3538}" = AMD Catalyst Install Manager
"{021B87E2-8DBA-4CFD-8762-9D9F5AE65CF7}" = CCC Help Turkish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E24CF0-7DC9-4398-4BAF-E12CCA48A1D2}" = CCC Help Thai
"{077BE218-2ABA-364C-14FE-96DD8CB7289A}" = CCC Help Italian
"{07FE063B-89F4-2397-006E-FB9F12E19894}" = CCC Help Greek
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1EBDD301-BEDE-78A5-D2A7-51DA367B70A8}" = CCC Help German
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25D080C2-19A4-427D-A12A-979D674B57F8}}_is1" = Hearts of Iron III Collection Version 3.05
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B95476F-D50B-4105-B3E0-056BB4830F17}_is1" = DMP_Panzercorps_Mod_3.0_Speech_Sound_Mod_by_Puma
"{35FE995E-5A31-D005-0303-8D9FBBD4B67B}" = Catalyst Control Center Graphics Previews Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42714156-8501-4B44-9CD9-1E101915EACD}" = Smart Technology Programming Software 7.0.1.12
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FC206D1-6287-440D-8F84-ED26E32FDD56}_is1" = Panzer Corps DMP Afrika Korps Add-on
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219
"{650F6AF5-D09E-457B-AE96-A0E19DB61AF4}_is1" = DMP_Panzercorps_Mod_2.0
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{7C54986D-B318-0985-DD1D-C0446895390C}" = ccc-utility
"{7E5FFC5E-5A7F-864A-2E0D-0B234ED7B14F}" = Catalyst Control Center InstallProxy
"{806139DE-75ED-B576-51AB-697B45EDEF24}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C02917D-EEB1-31B8-C955-DEA61D698D18}" = CCC Help Dutch
"{8CFD25B4-490E-F871-0AF0-45F720E9AB89}" = CCC Help Russian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911B75B5-136D-4EC1-96A2-DEE6A5A1FA60}" = CCC Help Swedish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{987AE03F-234A-3623-BD28-6B31FD1D3AB3}" = Microsoft Visual Studio 2010 Shell (Isolated) - DEU
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B231624B-699F-6459-F9A4-4A31CB40E35C}" = CCC Help Czech
"{B538BBC3-68C9-98F6-487F-D7592879213E}" = CCC Help Danish
"{B73F4ACE-A7F2-8FC6-D0DA-2E4E42E1DDE2}" = CCC Help Spanish
"{B7C2FEB0-8236-CABE-8CB1-C1A689CF8117}" = CCC Help Polish
"{B7F4467D-DCA0-0DC0-873F-50AA58865E74}" = CCC Help Portuguese
"{BFE49A01-A5FC-64EF-FB43-B1A79E612625}" = CCC Help Chinese Traditional
"{C025595B-A217-7317-65D8-CE7D304FCD30}" = Catalyst Control Center
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C83CD843-260E-3BD0-86BC-4E613BFDDE0A}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C962D875-A53E-835A-7DD8-229FCB96D115}" = CCC Help Korean
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF4FD64F-D60A-4FE0-9BC0-94DF17E82A3B}_is1" = Panzer_Corps_DMP_Afrika_Korps_Hotfix_1-1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D0DDA799-7C8D-4A5A-9F2B-E08B026D2EC8}_is1" = DMP Panzercorps Mod 1.0
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5AFB7E8-D81F-F57F-4D43-EC95E49425FE}" = Catalyst Control Center Localization All
"{D6E74CE8-23BF-F60F-60E2-11D92654C35C}" = CCC Help Japanese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EA2D24B9-F8F9-B430-60AA-2931165390E4}" = CCC Help French
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED54F892-C128-7AF9-5428-A57B014B0314}" = CCC Help Norwegian
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F14F6129-0E6C-1224-2CDF-C869C8F261A7}" = CCC Help Chinese Standard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76C09F9-C367-6FB9-4965-A26211D094FC}" = CCC Help English
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAB9CB0B-9A7C-1960-F4AB-DF4AE61CAE01}" = CCC Help Finnish
"5513-1208-7298-9440" = JDownloader 0.9
"5513-1208-7298-9440-1" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Canon LBP5000" = Canon LBP5000
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"McAfee Security Scan" = McAfee Security Scan Plus
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.4.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Notepad++" = Notepad++
"Panzer Corps1.00" = Panzer Corps
"RealPlayer 16.0" = RealPlayer
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 8930" = Sid Meier's Civilization V
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Wildlife Park 3_is1" = Wildlife Park 3 v1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.06.2013 17:55:27 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 10.06.2013 17:56:00 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 11.06.2013 17:10:19 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 11.06.2013 17:10:51 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 11.06.2013 18:47:10 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft
Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 11.06.2013 18:50:47 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe".
Die
abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12.06.2013 16:06:21 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 12.06.2013 16:06:54 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
Error - 13.06.2013 16:53:32 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description =
Error - 13.06.2013 16:54:31 | Computer Name = Theseus | Source = VSS | ID = 8194
Description =
[ System Events ]
Error - 07.06.2013 17:24:50 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 08.06.2013 16:26:45 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 09.06.2013 15:12:59 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 10.06.2013 14:44:43 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 10.06.2013 17:53:40 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.06.2013 17:08:30 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 11.06.2013 19:00:51 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description =
Error - 12.06.2013 16:04:33 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 13.06.2013 16:51:41 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 13.06.2013 17:12:01 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description =
< End of report >
 Beste Grüße, Martin |
|
14.06.2013, 00:31
| #2 |
| /// Malware-holic   | Problem mit wssetup Perion Network Hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
14.06.2013, 21:19
| #3 |
| | Problem mit wssetup Perion Network Hi und vielen Dank für deine Hilfe.
__________________Hier der Log der TDSKiller: Code:
ATTFilter 22:14:38.0235 5276 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:14:39.0015 5276 ============================================================
22:14:39.0015 5276 Current date / time: 2013/06/14 22:14:39.0015
22:14:39.0015 5276 SystemInfo:
22:14:39.0015 5276
22:14:39.0015 5276 OS Version: 6.1.7601 ServicePack: 1.0
22:14:39.0015 5276 Product type: Workstation
22:14:39.0015 5276 ComputerName: THESEUS
22:14:39.0015 5276 UserName: ***
22:14:39.0015 5276 Windows directory: C:\Windows
22:14:39.0015 5276 System windows directory: C:\Windows
22:14:39.0015 5276 Processor architecture: Intel x86
22:14:39.0015 5276 Number of processors: 2
22:14:39.0015 5276 Page size: 0x1000
22:14:39.0015 5276 Boot type: Normal boot
22:14:39.0015 5276 ============================================================
22:14:40.0248 5276 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:14:40.0263 5276 ============================================================
22:14:40.0263 5276 \Device\Harddisk0\DR0:
22:14:40.0263 5276 MBR partitions:
22:14:40.0263 5276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x15995000
22:14:40.0263 5276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15995800, BlocksNum 0x249F0000
22:14:40.0263 5276 ============================================================
22:14:40.0263 5276 C: <-> \Device\Harddisk0\DR0\Partition1
22:14:40.0310 5276 D: <-> \Device\Harddisk0\DR0\Partition2
22:14:40.0310 5276 ============================================================
22:14:40.0310 5276 Initialize success
22:14:40.0310 5276 ============================================================
22:15:34.0645 3992 ============================================================
22:15:34.0645 3992 Scan started
22:15:34.0645 3992 Mode: Manual; SigCheck; TDLFS;
22:15:34.0645 3992 ============================================================
22:15:35.0518 3992 ================ Scan system memory ========================
22:15:35.0518 3992 System memory - ok
22:15:35.0518 3992 ================ Scan services =============================
22:15:35.0690 3992 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:15:35.0846 3992 1394ohci - ok
22:15:35.0877 3992 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:15:35.0924 3992 ACPI - ok
22:15:35.0971 3992 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:15:36.0033 3992 AcpiPmi - ok
22:15:36.0158 3992 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:15:36.0220 3992 AdobeARMservice - ok
22:15:36.0314 3992 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:15:36.0392 3992 AdobeFlashPlayerUpdateSvc - ok
22:15:36.0423 3992 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:15:36.0486 3992 adp94xx - ok
22:15:36.0517 3992 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:15:36.0564 3992 adpahci - ok
22:15:36.0579 3992 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:15:36.0642 3992 adpu320 - ok
22:15:36.0688 3992 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:15:36.0766 3992 AeLookupSvc - ok
22:15:36.0829 3992 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:15:36.0891 3992 AFD - ok
22:15:36.0907 3992 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:15:36.0954 3992 agp440 - ok
22:15:37.0016 3992 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:15:37.0063 3992 aic78xx - ok
22:15:37.0078 3992 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:15:37.0156 3992 ALG - ok
22:15:37.0172 3992 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:15:37.0219 3992 aliide - ok
22:15:37.0250 3992 [ 6887351BF7ADAFEB7A324CAE6AAFE598 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:15:37.0312 3992 AMD External Events Utility - ok
22:15:37.0328 3992 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:15:37.0375 3992 amdagp - ok
22:15:37.0390 3992 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:15:37.0437 3992 amdide - ok
22:15:37.0484 3992 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:15:37.0531 3992 AmdK8 - ok
22:15:37.0546 3992 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:15:37.0609 3992 AmdPPM - ok
22:15:37.0640 3992 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:15:37.0687 3992 amdsata - ok
22:15:37.0702 3992 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:15:37.0765 3992 amdsbs - ok
22:15:37.0780 3992 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:15:37.0827 3992 amdxata - ok
22:15:37.0858 3992 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:15:37.0936 3992 AppID - ok
22:15:37.0968 3992 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:15:38.0046 3992 AppIDSvc - ok
22:15:38.0092 3992 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
22:15:38.0186 3992 Appinfo - ok
22:15:38.0202 3992 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
22:15:38.0311 3992 arc - ok
22:15:38.0326 3992 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:15:38.0451 3992 arcsas - ok
22:15:38.0560 3992 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:15:38.0623 3992 aspnet_state - ok
22:15:38.0670 3992 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:15:38.0732 3992 AsyncMac - ok
22:15:38.0763 3992 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:15:38.0810 3992 atapi - ok
22:15:38.0872 3992 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys
22:15:38.0950 3992 athr - ok
22:15:39.0106 3992 [ BCB9CF3B087DD15A8F33A149296E6183 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:15:39.0247 3992 atikmdag - ok
22:15:39.0294 3992 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:15:39.0372 3992 AudioEndpointBuilder - ok
22:15:39.0387 3992 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:15:39.0450 3992 Audiosrv - ok
22:15:39.0481 3992 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:15:39.0543 3992 AxInstSV - ok
22:15:39.0606 3992 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:15:39.0684 3992 b06bdrv - ok
22:15:39.0746 3992 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:15:39.0793 3992 b57nd60x - ok
22:15:39.0840 3992 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:15:39.0902 3992 BDESVC - ok
22:15:39.0918 3992 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:15:39.0996 3992 Beep - ok
22:15:40.0027 3992 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:15:40.0136 3992 BFE - ok
22:15:40.0167 3992 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
22:15:40.0245 3992 BITS - ok
22:15:40.0261 3992 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:15:40.0339 3992 blbdrive - ok
22:15:40.0370 3992 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:15:40.0464 3992 bowser - ok
22:15:40.0495 3992 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:15:40.0573 3992 BrFiltLo - ok
22:15:40.0588 3992 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:15:40.0666 3992 BrFiltUp - ok
22:15:40.0698 3992 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:15:40.0760 3992 Browser - ok
22:15:40.0791 3992 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:15:40.0854 3992 Brserid - ok
22:15:40.0869 3992 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:15:40.0916 3992 BrSerWdm - ok
22:15:40.0932 3992 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:15:41.0010 3992 BrUsbMdm - ok
22:15:41.0010 3992 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:15:41.0072 3992 BrUsbSer - ok
22:15:41.0088 3992 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:15:41.0181 3992 BTHMODEM - ok
22:15:41.0228 3992 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:15:41.0306 3992 bthserv - ok
22:15:41.0337 3992 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:15:41.0415 3992 cdfs - ok
22:15:41.0462 3992 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:15:41.0509 3992 cdrom - ok
22:15:41.0540 3992 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:15:41.0618 3992 CertPropSvc - ok
22:15:41.0680 3992 [ 1311AAAC5A27B445FE51400C6F41CEE3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:15:41.0727 3992 cfwids - ok
22:15:41.0758 3992 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
22:15:41.0821 3992 circlass - ok
22:15:41.0852 3992 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:15:41.0899 3992 CLFS - ok
22:15:41.0977 3992 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:42.0024 3992 clr_optimization_v2.0.50727_32 - ok
22:15:42.0070 3992 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:15:42.0117 3992 clr_optimization_v4.0.30319_32 - ok
22:15:42.0148 3992 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:15:42.0195 3992 CmBatt - ok
22:15:42.0211 3992 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:15:42.0258 3992 cmdide - ok
22:15:42.0304 3992 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
22:15:42.0382 3992 CNG - ok
22:15:42.0414 3992 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:15:42.0460 3992 Compbatt - ok
22:15:42.0476 3992 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:15:42.0538 3992 CompositeBus - ok
22:15:42.0570 3992 COMSysApp - ok
22:15:42.0601 3992 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:15:42.0648 3992 crcdisk - ok
22:15:42.0694 3992 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:15:42.0804 3992 CryptSvc - ok
22:15:42.0835 3992 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:15:42.0913 3992 DcomLaunch - ok
22:15:42.0944 3992 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:15:43.0022 3992 defragsvc - ok
22:15:43.0038 3992 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:15:43.0131 3992 DfsC - ok
22:15:43.0178 3992 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:15:43.0240 3992 Dhcp - ok
22:15:43.0272 3992 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:15:43.0350 3992 discache - ok
22:15:43.0381 3992 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
22:15:43.0428 3992 Disk - ok
22:15:43.0459 3992 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:15:43.0521 3992 Dnscache - ok
22:15:43.0552 3992 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:15:43.0615 3992 dot3svc - ok
22:15:43.0630 3992 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:15:43.0724 3992 DPS - ok
22:15:43.0771 3992 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:15:43.0818 3992 drmkaud - ok
22:15:43.0864 3992 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:15:43.0911 3992 DXGKrnl - ok
22:15:43.0942 3992 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:15:44.0036 3992 EapHost - ok
22:15:44.0130 3992 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:15:44.0254 3992 ebdrv - ok
22:15:44.0286 3992 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:15:44.0348 3992 EFS - ok
22:15:44.0410 3992 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:15:44.0457 3992 ehRecvr - ok
22:15:44.0488 3992 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
22:15:44.0551 3992 ehSched - ok
22:15:44.0598 3992 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:15:44.0644 3992 elxstor - ok
22:15:44.0660 3992 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:15:44.0722 3992 ErrDev - ok
22:15:44.0785 3992 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:15:44.0863 3992 EventSystem - ok
22:15:44.0878 3992 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:15:44.0941 3992 exfat - ok
22:15:44.0972 3992 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:15:45.0034 3992 fastfat - ok
22:15:45.0097 3992 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:15:45.0175 3992 Fax - ok
22:15:45.0222 3992 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
22:15:45.0268 3992 fdc - ok
22:15:45.0300 3992 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:15:45.0378 3992 fdPHost - ok
22:15:45.0393 3992 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:15:45.0440 3992 FDResPub - ok
22:15:45.0456 3992 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:15:45.0487 3992 FileInfo - ok
22:15:45.0502 3992 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:15:45.0580 3992 Filetrace - ok
22:15:45.0596 3992 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:15:45.0643 3992 flpydisk - ok
22:15:45.0674 3992 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:15:45.0736 3992 FltMgr - ok
22:15:45.0799 3992 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
22:15:45.0877 3992 FontCache - ok
22:15:45.0908 3992 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:15:45.0955 3992 FontCache3.0.0.0 - ok
22:15:45.0970 3992 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:15:46.0017 3992 FsDepends - ok
22:15:46.0048 3992 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:15:46.0095 3992 Fs_Rec - ok
22:15:46.0142 3992 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:15:46.0189 3992 fvevol - ok
22:15:46.0220 3992 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:15:46.0267 3992 gagp30kx - ok
22:15:46.0314 3992 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:15:46.0392 3992 gpsvc - ok
22:15:46.0392 3992 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:15:46.0454 3992 hcw85cir - ok
22:15:46.0501 3992 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:15:46.0548 3992 HdAudAddService - ok
22:15:46.0563 3992 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:15:46.0610 3992 HDAudBus - ok
22:15:46.0626 3992 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:15:46.0704 3992 HidBatt - ok
22:15:46.0719 3992 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:15:46.0782 3992 HidBth - ok
22:15:46.0828 3992 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:15:46.0891 3992 HidIr - ok
22:15:46.0922 3992 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
22:15:47.0000 3992 hidserv - ok
22:15:47.0031 3992 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:15:47.0078 3992 HidUsb - ok
22:15:47.0156 3992 [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:15:47.0218 3992 HipShieldK - ok
22:15:47.0250 3992 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:15:47.0312 3992 hkmsvc - ok
22:15:47.0328 3992 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:15:47.0374 3992 HomeGroupListener - ok
22:15:47.0406 3992 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:15:47.0452 3992 HomeGroupProvider - ok
22:15:47.0577 3992 [ C966B6448B935E7E025E00561BC47743 ] HomeNetSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:47.0624 3992 HomeNetSvc - ok
22:15:47.0671 3992 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:15:47.0702 3992 HpSAMD - ok
22:15:47.0733 3992 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:15:47.0796 3992 HTTP - ok
22:15:47.0842 3992 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:15:47.0874 3992 hwpolicy - ok
22:15:47.0920 3992 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:15:47.0967 3992 i8042prt - ok
22:15:48.0014 3992 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:15:48.0061 3992 iaStorV - ok
22:15:48.0123 3992 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:15:48.0186 3992 idsvc - ok
22:15:48.0232 3992 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:15:48.0264 3992 iirsp - ok
22:15:48.0310 3992 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:15:48.0404 3992 IKEEXT - ok
22:15:48.0420 3992 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:15:48.0466 3992 intelide - ok
22:15:48.0498 3992 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:15:48.0576 3992 intelppm - ok
22:15:48.0607 3992 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:15:48.0669 3992 IPBusEnum - ok
22:15:48.0685 3992 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:15:48.0747 3992 IpFilterDriver - ok
22:15:48.0810 3992 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:15:48.0888 3992 iphlpsvc - ok
22:15:48.0919 3992 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:15:48.0966 3992 IPMIDRV - ok
22:15:48.0981 3992 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:15:49.0044 3992 IPNAT - ok
22:15:49.0090 3992 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:15:49.0153 3992 IRENUM - ok
22:15:49.0168 3992 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:15:49.0215 3992 isapnp - ok
22:15:49.0246 3992 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:15:49.0293 3992 iScsiPrt - ok
22:15:49.0309 3992 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:15:49.0371 3992 kbdclass - ok
22:15:49.0387 3992 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:15:49.0449 3992 kbdhid - ok
22:15:49.0465 3992 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:15:49.0512 3992 KeyIso - ok
22:15:49.0558 3992 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:15:49.0605 3992 KSecDD - ok
22:15:49.0636 3992 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:15:49.0730 3992 KSecPkg - ok
22:15:49.0777 3992 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:15:49.0839 3992 KtmRm - ok
22:15:49.0886 3992 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
22:15:49.0948 3992 LanmanServer - ok
22:15:49.0995 3992 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:15:50.0058 3992 LanmanWorkstation - ok
22:15:50.0120 3992 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:15:50.0198 3992 lltdio - ok
22:15:50.0229 3992 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:15:50.0323 3992 lltdsvc - ok
22:15:50.0323 3992 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:15:50.0494 3992 lmhosts - ok
22:15:50.0510 3992 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:15:50.0572 3992 LSI_FC - ok
22:15:50.0588 3992 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:15:50.0713 3992 LSI_SAS - ok
22:15:50.0713 3992 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:15:50.0838 3992 LSI_SAS2 - ok
22:15:50.0853 3992 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:15:50.0947 3992 LSI_SCSI - ok
22:15:50.0978 3992 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:15:51.0087 3992 luafv - ok
22:15:51.0150 3992 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
22:15:51.0259 3992 LVRS - ok
22:15:51.0399 3992 [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
22:15:51.0586 3992 LVUVC - ok
22:15:51.0649 3992 [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:15:51.0696 3992 McAfee SiteAdvisor Service - ok
22:15:51.0774 3992 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
22:15:51.0930 3992 McComponentHostService - ok
22:15:51.0992 3992 [ C966B6448B935E7E025E00561BC47743 ] McMPFSvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0117 3992 McMPFSvc - ok
22:15:52.0132 3992 [ C966B6448B935E7E025E00561BC47743 ] McNaiAnn C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0164 3992 McNaiAnn - ok
22:15:52.0242 3992 [ 02A1B24273643B3F3542E73C12540599 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
22:15:52.0273 3992 McODS - ok
22:15:52.0304 3992 [ C966B6448B935E7E025E00561BC47743 ] mcpltsvc C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0335 3992 mcpltsvc - ok
22:15:52.0382 3992 [ C966B6448B935E7E025E00561BC47743 ] McProxy C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0413 3992 McProxy - ok
22:15:52.0460 3992 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:15:52.0491 3992 Mcx2Svc - ok
22:15:52.0522 3992 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
22:15:52.0585 3992 megasas - ok
22:15:52.0616 3992 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:15:52.0866 3992 MegaSR - ok
22:15:52.0912 3992 [ 0BF2E50CBA6123DDB20718E926031C3B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
22:15:53.0022 3992 mfeapfk - ok
22:15:53.0068 3992 [ 53B5197B7660B33DABDB17384450AD45 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:15:53.0178 3992 mfeavfk - ok
22:15:53.0224 3992 [ E13A1A37B5ED199333A0B1FFDBE009E2 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
22:15:53.0318 3992 mfebopk - ok
22:15:53.0380 3992 [ F83F25652D6B91F15630541429A216B4 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
22:15:53.0474 3992 mfecore - ok
22:15:53.0568 3992 [ 9721E7EDB7F47CD9F8D02C9369052630 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:15:53.0614 3992 mfefire - ok
22:15:53.0661 3992 [ B148A220460F3A4681585AAE0719B491 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:15:53.0739 3992 mfefirek - ok
22:15:53.0770 3992 [ A6CC801998A0FB33D47460D481A648BE ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:15:53.0880 3992 mfehidk - ok
22:15:53.0926 3992 [ 6B11AC33AF005FF8DF52B23B9491AB5A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
22:15:53.0989 3992 mfencbdc - ok
22:15:54.0051 3992 [ 87DEB000657A1A0F81789B0154BF28AA ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
22:15:54.0114 3992 mfencrk - ok
22:15:54.0145 3992 [ D7174549A3B550501C96B49DDF9EDF88 ] mfevtp C:\Windows\system32\mfevtps.exe
22:15:54.0223 3992 mfevtp - ok
22:15:54.0270 3992 [ F29F47479F3DC603A2573BEF47C00C03 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
22:15:54.0363 3992 mfewfpk - ok
22:15:54.0410 3992 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:15:54.0550 3992 MMCSS - ok
22:15:54.0628 3992 [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup C:\Program Files\McAfee Online Backup\MOBKbackup.exe
22:15:54.0691 3992 MOBKbackup - ok
22:15:54.0722 3992 [ E896775837A8BCE436348DF460522394 ] MOBKFilter C:\Windows\system32\DRIVERS\MOBK.sys
22:15:54.0816 3992 MOBKFilter - ok
22:15:54.0831 3992 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:15:54.0925 3992 Modem - ok
22:15:54.0956 3992 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:15:55.0081 3992 monitor - ok
22:15:55.0096 3992 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:15:55.0143 3992 mouclass - ok
22:15:55.0143 3992 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:15:55.0221 3992 mouhid - ok
22:15:55.0237 3992 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:15:55.0408 3992 mountmgr - ok
22:15:55.0564 3992 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:15:55.0658 3992 MozillaMaintenance - ok
22:15:55.0720 3992 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:15:55.0830 3992 mpio - ok
22:15:55.0845 3992 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:15:55.0986 3992 mpsdrv - ok
22:15:56.0017 3992 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:15:56.0126 3992 MpsSvc - ok
22:15:56.0142 3992 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:15:56.0251 3992 MRxDAV - ok
22:15:56.0282 3992 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:15:56.0329 3992 mrxsmb - ok
22:15:56.0344 3992 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:15:56.0422 3992 mrxsmb10 - ok
22:15:56.0438 3992 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:15:56.0547 3992 mrxsmb20 - ok
22:15:56.0578 3992 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:15:56.0672 3992 msahci - ok
22:15:56.0672 3992 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:15:56.0797 3992 msdsm - ok
22:15:56.0828 3992 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:15:56.0953 3992 MSDTC - ok
22:15:56.0968 3992 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:15:57.0078 3992 Msfs - ok
22:15:57.0093 3992 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:15:57.0202 3992 mshidkmdf - ok
22:15:57.0202 3992 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:15:57.0327 3992 msisadrv - ok
22:15:57.0358 3992 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:15:57.0452 3992 MSiSCSI - ok
22:15:57.0452 3992 msiserver - ok
22:15:57.0514 3992 [ C966B6448B935E7E025E00561BC47743 ] MSK80Service C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:57.0577 3992 MSK80Service - ok
22:15:57.0624 3992 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:15:57.0702 3992 MSKSSRV - ok
22:15:57.0733 3992 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:15:57.0904 3992 MSPCLOCK - ok
22:15:57.0904 3992 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:15:58.0029 3992 MSPQM - ok
22:15:58.0045 3992 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:15:58.0092 3992 MsRPC - ok
22:15:58.0107 3992 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:15:58.0185 3992 mssmbios - ok
22:15:58.0232 3992 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:15:58.0341 3992 MSTEE - ok
22:15:58.0357 3992 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:15:58.0450 3992 MTConfig - ok
22:15:58.0466 3992 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:15:58.0544 3992 Mup - ok
22:15:58.0575 3992 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:15:58.0684 3992 napagent - ok
22:15:58.0716 3992 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:15:58.0809 3992 NativeWifiP - ok
22:15:58.0872 3992 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:15:58.0965 3992 NDIS - ok
22:15:59.0012 3992 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:15:59.0152 3992 NdisCap - ok
22:15:59.0184 3992 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:15:59.0246 3992 NdisTapi - ok
22:15:59.0262 3992 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:15:59.0402 3992 Ndisuio - ok
22:15:59.0433 3992 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:15:59.0496 3992 NdisWan - ok
22:15:59.0527 3992 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:15:59.0636 3992 NDProxy - ok
22:15:59.0667 3992 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:15:59.0792 3992 NetBIOS - ok
22:15:59.0808 3992 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:15:59.0901 3992 NetBT - ok
22:15:59.0917 3992 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:15:59.0995 3992 Netlogon - ok
22:16:00.0057 3992 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:16:00.0198 3992 Netman - ok
22:16:00.0244 3992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0400 3992 NetMsmqActivator - ok
22:16:00.0447 3992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0541 3992 NetPipeActivator - ok
22:16:00.0572 3992 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:16:00.0697 3992 netprofm - ok
22:16:00.0697 3992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0775 3992 NetTcpActivator - ok
22:16:00.0775 3992 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0900 3992 NetTcpPortSharing - ok
22:16:00.0931 3992 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:16:01.0024 3992 nfrd960 - ok
22:16:01.0056 3992 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:16:01.0149 3992 NlaSvc - ok
22:16:01.0165 3992 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:16:01.0227 3992 Npfs - ok
22:16:01.0258 3992 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:16:01.0383 3992 nsi - ok
22:16:01.0399 3992 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:16:01.0508 3992 nsiproxy - ok
22:16:01.0586 3992 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:16:01.0711 3992 Ntfs - ok
22:16:01.0726 3992 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:16:01.0836 3992 Null - ok
22:16:01.0867 3992 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:16:01.0929 3992 nvraid - ok
22:16:01.0960 3992 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:16:02.0101 3992 nvstor - ok
22:16:02.0132 3992 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:16:02.0210 3992 nv_agp - ok
22:16:02.0319 3992 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:16:02.0382 3992 odserv - ok
22:16:02.0428 3992 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:16:02.0553 3992 ohci1394 - ok
22:16:02.0584 3992 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:02.0709 3992 ose - ok
22:16:02.0740 3992 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:16:02.0834 3992 p2pimsvc - ok
22:16:02.0865 3992 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:16:02.0990 3992 p2psvc - ok
22:16:03.0006 3992 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
22:16:03.0052 3992 Parport - ok
22:16:03.0099 3992 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:16:03.0224 3992 partmgr - ok
22:16:03.0240 3992 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:16:03.0349 3992 Parvdm - ok
22:16:03.0364 3992 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:16:03.0474 3992 PcaSvc - ok
22:16:03.0489 3992 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:16:03.0583 3992 pci - ok
22:16:03.0598 3992 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:16:03.0692 3992 pciide - ok
22:16:03.0708 3992 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:16:03.0754 3992 pcmcia - ok
22:16:03.0770 3992 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:16:03.0879 3992 pcw - ok
22:16:03.0910 3992 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:16:04.0066 3992 PEAUTH - ok
22:16:04.0144 3992 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:16:04.0238 3992 pla - ok
22:16:04.0285 3992 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:16:04.0394 3992 PlugPlay - ok
22:16:04.0410 3992 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:16:04.0534 3992 PNRPAutoReg - ok
22:16:04.0566 3992 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:16:04.0628 3992 PNRPsvc - ok
22:16:04.0659 3992 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:16:04.0768 3992 PolicyAgent - ok
22:16:04.0815 3992 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:16:04.0924 3992 Power - ok
22:16:04.0956 3992 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:16:05.0112 3992 PptpMiniport - ok
22:16:05.0127 3992 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
22:16:05.0236 3992 Processor - ok
22:16:05.0268 3992 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:16:05.0346 3992 ProfSvc - ok
22:16:05.0361 3992 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:05.0486 3992 ProtectedStorage - ok
22:16:05.0517 3992 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:16:05.0611 3992 Psched - ok
22:16:05.0673 3992 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:16:05.0798 3992 ql2300 - ok
22:16:05.0829 3992 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:16:05.0892 3992 ql40xx - ok
22:16:05.0923 3992 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:16:06.0063 3992 QWAVE - ok
22:16:06.0079 3992 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:16:06.0188 3992 QWAVEdrv - ok
22:16:06.0188 3992 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:16:06.0282 3992 RasAcd - ok
22:16:06.0313 3992 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:06.0453 3992 RasAgileVpn - ok
22:16:06.0484 3992 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:16:06.0562 3992 RasAuto - ok
22:16:06.0594 3992 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:06.0687 3992 Rasl2tp - ok
22:16:06.0734 3992 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:16:06.0874 3992 RasMan - ok
22:16:06.0906 3992 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:07.0015 3992 RasPppoe - ok
22:16:07.0030 3992 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:16:07.0124 3992 RasSstp - ok
22:16:07.0155 3992 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:16:07.0264 3992 rdbss - ok
22:16:07.0280 3992 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:16:07.0374 3992 rdpbus - ok
22:16:07.0405 3992 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:07.0498 3992 RDPCDD - ok
22:16:07.0530 3992 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:16:07.0639 3992 RDPENCDD - ok
22:16:07.0639 3992 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:16:07.0732 3992 RDPREFMP - ok
22:16:07.0779 3992 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:16:07.0888 3992 RdpVideoMiniport - ok
22:16:07.0935 3992 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:16:07.0998 3992 RDPWD - ok
22:16:08.0044 3992 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:16:08.0122 3992 rdyboost - ok
22:16:08.0216 3992 [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:16:08.0278 3992 RealNetworks Downloader Resolver Service - ok
22:16:08.0310 3992 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:16:08.0372 3992 RemoteAccess - ok
22:16:08.0419 3992 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:16:08.0481 3992 RemoteRegistry - ok
22:16:08.0512 3992 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:16:08.0700 3992 RpcEptMapper - ok
22:16:08.0731 3992 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:16:08.0902 3992 RpcLocator - ok
22:16:08.0934 3992 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:16:09.0058 3992 RpcSs - ok
22:16:09.0105 3992 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:16:09.0246 3992 rspndr - ok
22:16:09.0277 3992 [ 919C6F81BADC1DEE332FA2AC31CE3165 ] SaiK0836 C:\Windows\system32\DRIVERS\SaiK0836.sys
22:16:09.0355 3992 SaiK0836 - ok
22:16:09.0402 3992 [ C97A9DB5A4C3B255DDD7EC73ADAB39A4 ] SaiMini C:\Windows\system32\DRIVERS\SaiMini.sys
22:16:09.0417 3992 SaiMini - ok
22:16:09.0464 3992 [ 17CA411F47B8D6C1A6D7C9109D222B42 ] SaiNtBus C:\Windows\system32\drivers\SaiBus.sys
22:16:09.0495 3992 SaiNtBus - ok
22:16:09.0511 3992 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:16:09.0558 3992 SamSs - ok
22:16:09.0589 3992 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:16:09.0714 3992 sbp2port - ok
22:16:09.0760 3992 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:16:09.0870 3992 SCardSvr - ok
22:16:09.0885 3992 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:16:09.0994 3992 scfilter - ok
22:16:10.0010 3992 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:16:10.0166 3992 Schedule - ok
22:16:10.0182 3992 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:16:10.0260 3992 SCPolicySvc - ok
22:16:10.0291 3992 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:16:10.0400 3992 sdbus - ok
22:16:10.0431 3992 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:16:10.0525 3992 SDRSVC - ok
22:16:10.0572 3992 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:16:10.0681 3992 secdrv - ok
22:16:10.0681 3992 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:16:10.0774 3992 seclogon - ok
22:16:10.0790 3992 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
22:16:10.0915 3992 SENS - ok
22:16:10.0930 3992 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:16:11.0071 3992 SensrSvc - ok
22:16:11.0118 3992 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:16:11.0242 3992 Serenum - ok
22:16:11.0274 3992 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
22:16:11.0398 3992 Serial - ok
22:16:11.0414 3992 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:16:11.0492 3992 sermouse - ok
22:16:11.0539 3992 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:16:11.0632 3992 SessionEnv - ok
22:16:11.0679 3992 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
22:16:11.0757 3992 SFEP - ok
22:16:11.0773 3992 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
22:16:11.0866 3992 sffdisk - ok
22:16:11.0866 3992 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:16:11.0976 3992 sffp_mmc - ok
22:16:11.0991 3992 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
22:16:12.0116 3992 sffp_sd - ok
22:16:12.0147 3992 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:16:12.0241 3992 sfloppy - ok
22:16:12.0288 3992 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:16:12.0397 3992 SharedAccess - ok
22:16:12.0444 3992 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:12.0553 3992 ShellHWDetection - ok
22:16:12.0553 3992 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:16:12.0631 3992 sisagp - ok
22:16:12.0662 3992 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:16:12.0724 3992 SiSRaid2 - ok
22:16:12.0740 3992 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:16:12.0849 3992 SiSRaid4 - ok
22:16:12.0896 3992 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:16:12.0927 3992 SkypeUpdate - ok
22:16:12.0958 3992 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:16:13.0114 3992 Smb - ok
22:16:13.0161 3992 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:16:13.0239 3992 SNMPTRAP - ok
22:16:13.0255 3992 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:16:13.0348 3992 spldr - ok
22:16:13.0395 3992 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:16:13.0504 3992 Spooler - ok
22:16:13.0582 3992 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:16:13.0754 3992 sppsvc - ok
22:16:13.0770 3992 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:16:13.0816 3992 sppuinotify - ok
22:16:13.0863 3992 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:16:13.0988 3992 srv - ok
22:16:14.0004 3992 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:16:14.0113 3992 srv2 - ok
22:16:14.0160 3992 [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:16:14.0222 3992 SrvHsfHDA - ok
22:16:14.0269 3992 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:16:14.0378 3992 SrvHsfV92 - ok
22:16:14.0394 3992 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:16:14.0487 3992 SrvHsfWinac - ok
22:16:14.0534 3992 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:16:14.0643 3992 srvnet - ok
22:16:14.0690 3992 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:16:14.0830 3992 SSDPSRV - ok
22:16:14.0877 3992 [ EF3504DD32E2EA222BE0CBC9A0895F89 ] SSHDRV76 C:\Windows\system32\drivers\SSHDRV76.sys
22:16:14.0908 3992 SSHDRV76 ( UnsignedFile.Multi.Generic ) - warning
22:16:14.0908 3992 SSHDRV76 - detected UnsignedFile.Multi.Generic (1)
22:16:14.0924 3992 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:16:15.0002 3992 SstpSvc - ok
22:16:15.0033 3992 Steam Client Service - ok
22:16:15.0064 3992 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:16:15.0127 3992 stexstor - ok
22:16:15.0174 3992 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:16:15.0220 3992 StiSvc - ok
22:16:15.0236 3992 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:16:15.0314 3992 swenum - ok
22:16:15.0361 3992 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:16:15.0564 3992 swprv - ok
22:16:15.0595 3992 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:16:15.0688 3992 SysMain - ok
22:16:15.0720 3992 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:15.0813 3992 TabletInputService - ok
22:16:15.0829 3992 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:16:15.0922 3992 TapiSrv - ok
22:16:15.0938 3992 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:16:16.0047 3992 TBS - ok
22:16:16.0110 3992 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:16:16.0219 3992 Tcpip - ok
22:16:16.0250 3992 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:16:16.0359 3992 TCPIP6 - ok
22:16:16.0390 3992 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:16:16.0453 3992 tcpipreg - ok
22:16:16.0484 3992 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:16:16.0531 3992 TDPIPE - ok
22:16:16.0562 3992 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:16:16.0624 3992 TDTCP - ok
22:16:16.0640 3992 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:16:16.0687 3992 tdx - ok
22:16:16.0702 3992 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:16:16.0796 3992 TermDD - ok
22:16:16.0827 3992 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:16:16.0936 3992 TermService - ok
22:16:16.0952 3992 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:16:17.0014 3992 Themes - ok
22:16:17.0030 3992 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:16:17.0124 3992 THREADORDER - ok
22:16:17.0155 3992 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:16:17.0264 3992 TrkWks - ok
22:16:17.0311 3992 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:17.0451 3992 TrustedInstaller - ok
22:16:17.0467 3992 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:17.0560 3992 tssecsrv - ok
22:16:17.0592 3992 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:16:17.0748 3992 TsUsbFlt - ok
22:16:17.0794 3992 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:16:17.0857 3992 TsUsbGD - ok
22:16:17.0888 3992 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:16:17.0966 3992 tunnel - ok
22:16:17.0982 3992 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:16:18.0075 3992 uagp35 - ok
22:16:18.0106 3992 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:16:18.0231 3992 udfs - ok
22:16:18.0262 3992 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:16:18.0387 3992 UI0Detect - ok
22:16:18.0403 3992 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:16:18.0465 3992 uliagpkx - ok
22:16:18.0512 3992 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:16:18.0606 3992 umbus - ok
22:16:18.0637 3992 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
22:16:18.0730 3992 UmPass - ok
22:16:18.0793 3992 [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:16:18.0933 3992 UMVPFSrv - ok
22:16:18.0964 3992 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:16:19.0089 3992 upnphost - ok
22:16:19.0105 3992 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:16:19.0167 3992 usbaudio - ok
22:16:19.0198 3992 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:19.0230 3992 usbccgp - ok
22:16:19.0276 3992 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:16:19.0339 3992 usbcir - ok
22:16:19.0354 3992 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:16:19.0479 3992 usbehci - ok
22:16:19.0510 3992 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:16:19.0588 3992 usbhub - ok
22:16:19.0604 3992 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:16:19.0698 3992 usbohci - ok
22:16:19.0713 3992 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:16:19.0776 3992 usbprint - ok
22:16:19.0791 3992 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:19.0947 3992 USBSTOR - ok
22:16:19.0963 3992 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:20.0010 3992 usbuhci - ok
22:16:20.0056 3992 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:16:20.0150 3992 usbvideo - ok
22:16:20.0181 3992 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:16:20.0306 3992 UxSms - ok
22:16:20.0322 3992 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:16:20.0384 3992 VaultSvc - ok
22:16:20.0415 3992 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:16:20.0540 3992 vdrvroot - ok
22:16:20.0556 3992 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:16:20.0665 3992 vds - ok
22:16:20.0712 3992 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:20.0852 3992 vga - ok
22:16:20.0868 3992 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:16:20.0946 3992 VgaSave - ok
22:16:20.0961 3992 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:16:21.0086 3992 vhdmp - ok
22:16:21.0117 3992 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:16:21.0148 3992 viaagp - ok
22:16:21.0164 3992 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:16:21.0226 3992 ViaC7 - ok
22:16:21.0242 3992 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:16:21.0304 3992 viaide - ok
22:16:21.0320 3992 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:16:21.0367 3992 volmgr - ok
22:16:21.0398 3992 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:16:21.0538 3992 volmgrx - ok
22:16:21.0585 3992 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:16:21.0679 3992 volsnap - ok
22:16:21.0694 3992 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:16:21.0819 3992 vsmraid - ok
22:16:21.0866 3992 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:16:21.0991 3992 VSS - ok
22:16:22.0116 3992 [ 2CF27B4C0419BFA7DFD2C8FF1A4F0D2C ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
22:16:22.0178 3992 VUAgent - ok
22:16:22.0209 3992 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:22.0318 3992 vwifibus - ok
22:16:22.0334 3992 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:22.0443 3992 vwififlt - ok
22:16:22.0474 3992 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:16:22.0599 3992 vwifimp - ok
22:16:22.0615 3992 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:16:22.0693 3992 W32Time - ok
22:16:22.0724 3992 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:16:22.0880 3992 WacomPen - ok
22:16:22.0911 3992 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:16:22.0989 3992 WANARP - ok
22:16:23.0005 3992 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:16:23.0098 3992 Wanarpv6 - ok
22:16:23.0145 3992 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:16:23.0286 3992 wbengine - ok
22:16:23.0332 3992 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:16:23.0442 3992 WbioSrvc - ok
22:16:23.0473 3992 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:16:23.0582 3992 wcncsvc - ok
22:16:23.0598 3992 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:23.0707 3992 WcsPlugInService - ok
22:16:23.0738 3992 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
22:16:23.0785 3992 Wd - ok
22:16:23.0832 3992 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:16:23.0956 3992 Wdf01000 - ok
22:16:23.0972 3992 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:16:24.0081 3992 WdiServiceHost - ok
22:16:24.0081 3992 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:16:24.0144 3992 WdiSystemHost - ok
22:16:24.0159 3992 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:16:24.0300 3992 WebClient - ok
22:16:24.0346 3992 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:16:24.0424 3992 Wecsvc - ok
22:16:24.0440 3992 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:16:24.0580 3992 wercplsupport - ok
22:16:24.0596 3992 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:16:24.0736 3992 WerSvc - ok
22:16:24.0768 3992 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:24.0877 3992 WfpLwf - ok
22:16:24.0892 3992 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:16:24.0955 3992 WIMMount - ok
22:16:25.0017 3992 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:16:25.0126 3992 WinDefend - ok
22:16:25.0142 3992 WinHttpAutoProxySvc - ok
22:16:25.0204 3992 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:16:25.0267 3992 Winmgmt - ok
22:16:25.0329 3992 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:16:25.0438 3992 WinRM - ok
22:16:25.0516 3992 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:25.0594 3992 WinUsb - ok
22:16:25.0641 3992 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:16:25.0704 3992 Wlansvc - ok
22:16:25.0813 3992 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:25.0906 3992 wlidsvc - ok
22:16:25.0938 3992 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:16:26.0031 3992 WmiAcpi - ok
22:16:26.0078 3992 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:16:26.0140 3992 wmiApSrv - ok
22:16:26.0187 3992 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:16:26.0343 3992 WMPNetworkSvc - ok
22:16:26.0374 3992 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:16:26.0484 3992 WPCSvc - ok
22:16:26.0515 3992 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:16:26.0608 3992 WPDBusEnum - ok
22:16:26.0640 3992 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:16:26.0733 3992 ws2ifsl - ok
22:16:26.0749 3992 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
22:16:26.0858 3992 wscsvc - ok
22:16:26.0858 3992 WSearch - ok
22:16:26.0936 3992 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:16:27.0014 3992 wuauserv - ok
22:16:27.0061 3992 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:16:27.0170 3992 WudfPf - ok
22:16:27.0201 3992 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:27.0264 3992 WUDFRd - ok
22:16:27.0279 3992 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:16:27.0420 3992 wudfsvc - ok
22:16:27.0467 3992 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:16:27.0513 3992 WwanSvc - ok
22:16:27.0560 3992 [ C26C68BCBAC1F33F890C226769759209 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
22:16:27.0669 3992 xusb21 - ok
22:16:27.0701 3992 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
22:16:27.0825 3992 yukonw7 - ok
22:16:27.0825 3992 ================ Scan global ===============================
22:16:27.0872 3992 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:16:27.0903 3992 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
22:16:27.0919 3992 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
22:16:27.0950 3992 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:16:28.0013 3992 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:16:28.0013 3992 [Global] - ok
22:16:28.0013 3992 ================ Scan MBR ==================================
22:16:28.0028 3992 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:16:28.0356 3992 \Device\Harddisk0\DR0 - ok
22:16:28.0356 3992 ================ Scan VBR ==================================
22:16:28.0403 3992 [ 9880954621FD90558CE6A3F819EB5CEF ] \Device\Harddisk0\DR0\Partition1
22:16:28.0449 3992 \Device\Harddisk0\DR0\Partition1 - ok
22:16:28.0481 3992 [ CD9E147204F38F58F317E2A6592FD82D ] \Device\Harddisk0\DR0\Partition2
22:16:28.0481 3992 \Device\Harddisk0\DR0\Partition2 - ok
22:16:28.0496 3992 ============================================================
22:16:28.0496 3992 Scan finished
22:16:28.0496 3992 ============================================================
22:16:28.0512 4284 Detected object count: 1
22:16:28.0512 4284 Actual detected object count: 1
22:16:46.0374 4284 SSHDRV76 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:46.0374 4284 SSHDRV76 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:00.0941 5224 Deinitialize success
|
|
15.06.2013, 13:34
| #4 |
| /// Malware-holic | Problem mit wssetup Perion Network Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.06.2013, 22:19
| #5 |
| | Problem mit wssetup Perion Network Hallo, Combofix ist durchgelaufen, allerdings musste ich dreimal die pfeiltaste-runter drücken da sich der Bildschirm beim warten abgeschaltet hatte und beim warten auf den Windows Neustart musste ich nen Kaltstart machen. Hier die Logfile: Code:
ATTFilter ComboFix 13-06-15.01 - *** 15.06.2013 22:09:47.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3039.1728 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FireFox\plugin-container.exe
c:\program files\FireFox\uninstall\helper.exe
c:\program files\FireFox\updater.exe
.
Infizierte Kopie von c:\windows\system32\userinit.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-15 bis 2013-06-15 ))))))))))))))))))))))))))))))
.
.
2013-06-15 20:45 . 2013-06-15 20:45 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-12 21:03 . 2013-06-08 11:41 218112 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-06-12 21:03 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-12 20:55 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-12 20:54 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-06-12 20:54 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-06-12 20:54 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2013-06-12 20:54 . 2013-05-13 04:45 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-12 20:54 . 2013-05-13 04:45 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-12 20:54 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2013-06-12 20:54 . 2013-05-06 05:06 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-12 20:54 . 2013-05-06 05:06 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-12 20:54 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-12 20:54 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-06-12 20:53 . 2013-05-08 05:38 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-07 22:53 . 2013-06-07 22:53 -------- d-----w- c:\users\***\AppData\Roaming\Unity
2013-06-07 21:44 . 2013-06-07 21:44 -------- d-----w- c:\users\***\AppData\Local\Unity
2013-05-18 21:17 . 2013-06-15 20:44 -------- d-----w- c:\program files\Firefox
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 22:45 . 2012-04-01 16:08 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-11 22:45 . 2011-11-14 22:28 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 18:24 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 04:45 . 2013-05-14 20:21 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 20:21 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-23 21:06 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:18 . 2013-05-14 20:20 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 05:18 . 2013-05-14 20:20 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 03:14 . 2013-05-14 20:21 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-05-10 19:54 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-04-03 11:53 . 2012-11-09 05:56 60920 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-04-03 11:50 . 2012-11-09 05:53 212432 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-04-03 11:50 . 2013-01-08 22:26 172416 ----a-w- c:\windows\system32\mfevtps.exe
2013-04-03 11:48 . 2012-11-09 05:51 566656 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-04-03 11:47 . 2012-11-09 05:50 363432 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-04-03 11:47 . 2012-11-09 05:50 65928 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2013-04-03 11:46 . 2012-11-09 05:49 235520 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-04-03 11:46 . 2012-11-09 05:49 133992 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-03-23 20:21 . 2012-06-24 20:01 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-03-23 20:21 . 2011-11-16 21:36 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-03-19 04:53 . 2013-05-14 20:21 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-03-19 04:48 . 2013-04-09 19:50 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 03:33 . 2013-05-14 20:21 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-03-19 02:49 . 2013-04-09 19:50 69632 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 19:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 19:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 19:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2010-07-07 227840]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2010-07-07 123392]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-02-28 515888]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-12-28 295072]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-02-28 515888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Canon LBP5000 Statusfenster.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAC4LAK.EXE [2012-1-3 50848]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 147472]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2013-02-18 80592]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SaiK0836;SaiK0836;c:\windows\system32\DRIVERS\SaiK0836.sys [2010-07-08 139272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-04-03 212432]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
S1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys [2012-06-14 53760]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-10-22 176128]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2013-02-28 638976]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-04-03 169320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-04-03 172416]
S2 MOBKbackup;1%;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-04-03 60920]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-04-03 363432]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2013-02-18 257496]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2013-03-26 1013808]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 22:45]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfmor2bm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.t-online.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Mozilla Firefox 21.0 (x86 de) - c:\program files\Firefox\uninstall\helper.exe
AddRemove-{4FC206D1-6287-440D-8F84-ED26E32FDD56}_is1 - d:\spiele\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4208)
c:\program files\McAfee Online Backup\MOBKshell.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\CNAC4RPK.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\progra~1\McAfee\MSC\McAPExe.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Update\VAIOUpdt.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\vssvc.exe
c:\program files\Common Files\McAfee\Platform\mcuicnt.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-15 23:06:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-15 21:06
.
Vor Suchlauf: 8 Verzeichnis(se), 140.001.067.008 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 140.951.760.896 Bytes frei
.
- - End Of File - - 597FE8A9EB34D0F585BF34D861BC72B8
A36C5E4F47E84449FF07ED3517B43A31
 Ich versuch mal ne Neuinstallation davon. Geändert von Martinek (15.06.2013 um 22:31 Uhr) |
|
16.06.2013, 18:46
| #6 |
| /// Malware-holic | Problem mit wssetup Perion Network Hi, malwarebytes: Downloade Dir bitte Malwarebytes
__________________ --> Problem mit wssetup Perion Network |
|
17.06.2013, 20:00
| #7 |
| | Problem mit wssetup Perion Network Hallo, Malwarebytes hat nix gefunden. Hier die Log: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.06.16.04 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 10.0.9200.16618 *** :: THESEUS [Administrator] 16.06.2013 23:57:54 mbam-log-2013-06-16 (23-57-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 507821 Laufzeit: 2 Stunde(n), 33 Minute(n), 34 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
|
18.06.2013, 11:57
| #8 |
| /// Malware-holic | Problem mit wssetup Perion Network lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.06.2013, 20:42
| #9 |
| | Problem mit wssetup Perion Network Hallo, hier die Liste. Bei den unbekannten weiß ich nicht ob ich die brauche oder was die auf meinem Rechner so veranstalten (klar einige kennt man vom Namen her aber halt nicht was die so machen). Code:
ATTFilter Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 11.06.2013 6,00MB 11.7.700.224 --> unbekannt Adobe Flash Player 11 Plugin Adobe Systems Incorporated 12.06.2013 6,00MB 11.7.700.224 --> unbekannt Adobe Reader X (10.1.7) - Deutsch Adobe Systems Incorporated 15.05.2013 122MB 10.1.7 --> notwendig AMD Catalyst Install Manager Advanced Micro Devices, Inc. 03.12.2011 16,8MB 3.0.851.0 --> notwendig Application Profiles Ihr Firmenname 03.12.2011 353KB 2.0.4331.36041 --> unbekannt Canon LBP5000 03.01.2012 --> unnötig CCleaner Piriform 24.05.2013 4.02 --> unnötig DMP Panzercorps Mod 1.0 DMP 15.11.2011 --> unnötig DMP_Panzercorps_Mod_2.0 DMP 15.11.2011 --> unnötig DMP_Panzercorps_Mod_3.0_Speech_Sound_Mod_by_Puma DMP 15.11.2011 --> unnötig GIMP 2.6.11 The GIMP Team 15.11.2011 107MB 2.6.11 --> notwendig Hearts of Iron III Collection Version 3.05 Paradox Interactive 11.02.2012 1,46GB 3.05 --> unnötig Heroes of Might & Magic V: Hammers of Fate 07.01.2012 --> unnötig Heroes of Might and Magic V 07.01.2012 --> unnötig Heroes of Might and Magic V - Tribes of the East 07.01.2012 --> unnötig Internet Explorer Toolbar 4.6 by SweetPacks SweetIM Technologies Ltd. 29.10.2012 4,27MB 4.6.0004 --> unnötig Java 7 Update 21 Oracle 23.03.2013 129MB 7.0.210 --> unbekannt Java(TM) 6 Update 35 Oracle 24.06.2012 95,6MB 6.0.350 --> unbekannt JDownloader 0.9 AppWork GmbH 15.02.2013 0.9 --> unnötig JDownloader 0.9 AppWork GmbH 15.02.2013 0.9 --> unnötig Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 16.06.2013 19,2MB 1.75.0.1300 --> unnötig McAfee Security Scan Plus McAfee, Inc. 09.02.2013 10,2MB 3.0.318.3 --> notwendig McAfee SecurityCenter McAfee, Inc. 04.06.2013 12.1.338 --> notwendig MegaTrainer eXperience V1.1.4.0 18.02.2013 38,8MB --> unnötig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 16.11.2011 38,8MB 4.0.30319 --> unbekannt Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 16.11.2011 2,93MB 4.0.30319 --> unbekannt Microsoft .NET Framework 4 Extended Microsoft Corporation 23.02.2013 51,9MB 4.0.30319 --> unbekannt Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 23.02.2013 10,6MB 4.0.30319 --> unbekannt Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Corporation 23.02.2013 83,4MB 4.0.30319 --> unbekannt Microsoft Help Viewer 1.1 Microsoft Corporation 23.02.2013 3,97MB 1.1.40219 --> unbekannt Microsoft Help Viewer 1.1 Language Pack - DEU Microsoft Corporation 23.02.2013 1,95MB 1.1.40219 --> unbekannt Microsoft Office File Validation Add-In Microsoft Corporation 22.12.2011 7,95MB 14.0.5130.5003 --> unbekannt Microsoft Office Home and Student 2007 Microsoft Corporation 22.12.2011 12.0.6612.1000 --> notwendig Microsoft Office Live Add-in 1.5 Microsoft Corporation 17.04.2012 508KB 2.0.4024.1 --> unbekannt Microsoft Silverlight Microsoft Corporation 13.03.2013 104MB 5.1.20125.0 --> unbekannt Microsoft SQL Server 2008 R2 Management Objects Microsoft Corporation 23.02.2013 14,4MB 10.50.1750.9 --> unbekannt Microsoft SQL Server System CLR Types Microsoft Corporation 23.02.2013 951KB 10.50.1750.9 --> unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 17.12.2011 300KB 8.0.61001 --> unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 16.11.2011 596KB 9.0.30729 --> unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 17.12.2011 600KB 9.0.30729.6161 --> unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 24.02.2013 11,1MB 10.0.40219 --> unbekannt Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 Microsoft Corporation 23.02.2013 16,4MB 10.0.40219 --> unbekannt Microsoft Visual Studio 2010 Service Pack 1 Microsoft Corporation 23.02.2013 75,9MB 10.0.40219 --> unbekannt Microsoft Visual Studio 2010 Shell (Isolated) - DEU Microsoft Corporation 24.02.2013 586MB 10.0.40219 --> unbekannt Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Corporation 24.02.2013 10.0.40303 --> unbekannt Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU Microsoft Corporation 24.02.2013 10.0.40303 --> unbekannt Microsoft Xbox 360 Accessories 1.2 Microsoft 10.04.2012 6,93MB 1.20.146.0 --> unnötig Mozilla Firefox 21.0 (x86 de) Mozilla 15.06.2013 63,7MB 21.0 --> notwendig Mozilla Maintenance Service Mozilla 19.05.2013 333KB 21.0 --> unbekannt Mozilla Thunderbird 17.0.6 (x86 de) Mozilla 16.05.2013 41,9MB 17.0.6 --> notwendig Notepad++ 28.04.2012 6.1.2 --> notwendig Panzer Corps Slitherine 15.11.2011 1.00 --> unnötig Panzer_Corps_DMP_Afrika_Korps_Hotfix_1-1 DMP 15.11.2011 --> unnötig RealPlayer RealNetworks 29.12.2012 91,7MB 16.0.0 --> notwendig Sibelius Scorch (Firefox, Opera, Netscape only) Sibelius Software 05.01.2012 39,3MB 6.2.0 --> unbekannt Sid Meier's Civilization IV Colonization Firaxis Games 15.11.2011 1.01 --> notwendig Sid Meier's Civilization V 2K Games, Inc. 09.02.2013 --> notwendig Sid Meier's Civilization V SDK Firaxis Games 23.02.2013 --> notwendig Skype™ 6.3 Skype Technologies S.A. 28.04.2013 21,1MB 6.3.105 --> notwendig Smart Technology Programming Software 7.0.1.12 Mad Catz 15.04.2012 66,1MB 7.0.1.12 --> unbekannt Steam Valve Corporation 18.05.2012 42,2MB 1.0.0.0 --> notwendig, leider SweetIM for Messenger 3.7 SweetIM Technologies Ltd. 29.10.2012 4,93MB 3.7.0005 --> unbekannt TeamSpeak 3 Client TeamSpeak Systems GmbH 03.04.2012 --> notwendig Unity Web Player Unity Technologies ApS 07.06.2013 12,0MB --> unbekannt Update Manager for SweetPacks 1.1 SweetIM Technologies Ltd. 29.10.2012 2,76MB 1.1.0008 --> unbekannt VAIO Original Funktion Einstellungen Sony Corporation 07.04.2012 2.0.2.02240 --> unbekannt VAIO Update Sony Corporation 12.06.2013 6.2.1.03260 --> notwendig Wildlife Park 3 v1.0 bitComposer Games 03.11.2012 3,00GB --> notwendig Windows Live Essentials Microsoft Corporation 05.04.2012 15.4.3555.0308 --> unbekannt Windows Media Player Firefox Plugin Microsoft Corp 02.02.2012 296KB 1.0.0.8 --> notwendig WinRAR 4.01 (32-Bit) win.rar GmbH 18.11.2011 4.01.0 --> notwendig World of Tanks v.0.6.7 Wargaming.net 16.11.2011 --> notwendig World of Warplanes Wargaming.net 14.08.2012 14,4MB --> notwendig |
|
19.06.2013, 21:18
| #10 |
| /// Malware-holic | Problem mit wssetup Perion Network bnatürlich weist du bei den unbekannten nicht wofür sie sind, sonst währen sie doch nicht unbekannt oder? :-) deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Canon DMP : alle Hearts Heroes : alle Internet Explorer Toolbar Java(TM) JDownloader : beide Malwarebytes MegaTrainer Panzer : beide Sibelius SweetIM Unity Update Manager Öffne CCleaner, analysieren, starten, pc neustarten Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
21.06.2013, 21:24
| #11 |
| | Problem mit wssetup Perion Network Hallo, nach den ganzen Deinstallationen und CCleaner scheint wssetup nicht mehr aufzutauchen. Hier noch das Log von Adwcleaner: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 21/06/2013 um 22:17:23 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - THESEUS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Tarma Installer
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bjdczq3s.default-1371331233517\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1829 octets] - [21/06/2013 22:17:23]
########## EOF - C:\AdwCleaner[S1].txt - [1889 octets] ##########
|
|
04.07.2013, 14:48
| #12 |
| /// Malware-holic | Problem mit wssetup Perion Network hi kannst du noch mal die aktuelle adwcleaner Version laden, Funde wieder löschen, neues Log posten?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.07.2013, 22:25
| #13 |
| | Problem mit wssetup Perion Network aloha, hier der/das neue log vom adwcleaner: Code:
ATTFilter # AdwCleaner v2.304 - Datei am 04/07/2013 um 23:18:55 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - THESEUS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bjdczq3s.default-1371331233517\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [1958 octets] - [21/06/2013 22:17:23]
AdwCleaner[S2].txt - [821 octets] - [04/07/2013 23:18:55]
########## EOF - C:\AdwCleaner[S2].txt - [880 octets] ##########
|
|
05.07.2013, 14:35
| #14 |
| /// Malware-holic | Problem mit wssetup Perion Network Hi, Hitman Pro - Download - Filepony Hitmanpro laden, doppelklicken, Scan klicken. nichts löschen. Auf weiter klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.07.2013, 22:55
| #15 |
| | Problem mit wssetup Perion Network ...und hier der log der hitmanpro datei: Code:
ATTFilter HitmanPro 3.7.6.201
www.hitmanpro.com
Computer name . . . . : THESEUS
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : Theseus\***
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2013-07-06 23:50:19
Scan mode . . . . . . : Normal
Scan duration . . . . : 1m 55s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 0
Objects scanned . . . : 1.027.841
Files scanned . . . . : 18.491
Remnants scanned . . : 331.528 files / 677.822 keys
|
|
| Themen zu Problem mit wssetup Perion Network |
| autorun, bho, branding, canon, error, fehler, firefox, flash player, format, google, helper, home, install.exe, logfile, mozilla, msiexec.exe, object, plug-in, problem, registry, rundll, scan, security, senden, siteadvisor, software, svchost.exe, taskhost.exe, teamspeak, visual studio, windows |
WARNUNG an die MITLESER: 
