|
Log-Analyse und Auswertung: Hijack.StartPage und startsear.ch / wie entfernen??Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
03.06.2012, 15:12 | #1 |
| Hijack.StartPage und startsear.ch / wie entfernen?? Hallo! Ich habe das Problem, dass die Startseite in Firefox und IE geändert werden. Nach diversen gelesenen Beiträgen hab ich mir wohl die im Betreff genannte combo eingefangen... Malwarebytes habe ich bereits angewendet (siehe Anlage). Könnt Ihr mir bitte helfen? lg |
05.06.2012, 15:11 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Hat das einen besonderen Grund, dass du reinen Text in eine PDF gießen musst? Das ist doch ein völlig unnötiger Arbetsschritt und Zeitverschwendung, poste den reinen Text hier einfach in den Beitrag!
__________________Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen! Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden. Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
06.06.2012, 00:45 | #3 |
| Hijack.StartPage und startsear.ch / wie entfernen?? Sry, bin neu hier im Forum und dachte mit der .pdf das hätte ich bei den Regeln gelesen...
__________________Danke schon mal für die Antwort! Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.05.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Crank :: CRANK-PC [Administrator] Schutz: Aktiviert 05.06.2012 23:01:58 mbam-log-2012-06-06 (00-17-22).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 402579 Laufzeit: 50 Minute(n), 55 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3) Gut: (hxxp://www.google.com) -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=a4ad4390c6b5694c8cd09520894f938f # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-06-05 11:43:03 # local_time=2012-06-06 01:43:03 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 0 0 0 0 # compatibility_mode=1024 16777215 100 0 19350111 19350111 0 0 # compatibility_mode=5893 16776574 100 94 29230471 90564908 0 0 # compatibility_mode=8192 67108863 100 0 108 108 0 0 # scanned=191594 # found=0 # cleaned=0 # scan_time=4725 |
06.06.2012, 11:54 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
06.06.2012, 12:22 | #5 |
| Hijack.StartPage und startsear.ch / wie entfernen?? Ich habe eigentlich soweit keine Probleme mit Windows... Und hab auch nicht gesichert gestartet. Immer ganz normal. Der böse Torjaner ändert nur immer die Startseite, wenn ich den IE benutze, oder auch Firefox! Im Startmenü vermisse ich nichts, schaut soweit alles normal aus. Es kommt nur immer eine Meldung, dass versucht wurde die Startseite zu ändern, rechts unten als Pop-Up. Bevor ich den IE gestartet habe. lg |
06.06.2012, 14:36 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start wininit.exe userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT
__________________ --> Hijack.StartPage und startsear.ch / wie entfernen?? |
07.06.2012, 12:44 | #7 |
| Hijack.StartPage und startsear.ch / wie entfernen?? Bekomme eine Fehlermeldung: "List index out of bounds(21)" ?! |
07.06.2012, 15:17 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Bitte nochmal probieren, notfall im abgesicherten Modus
__________________ Logfiles bitte immer in CODE-Tags posten |
07.06.2012, 16:39 | #9 |
| Hijack.StartPage und startsear.ch / wie entfernen?? Hat auf dem Desktop doch was abgelegt OTL Logfile: Code:
ATTFilter OTL logfile created on: 07.06.2012 13:51:16 - Run 1 OTL by OldTimer - Version 3.2.46.2 Folder = C:\Users\XXX\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,74 Gb Total Physical Memory | 1,84 Gb Available Physical Memory | 49,17% Memory free 7,48 Gb Paging File | 5,25 Gb Available in Paging File | 70,23% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,07 Gb Total Space | 339,43 Gb Free Space | 75,25% Space Free | Partition Type: NTFS Computer Name: XXX-PC | User Name: XXX | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.07 13:11:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe PRC - [2012.06.02 12:43:51 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe PRC - [2012.05.23 03:56:51 | 001,240,088 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2012.02.20 22:28:32 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe PRC - [2012.02.15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe PRC - [2012.01.24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe PRC - [2012.01.23 16:27:24 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012.01.12 00:10:50 | 000,132,608 | ---- | M] (Marx Softwareentwicklung - www.software4u.de) -- C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2011.01.13 21:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe PRC - [2010.09.24 11:21:20 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010.08.25 13:24:20 | 000,235,624 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe PRC - [2010.04.27 19:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2010.01.28 15:53:54 | 000,453,120 | R--- | M] () -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe PRC - [2009.12.29 17:35:50 | 000,083,456 | ---- | M] () -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe PRC - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ========== Modules (No Company Name) ========== MOD - [2012.05.26 11:14:16 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll MOD - [2012.05.26 11:05:10 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll MOD - [2012.05.26 11:04:47 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\79b487ba3d893f59ce7e697d06721dd0\System.Windows.Forms.ni.dll MOD - [2012.05.26 11:04:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\1dce8ad4aa93ed395af726c0e510846e\System.Drawing.ni.dll MOD - [2012.05.26 11:04:30 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll MOD - [2012.05.26 11:04:26 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll MOD - [2012.05.26 11:04:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll MOD - [2012.05.26 11:04:22 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll MOD - [2012.05.26 11:04:14 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll MOD - [2012.05.23 03:56:50 | 000,441,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppgooglenaclpluginchrome.dll MOD - [2012.05.23 03:56:49 | 003,922,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll MOD - [2012.05.23 03:55:35 | 000,553,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\libglesv2.dll MOD - [2012.05.23 03:55:33 | 000,117,784 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\libegl.dll MOD - [2012.05.23 03:55:24 | 000,134,696 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avutil-51.dll MOD - [2012.05.23 03:55:23 | 000,250,408 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avformat-54.dll MOD - [2012.05.23 03:55:21 | 002,375,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll MOD - [2012.05.23 03:06:23 | 008,743,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll MOD - [2012.02.15 18:56:52 | 000,147,784 | ---- | M] () -- C:\Program Files (x86)\Browsers Protector\regmon32.exe MOD - [2012.01.23 16:27:24 | 000,939,872 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012.01.12 00:10:50 | 000,308,224 | ---- | M] () -- C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IDeviceLib.dll MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011.01.13 21:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe MOD - [2011.01.13 21:37:50 | 000,079,168 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll MOD - [2011.01.13 21:37:26 | 000,075,072 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll MOD - [2011.01.13 21:37:24 | 000,111,936 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll MOD - [2011.01.13 21:37:20 | 000,121,152 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll MOD - [2011.01.13 21:37:18 | 000,128,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll MOD - [2011.01.13 21:37:14 | 000,234,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll MOD - [2011.01.13 21:36:50 | 001,123,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\libxml2.dll MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.09.24 11:21:20 | 000,727,664 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe MOD - [2010.08.26 02:43:00 | 000,010,856 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2010.11.20 15:26:50 | 000,084,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\Mcx2Svc.dll -- (Mcx2Svc) SRV:64bit: - [2009.07.14 03:41:27 | 000,097,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess) SRV - [2012.06.03 15:44:16 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010.11.29 11:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R) SRV - [2010.10.28 12:14:30 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ) SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.08.25 13:24:20 | 000,235,624 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2010.05.04 12:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.05 11:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2010.03.05 11:07:58 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2010.03.05 11:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.01.28 15:53:54 | 000,453,120 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe -- (WMCoreService) SRV - [2009.12.29 17:35:50 | 000,083,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe -- (NvtlService) SRV - [2009.11.17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters) SRV - [2009.11.02 13:48:18 | 000,126,352 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2009.07.14 03:15:41 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2011.10.07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2011.09.13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011.08.19 17:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AnyDVD.sys -- (AnyDVD) DRV:64bit: - [2011.08.08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011.07.11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011.07.11 01:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV:64bit: - [2011.07.11 01:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV:64bit: - [2011.07.11 01:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:26:11 | 000,328,192 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs) DRV:64bit: - [2010.08.26 02:43:00 | 000,024,680 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010.08.24 19:29:32 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2010.08.24 19:29:10 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2010.08.20 12:05:18 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010.08.20 12:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2010.07.28 15:10:40 | 010,610,400 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.07.02 02:46:58 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt) DRV:64bit: - [2010.06.23 10:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.06.22 04:37:38 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA) DRV:64bit: - [2010.06.21 03:45:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.06.18 11:38:06 | 000,039,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd) DRV:64bit: - [2010.05.31 13:05:06 | 007,689,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R) DRV:64bit: - [2010.04.27 18:30:52 | 000,184,968 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.04.27 18:29:54 | 000,083,080 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.03.26 16:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.02.26 17:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2009.11.02 13:48:02 | 000,013,784 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2009.08.28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,024,144 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\crcdisk.sys -- (crcdisk) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl) DRV:64bit: - [2009.07.14 01:19:47 | 000,092,160 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2006.11.01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011.08.19 17:01:33 | 000,138,872 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\AnyDVD.sys -- (AnyDVD) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/ IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D EA CF E0 E9 9A CB 01 [binary data] IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}: "URL" = hxxp://isearch.avg.com/search?cid={8576F1D3-6958-45D7-B43C-B451BE5E5C56}&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=en&ds=AVG&pr=fr&d=2011-10-26 01:24:32&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=DC196B61-45E2-4F2C-8091-CAD20F1B207A&apn_sauid=43FC34C4-08F2-4455-A247-C4BB683A7AA2 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q=" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012.01.31 22:20:52 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012.01.23 16:27:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.06.02 12:44:17 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.02 12:43:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.06.03 14:08:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.06.02 12:43:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ [2011.12.24 09:37:53 | 000,000,000 | ---D | M] [2011.02.07 23:26:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Extensions [2011.02.07 23:26:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.06.03 14:32:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions [2012.06.03 14:32:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} [2011.01.05 00:38:27 | 000,000,000 | ---D | M] (New Tab Homepage) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467} [2012.01.09 20:49:03 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012.01.23 17:20:04 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2011.01.05 00:38:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011.04.09 13:02:29 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com [2011.07.29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml [2012.03.24 19:46:35 | 000,000,792 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml [2012.03.24 19:46:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.03.24 19:46:45 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{5e8788a9-beec-1623-5854-c8887c6bff97} [2011.03.09 21:03:47 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012.01.31 22:20:52 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4 [2012.01.23 16:27:30 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\10.0.0.7 [2012.06.02 12:44:17 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2012.06.03 14:03:52 | 000,084,697 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI [2012.01.09 20:49:03 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2012.02.06 22:04:02 | 000,044,883 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI [2011.08.29 20:32:26 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\CRANK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ZUXG5VAH.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI [2012.02.06 22:04:01 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.11.10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.06.02 12:44:02 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012.02.06 22:03:58 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.01.23 16:27:24 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.02.06 22:03:58 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.06 22:03:58 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.06 22:03:58 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.06 22:03:58 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.06 22:03:58 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}, CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.52\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\bildoibdboopgomcbiplincneeicgipj\1.3_0\chvsharetvplg.dll CHR - plugin: StartSearch Video plug-in (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\ CHR - Extension: AVG Safe Search = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\ CHR - Extension: Skype Extension = C:\Users\Crank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.0.0.6907_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll () O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll () O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3:64bit: - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll () O3 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll () O3 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.) O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.) O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Browsers Protector] C:\Program Files (x86)\Browsers Protector\regmon32.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [iDevice Manager Launcher] C:\Program Files (x86)\Software4u\iDevice Manager\Software4u.IPELauncher.exe (Marx Softwareentwicklung - www.software4u.de) O4 - HKU\S-1-5-21-48129393-636560758-4197299864-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Key error.) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{700177AE-DB7B-45B0-94A6-AFCF97A716B0}: DhcpNameServer = 192.168.2.1 192.168.2.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll () O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll () O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll () O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.07 13:11:15 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe [2012.06.06 00:22:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.06.03 15:32:58 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Roaming\Malwarebytes [2012.06.03 15:32:50 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.03 15:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.03 14:10:27 | 009,491,560 | ---- | C] (McAfee Inc.) -- C:\Users\Crank\Desktop\stinger(1).exe [2012.06.02 20:15:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2012.06.02 14:42:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec [2012.06.02 14:42:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan [2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64 [2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan [2012.06.02 14:42:12 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0305030.001 [2012.06.02 14:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2012.06.02 14:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2012.06.02 14:42:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2012.06.02 12:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2012.06.02 12:43:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012.06.02 12:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2012.06.02 12:42:43 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\Real [2012.05.10 23:05:27 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\{EA7F49F7-7857-4ADB-8562-A6E5C1766F91} [2012.05.10 23:05:15 | 000,000,000 | ---D | C] -- C:\Users\Crank\AppData\Local\{52CF112B-B45D-435F-BE51-E88101DA3FB8} [2012.05.10 22:46:59 | 000,000,000 | ---D | C] -- C:\Windows\de [2012.05.10 22:45:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2012.05.10 22:44:39 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.07 13:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.07 13:23:06 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2012.06.07 13:11:17 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Crank\Desktop\OTL.exe [2012.06.07 13:09:16 | 000,020,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.07 13:09:16 | 000,020,560 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.07 13:07:45 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.07 13:06:02 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.07 13:06:02 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.07 13:06:02 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.07 13:06:02 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.07 13:06:02 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.07 13:05:23 | 099,938,241 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012.06.07 13:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.07 13:01:07 | 3010,695,168 | -HS- | M] () -- C:\hiberfil.sys [2012.06.06 00:56:07 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.04 23:32:14 | 000,000,039 | RH-- | M] () -- C:\Users\Crank\Desktop\stinger(1).opt [2012.06.04 20:08:42 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys [2012.06.03 18:33:24 | 000,000,448 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Crank.job [2012.06.03 16:05:06 | 000,014,772 | ---- | M] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-33-25).pdf [2012.06.03 16:04:45 | 000,014,300 | ---- | M] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-42-04).pdf [2012.06.03 15:32:50 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.03 14:10:28 | 009,491,560 | ---- | M] (McAfee Inc.) -- C:\Users\Crank\Desktop\stinger(1).exe [2012.06.03 14:10:16 | 000,000,039 | RH-- | M] () -- C:\Users\Crank\Desktop\stinger.opt [2012.06.03 14:03:02 | 000,001,245 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf [2012.06.02 14:42:14 | 000,001,295 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2012.06.02 12:44:26 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012.06.02 12:43:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2012.05.28 19:53:59 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2012.05.26 11:03:28 | 000,289,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.05.10 22:54:03 | 000,015,537 | ---- | M] () -- C:\Users\Crank\Documents\Barmenia - Zusatz - Zahn - Kostenerstattung 05_2012.odt [2012.05.10 22:48:48 | 000,015,027 | ---- | M] () -- C:\Users\Crank\Documents\BRIEFVORLAGE.odt [12 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.04 23:32:14 | 000,000,039 | RH-- | C] () -- C:\Users\Crank\Desktop\stinger(1).opt [2012.06.03 16:05:09 | 000,014,772 | ---- | C] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-33-25).pdf [2012.06.03 16:04:49 | 000,014,300 | ---- | C] () -- C:\Users\Crank\Documents\mbam-log-2012-06-03 (15-42-04).pdf [2012.06.03 15:32:50 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.03 15:21:41 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.02 14:42:15 | 000,000,448 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Crank.job [2012.06.02 14:42:14 | 000,001,295 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk [2012.06.02 14:42:12 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0305030.001\isolate.ini [2012.06.02 12:44:26 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk [2012.05.10 22:49:27 | 000,015,537 | ---- | C] () -- C:\Users\Crank\Documents\Barmenia - Zusatz - Zahn - Kostenerstattung 05_2012.odt [2012.05.10 22:45:55 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2012.05.10 22:45:40 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2012.05.10 22:45:26 | 000,001,450 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2012.05.10 22:45:13 | 000,002,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2012.03.24 19:46:47 | 000,075,045 | ---- | C] () -- C:\Windows\SysWow64\a142f42c.exe [2011.08.29 20:47:37 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib [2011.02.07 23:26:45 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.01.25 23:40:41 | 000,007,736 | ---- | C] () -- C:\Windows\cdplayer.ini [2011.01.10 22:07:03 | 000,017,408 | ---- | C] () -- C:\Users\Crank\AppData\Local\WebpageIcons.db [2011.01.10 22:04:42 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll [2011.01.10 22:04:42 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll [2011.01.10 22:04:42 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll [2011.01.04 23:43:23 | 000,099,548 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2010.12.14 21:26:03 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.08.25 20:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.08.25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.08.25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll ========== LOP Check ========== [2011.10.30 21:23:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Amazon [2011.10.26 01:23:42 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\AVG2012 [2011.09.01 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canneverbe Limited [2011.01.14 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canon [2011.01.10 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\concept design [2012.02.13 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\digital publishing [2011.05.10 09:28:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DiskAid [2012.03.24 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoft [2011.01.05 00:38:05 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers [2012.03.19 16:21:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\elsterformular [2011.03.21 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\IrfanView [2011.12.21 20:16:25 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Jens Lorek [2010.12.27 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Leadertech [2012.01.23 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\My Games [2010.12.15 21:08:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\OpenOffice.org [2010.12.15 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PCDr [2012.01.24 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PhotoScape [2012.01.24 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\redsn0w [2012.05.28 09:56:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Software4u [2011.02.07 23:26:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Thunderbird [2010.12.16 14:14:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Windows Live Writer [2012.05.28 19:53:59 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2012.01.02 22:47:20 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012.06.07 13:23:06 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.12.18 15:33:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Adobe [2011.10.30 21:23:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Amazon [2011.12.04 00:10:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Apple Computer [2011.10.26 01:23:42 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\AVG2012 [2011.09.01 22:15:16 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canneverbe Limited [2011.01.14 19:35:01 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Canon [2011.01.10 22:17:50 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\concept design [2011.05.26 23:47:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Dell [2012.02.13 18:12:15 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\digital publishing [2011.05.10 09:28:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DiskAid [2012.03.24 20:50:56 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoft [2011.01.05 00:38:05 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\DVDVideoSoftIEHelpers [2012.03.19 16:21:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\elsterformular [2010.12.13 18:43:52 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Identities [2010.12.13 18:58:10 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\InstallShield [2010.12.14 07:42:38 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Intel [2010.12.13 18:59:46 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Intel Corporation [2011.03.21 14:02:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\IrfanView [2011.12.21 20:16:25 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Jens Lorek [2010.12.27 20:31:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Leadertech [2010.12.27 20:30:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Logishrd [2010.12.27 20:31:32 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Logitech [2010.12.14 08:31:21 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Macromedia [2012.06.03 15:32:58 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Malwarebytes [2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Media Center Programs [2011.02.07 23:07:29 | 000,000,000 | --SD | M] -- C:\Users\Crank\AppData\Roaming\Microsoft [2010.12.13 19:31:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Mozilla [2012.01.23 18:14:00 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\My Games [2010.12.15 21:08:41 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\OpenOffice.org [2010.12.15 21:29:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PCDr [2012.01.24 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\PhotoScape [2012.06.02 12:44:40 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Real [2012.01.24 18:58:28 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\redsn0w [2010.12.13 20:14:18 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Roxio Log Files [2012.02.15 14:47:07 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Skype [2012.02.15 13:08:08 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\skypePM [2012.05.28 09:56:26 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Software4u [2011.02.07 23:26:45 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Thunderbird [2011.01.10 19:57:44 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\vlc [2010.12.16 14:14:37 | 000,000,000 | ---D | M] -- C:\Users\Crank\AppData\Roaming\Windows Live Writer < %APPDATA%\*.exe /s > [2011.02.26 12:59:09 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Crank\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2012.05.26 09:17:38 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe [2012.05.26 12:18:08 | 028,087,744 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_data\RealPlayer_de.exe [2012.05.26 12:17:45 | 000,693,504 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Crank\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.10\stub_exe\RealPlayer_de.exe < %SYSTEMDRIVE%\*.exe > [2007.11.07 09:44:20 | 000,855,040 | ---- | M] (Microsoft Corporation) -- C:\install.exe < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20575_none_39c1885e54505643\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2010.03.03 20:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\dell\drivers\R263958\f6flpy-x86\iaStor.sys [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\dell\drivers\R263958\f6flpy-x64\iaStor.sys [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ] < End of report > |
07.06.2012, 20:47 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms} IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8D EA CF E0 E9 9A CB 01 [binary data] IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll (Conduit Ltd.) IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}: "URL" = http://isearch.avg.com/search?cid={8576F1D3-6958-45D7-B43C-B451BE5E5C56}&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&lang=en&ds=AVG&pr=fr&d=2011-10-26 01:24:32&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^DE&apn_uid=DC196B61-45E2-4F2C-8091-CAD20F1B207A&apn_sauid=43FC34C4-08F2-4455-A247-C4BB683A7AA2 IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://startsear.ch/?aff=1&src=sp&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3&q={searchTerms} IE - HKU\S-1-5-21-48129393-636560758-4197299864-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 FF - prefs.js..browser.startup.homepage: "http://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3" FF - prefs.js..browser.search.order.1: "Web Search" FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q=" FF - prefs.js..browser.search.defaultenginename: "Web Search" FF - user.js - File not found [2012.01.09 20:49:03 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2011.04.09 13:02:29 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com [2011.07.29 23:02:18 | 000,002,333 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml [2012.03.24 19:46:35 | 000,000,792 | ---- | M] () -- C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autoRcd.exe O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell - "" = AutoRun O33 - MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\Shell\AutoRun\command - "" = E:\AutoRun.exe :Files C:\Windows\SysWow64\a142f42c.exe :Commands [purity] [emptytemp] [emptyflash] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
07.06.2012, 21:27 | #11 |
| Hijack.StartPage und startsear.ch / wie entfernen?? hm.... offensichtlich hat alles gefunzt. Allerdings ging nach dem Neustart wieder dieses Pop-Up rechts unten auf, dass versucht wurde, die Startseite zu ändern... Habe seit Eröffnung dieses Themas den IE nicht wieder gestartet... Arbeite momentan nur mit Chrome. Code:
ATTFilter All processes killed ========== OTL ========== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully! HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully. C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully! HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache AcceptLangs| /E : value set successfully! HKU\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. File C:\Program Files (x86)\DVDVideoSoftTB\tbDVD0.dll not found. HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41F9AD21-C90D-43BC-8A23-9FEE4FD5CAA7}\ not found. Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{893E3B0B-F2E3-4AE3-BF77-D2809CE64E95}\ not found. Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found. Registry key HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Prefs.js: "hxxp://startsear.ch/?aff=1&cf=43efe122-75d9-11e1-bdfb-f04da25ee1b3" removed from browser.startup.homepage Prefs.js: "Web Search" removed from browser.search.order.1 Prefs.js: "hxxp://isearch.avg.com/search?cid=%7Be9e096c3-a1ef-4651-906e-16dd0e7b503e%7D&mid=bd552dcb3f1147d68e902104e4ba0840-b602d594afd2b0b327e07a06f36ca6a7e42546d0&ds=AVG&v=10.0.0.7&lang=en&pr=fr&d=2011-10-26%2001%3A24%3A32&sap=ku&q=" removed from keyword.URL Prefs.js: "Web Search" removed from browser.search.defaultenginename C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\searchplugin folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\modules folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\META-INF folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\defaults folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\chrome folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\searchplugin folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\META-INF folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\lib folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\DualPackage folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\defaults folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\components folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com\chrome folder moved successfully. C:\Users\Crank\AppData\Roaming\mozilla\Firefox\Profiles\zuxg5vah.default\extensions\engine@conduit.com folder moved successfully. C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\askcom.xml moved successfully. C:\Users\Crank\AppData\Roaming\Mozilla\Firefox\Profiles\zuxg5vah.default\searchplugins\startsear.xml moved successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully. Registry value HKEY_USERS\S-1-5-21-48129393-636560758-4197299864-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c3234fa-5926-11e0-99c5-f04da25ee1b3}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2c323500-5926-11e0-99c5-f04da25ee1b3}\ not found. File E:\AutoRun.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{49e46911-06d7-11e0-9dd2-806e6f6e6963}\ not found. File D:\autoRcd.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3defa78-7597-11e0-8e5b-f04da25ee1b3}\ not found. File E:\AutoRun.exe not found. ========== FILES ========== C:\Windows\SysWow64\a142f42c.exe moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: AppData User: Crank ->Temp folder emptied: 187695 bytes ->Temporary Internet Files folder emptied: 12168318 bytes ->Java cache emptied: 4466439 bytes ->FireFox cache emptied: 44974267 bytes ->Google Chrome cache emptied: 404567034 bytes ->Flash cache emptied: 3111 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 7822944 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1010 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes RecycleBin emptied: 23582 bytes Total Files Cleaned = 452,00 mb [EMPTYFLASH] User: All Users User: AppData User: Crank ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public User: UpdatusUser Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.46.2 log created on 06072012_221852 Files\Folders moved on Reboot... C:\Users\Crank\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... |
07.06.2012, 22:05 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen?? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
10.06.2012, 15:48 | #13 |
| Hijack.StartPage und startsear.ch / wie entfernen?? So, weiter gehts: Code:
ATTFilter 16:43:18.0404 3824 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 16:43:18.0638 3824 ============================================================ 16:43:18.0638 3824 Current date / time: 2012/06/10 16:43:18.0638 16:43:18.0638 3824 SystemInfo: 16:43:18.0638 3824 16:43:18.0638 3824 OS Version: 6.1.7601 ServicePack: 1.0 16:43:18.0638 3824 Product type: Workstation 16:43:18.0638 3824 ComputerName: XXX-PC 16:43:18.0638 3824 UserName: XXX 16:43:18.0638 3824 Windows directory: C:\Windows 16:43:18.0638 3824 System windows directory: C:\Windows 16:43:18.0638 3824 Running under WOW64 16:43:18.0638 3824 Processor architecture: Intel x64 16:43:18.0638 3824 Number of processors: 4 16:43:18.0638 3824 Page size: 0x1000 16:43:18.0638 3824 Boot type: Normal boot 16:43:18.0638 3824 ============================================================ 16:43:19.0059 3824 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:43:19.0059 3824 ============================================================ 16:43:19.0059 3824 \Device\Harddisk0\DR0: 16:43:19.0059 3824 MBR partitions: 16:43:19.0059 3824 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000 16:43:19.0059 3824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625800 16:43:19.0059 3824 ============================================================ 16:43:19.0074 3824 C: <-> \Device\Harddisk0\DR0\Partition1 16:43:19.0074 3824 ============================================================ 16:43:19.0074 3824 Initialize success 16:43:19.0074 3824 ============================================================ 16:43:52.0232 4888 ============================================================ 16:43:52.0232 4888 Scan started 16:43:52.0232 4888 Mode: Manual; SigCheck; TDLFS; 16:43:52.0232 4888 ============================================================ 16:43:52.0529 4888 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 16:43:52.0700 4888 1394ohci - ok 16:43:52.0747 4888 Acceler (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys 16:43:52.0794 4888 Acceler - ok 16:43:52.0841 4888 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 16:43:52.0872 4888 ACPI - ok 16:43:52.0888 4888 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 16:43:52.0981 4888 AcpiPmi - ok 16:43:53.0137 4888 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:43:53.0137 4888 AdobeARMservice - ok 16:43:53.0246 4888 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:43:53.0262 4888 AdobeFlashPlayerUpdateSvc - ok 16:43:53.0324 4888 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 16:43:53.0356 4888 adp94xx - ok 16:43:53.0387 4888 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 16:43:53.0418 4888 adpahci - ok 16:43:53.0434 4888 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 16:43:53.0449 4888 adpu320 - ok 16:43:53.0480 4888 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 16:43:53.0605 4888 AeLookupSvc - ok 16:43:53.0668 4888 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 16:43:53.0668 4888 AERTFilters - ok 16:43:53.0730 4888 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 16:43:53.0808 4888 AFD - ok 16:43:53.0855 4888 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 16:43:53.0870 4888 agp440 - ok 16:43:53.0902 4888 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 16:43:53.0980 4888 ALG - ok 16:43:54.0011 4888 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 16:43:54.0026 4888 aliide - ok 16:43:54.0073 4888 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 16:43:54.0089 4888 amdide - ok 16:43:54.0136 4888 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 16:43:54.0198 4888 AmdK8 - ok 16:43:54.0229 4888 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 16:43:54.0245 4888 AmdPPM - ok 16:43:54.0292 4888 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 16:43:54.0323 4888 amdsata - ok 16:43:54.0370 4888 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 16:43:54.0401 4888 amdsbs - ok 16:43:54.0432 4888 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 16:43:54.0448 4888 amdxata - ok 16:43:54.0526 4888 AnyDVD (2c4a05fcef72ef614dcd11d0872498c9) C:\Windows\system32\Drivers\AnyDVD.sys 16:43:54.0541 4888 AnyDVD - ok 16:43:54.0588 4888 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 16:43:54.0775 4888 AppID - ok 16:43:54.0806 4888 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 16:43:54.0900 4888 AppIDSvc - ok 16:43:54.0931 4888 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 16:43:54.0994 4888 Appinfo - ok 16:43:55.0134 4888 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 16:43:55.0150 4888 Apple Mobile Device - ok 16:43:55.0196 4888 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 16:43:55.0196 4888 arc - ok 16:43:55.0212 4888 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 16:43:55.0228 4888 arcsas - ok 16:43:55.0259 4888 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 16:43:55.0337 4888 AsyncMac - ok 16:43:55.0384 4888 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 16:43:55.0399 4888 atapi - ok 16:43:55.0477 4888 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 16:43:55.0602 4888 AudioEndpointBuilder - ok 16:43:55.0602 4888 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 16:43:55.0649 4888 AudioSrv - ok 16:43:55.0976 4888 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 16:43:56.0039 4888 AVGIDSAgent - ok 16:43:56.0164 4888 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 16:43:56.0179 4888 AVGIDSDriver - ok 16:43:56.0210 4888 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 16:43:56.0226 4888 AVGIDSEH - ok 16:43:56.0242 4888 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 16:43:56.0257 4888 AVGIDSFilter - ok 16:43:56.0288 4888 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 16:43:56.0320 4888 Avgldx64 - ok 16:43:56.0351 4888 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 16:43:56.0366 4888 Avgmfx64 - ok 16:43:56.0398 4888 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 16:43:56.0413 4888 Avgrkx64 - ok 16:43:56.0460 4888 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 16:43:56.0491 4888 Avgtdia - ok 16:43:56.0585 4888 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 16:43:56.0616 4888 avgwd - ok 16:43:56.0678 4888 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 16:43:56.0803 4888 AxInstSV - ok 16:43:56.0850 4888 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 16:43:56.0912 4888 b06bdrv - ok 16:43:56.0959 4888 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 16:43:57.0022 4888 b57nd60a - ok 16:43:57.0131 4888 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 16:43:57.0162 4888 BBSvc - ok 16:43:57.0209 4888 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 16:43:57.0271 4888 BDESVC - ok 16:43:57.0302 4888 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 16:43:57.0380 4888 Beep - ok 16:43:57.0474 4888 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 16:43:57.0552 4888 BFE - ok 16:43:57.0614 4888 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 16:43:57.0724 4888 BITS - ok 16:43:57.0786 4888 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 16:43:57.0817 4888 blbdrive - ok 16:43:57.0926 4888 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 16:43:57.0958 4888 Bonjour Service - ok 16:43:58.0020 4888 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 16:43:58.0051 4888 bowser - ok 16:43:58.0082 4888 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 16:43:58.0145 4888 BrFiltLo - ok 16:43:58.0160 4888 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 16:43:58.0176 4888 BrFiltUp - ok 16:43:58.0223 4888 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 16:43:58.0316 4888 Browser - ok 16:43:58.0332 4888 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 16:43:58.0394 4888 Brserid - ok 16:43:58.0410 4888 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 16:43:58.0441 4888 BrSerWdm - ok 16:43:58.0457 4888 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 16:43:58.0472 4888 BrUsbMdm - ok 16:43:58.0488 4888 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 16:43:58.0504 4888 BrUsbSer - ok 16:43:58.0582 4888 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 16:43:58.0644 4888 BthEnum - ok 16:43:58.0644 4888 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 16:43:58.0691 4888 BTHMODEM - ok 16:43:58.0753 4888 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 16:43:58.0800 4888 BthPan - ok 16:43:58.0894 4888 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 16:43:58.0956 4888 BTHPORT - ok 16:43:58.0987 4888 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 16:43:59.0050 4888 bthserv - ok 16:43:59.0081 4888 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 16:43:59.0112 4888 BTHUSB - ok 16:43:59.0159 4888 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 16:43:59.0221 4888 cdfs - ok 16:43:59.0284 4888 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 16:43:59.0315 4888 cdrom - ok 16:43:59.0377 4888 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 16:43:59.0440 4888 CertPropSvc - ok 16:43:59.0486 4888 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 16:43:59.0502 4888 circlass - ok 16:43:59.0533 4888 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 16:43:59.0580 4888 CLFS - ok 16:43:59.0627 4888 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:43:59.0658 4888 clr_optimization_v2.0.50727_32 - ok 16:43:59.0720 4888 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:43:59.0736 4888 clr_optimization_v2.0.50727_64 - ok 16:43:59.0783 4888 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:43:59.0798 4888 clr_optimization_v4.0.30319_32 - ok 16:43:59.0830 4888 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:43:59.0861 4888 clr_optimization_v4.0.30319_64 - ok 16:43:59.0876 4888 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 16:43:59.0923 4888 CmBatt - ok 16:43:59.0970 4888 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 16:43:59.0986 4888 cmdide - ok 16:44:00.0032 4888 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 16:44:00.0064 4888 CNG - ok 16:44:00.0095 4888 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 16:44:00.0110 4888 Compbatt - ok 16:44:00.0142 4888 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 16:44:00.0173 4888 CompositeBus - ok 16:44:00.0188 4888 COMSysApp - ok 16:44:00.0188 4888 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 16:44:00.0204 4888 crcdisk - ok 16:44:00.0266 4888 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 16:44:00.0344 4888 CryptSvc - ok 16:44:00.0407 4888 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 16:44:00.0469 4888 DcomLaunch - ok 16:44:00.0516 4888 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 16:44:00.0594 4888 defragsvc - ok 16:44:00.0625 4888 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 16:44:00.0703 4888 DfsC - ok 16:44:00.0750 4888 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 16:44:00.0812 4888 Dhcp - ok 16:44:00.0844 4888 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 16:44:00.0875 4888 discache - ok 16:44:00.0906 4888 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 16:44:00.0922 4888 Disk - ok 16:44:00.0968 4888 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 16:44:01.0031 4888 Dnscache - ok 16:44:01.0078 4888 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 16:44:01.0187 4888 dot3svc - ok 16:44:01.0234 4888 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 16:44:01.0312 4888 DPS - ok 16:44:01.0343 4888 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 16:44:01.0390 4888 drmkaud - ok 16:44:01.0468 4888 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 16:44:01.0514 4888 DXGKrnl - ok 16:44:01.0561 4888 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 16:44:01.0639 4888 EapHost - ok 16:44:01.0858 4888 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 16:44:01.0951 4888 ebdrv - ok 16:44:02.0045 4888 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 16:44:02.0107 4888 EFS - ok 16:44:02.0201 4888 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 16:44:02.0294 4888 ehRecvr - ok 16:44:02.0326 4888 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 16:44:02.0388 4888 ehSched - ok 16:44:02.0450 4888 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 16:44:02.0466 4888 ElbyCDIO - ok 16:44:02.0528 4888 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 16:44:02.0575 4888 elxstor - ok 16:44:02.0606 4888 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 16:44:02.0638 4888 ErrDev - ok 16:44:02.0700 4888 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 16:44:02.0762 4888 EventSystem - ok 16:44:02.0903 4888 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 16:44:02.0981 4888 EvtEng - ok 16:44:03.0059 4888 ewusbnet - ok 16:44:03.0106 4888 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 16:44:03.0184 4888 exfat - ok 16:44:03.0215 4888 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 16:44:03.0277 4888 fastfat - ok 16:44:03.0355 4888 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 16:44:03.0418 4888 Fax - ok 16:44:03.0433 4888 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 16:44:03.0464 4888 fdc - ok 16:44:03.0480 4888 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 16:44:03.0542 4888 fdPHost - ok 16:44:03.0589 4888 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 16:44:03.0652 4888 FDResPub - ok 16:44:03.0698 4888 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 16:44:03.0730 4888 FileInfo - ok 16:44:03.0730 4888 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 16:44:03.0792 4888 Filetrace - ok 16:44:03.0823 4888 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 16:44:03.0870 4888 flpydisk - ok 16:44:03.0917 4888 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 16:44:03.0948 4888 FltMgr - ok 16:44:04.0026 4888 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 16:44:04.0120 4888 FontCache - ok 16:44:04.0182 4888 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:44:04.0198 4888 FontCache3.0.0.0 - ok 16:44:04.0244 4888 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 16:44:04.0260 4888 FsDepends - ok 16:44:04.0322 4888 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 16:44:04.0338 4888 fssfltr - ok 16:44:04.0494 4888 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 16:44:04.0556 4888 fsssvc - ok 16:44:04.0666 4888 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 16:44:04.0681 4888 Fs_Rec - ok 16:44:04.0728 4888 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 16:44:04.0775 4888 fvevol - ok 16:44:04.0790 4888 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 16:44:04.0806 4888 gagp30kx - ok 16:44:04.0837 4888 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 16:44:04.0853 4888 GEARAspiWDM - ok 16:44:04.0915 4888 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 16:44:05.0024 4888 gpsvc - ok 16:44:05.0165 4888 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:44:05.0180 4888 gupdate - ok 16:44:05.0212 4888 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:44:05.0212 4888 gupdatem - ok 16:44:05.0258 4888 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 16:44:05.0274 4888 gusvc - ok 16:44:05.0321 4888 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 16:44:05.0383 4888 hcw85cir - ok 16:44:05.0430 4888 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 16:44:05.0477 4888 HdAudAddService - ok 16:44:05.0539 4888 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 16:44:05.0602 4888 HDAudBus - ok 16:44:05.0602 4888 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 16:44:05.0633 4888 HidBatt - ok 16:44:05.0664 4888 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 16:44:05.0726 4888 HidBth - ok 16:44:05.0742 4888 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 16:44:05.0773 4888 HidIr - ok 16:44:05.0804 4888 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 16:44:05.0867 4888 hidserv - ok 16:44:05.0882 4888 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 16:44:05.0898 4888 HidUsb - ok 16:44:05.0929 4888 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 16:44:06.0038 4888 hkmsvc - ok 16:44:06.0085 4888 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 16:44:06.0116 4888 HomeGroupListener - ok 16:44:06.0163 4888 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 16:44:06.0226 4888 HomeGroupProvider - ok 16:44:06.0288 4888 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 16:44:06.0304 4888 HpSAMD - ok 16:44:06.0413 4888 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 16:44:06.0522 4888 HTTP - ok 16:44:06.0569 4888 hwdatacard - ok 16:44:06.0584 4888 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 16:44:06.0600 4888 hwpolicy - ok 16:44:06.0616 4888 hwusbdev - ok 16:44:06.0647 4888 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 16:44:06.0662 4888 i8042prt - ok 16:44:06.0772 4888 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 16:44:06.0787 4888 iaStor - ok 16:44:06.0881 4888 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 16:44:06.0881 4888 IAStorDataMgrSvc - ok 16:44:06.0943 4888 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 16:44:06.0990 4888 iaStorV - ok 16:44:07.0115 4888 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:44:07.0162 4888 idsvc - ok 16:44:07.0739 4888 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys 16:44:08.0020 4888 igfx - ok 16:44:08.0129 4888 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 16:44:08.0144 4888 iirsp - ok 16:44:08.0254 4888 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 16:44:08.0285 4888 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning 16:44:08.0285 4888 IJPLMSVC - detected UnsignedFile.Multi.Generic (1) 16:44:08.0363 4888 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 16:44:08.0472 4888 IKEEXT - ok 16:44:08.0519 4888 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 16:44:08.0581 4888 Impcd - ok 16:44:08.0753 4888 IntcAzAudAddService (f61d360072b67f5667765a2534b672d6) C:\Windows\system32\drivers\RTKVHD64.sys 16:44:08.0800 4888 IntcAzAudAddService - ok 16:44:08.0924 4888 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys 16:44:08.0987 4888 IntcDAud - ok 16:44:09.0018 4888 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 16:44:09.0049 4888 intelide - ok 16:44:09.0080 4888 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 16:44:09.0127 4888 intelppm - ok 16:44:09.0158 4888 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 16:44:09.0221 4888 IPBusEnum - ok 16:44:09.0268 4888 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:44:09.0330 4888 IpFilterDriver - ok 16:44:09.0408 4888 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 16:44:09.0470 4888 iphlpsvc - ok 16:44:09.0502 4888 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 16:44:09.0533 4888 IPMIDRV - ok 16:44:09.0564 4888 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 16:44:09.0626 4888 IPNAT - ok 16:44:09.0767 4888 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 16:44:09.0782 4888 iPod Service - ok 16:44:09.0798 4888 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 16:44:09.0907 4888 IRENUM - ok 16:44:09.0938 4888 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 16:44:09.0954 4888 isapnp - ok 16:44:10.0001 4888 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 16:44:10.0032 4888 iScsiPrt - ok 16:44:10.0094 4888 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\Windows\system32\DRIVERS\jmcr.sys 16:44:10.0110 4888 JMCR - ok 16:44:10.0141 4888 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 16:44:10.0157 4888 kbdclass - ok 16:44:10.0172 4888 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 16:44:10.0204 4888 kbdhid - ok 16:44:10.0235 4888 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:44:10.0250 4888 KeyIso - ok 16:44:10.0250 4888 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 16:44:10.0266 4888 KSecDD - ok 16:44:10.0297 4888 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 16:44:10.0313 4888 KSecPkg - ok 16:44:10.0344 4888 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 16:44:10.0406 4888 ksthunk - ok 16:44:10.0453 4888 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 16:44:10.0547 4888 KtmRm - ok 16:44:10.0609 4888 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 16:44:10.0687 4888 LanmanServer - ok 16:44:10.0734 4888 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 16:44:10.0781 4888 LanmanWorkstation - ok 16:44:10.0890 4888 LBTServ (4adc135f525d38a498f83b089228cc2d) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 16:44:10.0921 4888 LBTServ - ok 16:44:10.0968 4888 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys 16:44:10.0984 4888 LHidFilt - ok 16:44:11.0015 4888 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 16:44:11.0062 4888 lltdio - ok 16:44:11.0093 4888 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 16:44:11.0186 4888 lltdsvc - ok 16:44:11.0218 4888 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 16:44:11.0264 4888 lmhosts - ok 16:44:11.0280 4888 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys 16:44:11.0296 4888 LMouFilt - ok 16:44:11.0327 4888 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 16:44:11.0342 4888 LSI_FC - ok 16:44:11.0374 4888 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 16:44:11.0389 4888 LSI_SAS - ok 16:44:11.0389 4888 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 16:44:11.0405 4888 LSI_SAS2 - ok 16:44:11.0420 4888 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 16:44:11.0436 4888 LSI_SCSI - ok 16:44:11.0467 4888 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 16:44:11.0514 4888 luafv - ok 16:44:11.0561 4888 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 16:44:11.0576 4888 MBAMProtector - ok 16:44:11.0701 4888 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 16:44:11.0732 4888 MBAMService - ok 16:44:11.0779 4888 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 16:44:11.0826 4888 Mcx2Svc - ok 16:44:11.0842 4888 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 16:44:11.0857 4888 megasas - ok 16:44:11.0904 4888 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 16:44:11.0951 4888 MegaSR - ok 16:44:11.0966 4888 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 16:44:12.0013 4888 MMCSS - ok 16:44:12.0029 4888 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 16:44:12.0060 4888 Modem - ok 16:44:12.0076 4888 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 16:44:12.0107 4888 monitor - ok 16:44:12.0154 4888 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 16:44:12.0185 4888 mouclass - ok 16:44:12.0216 4888 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 16:44:12.0232 4888 mouhid - ok 16:44:12.0263 4888 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 16:44:12.0278 4888 mountmgr - ok 16:44:12.0310 4888 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 16:44:12.0341 4888 mpio - ok 16:44:12.0356 4888 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 16:44:12.0403 4888 mpsdrv - ok 16:44:12.0481 4888 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 16:44:12.0575 4888 MpsSvc - ok 16:44:12.0622 4888 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 16:44:12.0668 4888 MRxDAV - ok 16:44:12.0700 4888 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 16:44:12.0762 4888 mrxsmb - ok 16:44:12.0793 4888 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:44:12.0840 4888 mrxsmb10 - ok 16:44:12.0887 4888 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:44:12.0902 4888 mrxsmb20 - ok 16:44:12.0934 4888 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 16:44:12.0934 4888 msahci - ok 16:44:12.0965 4888 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 16:44:12.0996 4888 msdsm - ok 16:44:13.0012 4888 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 16:44:13.0074 4888 MSDTC - ok 16:44:13.0105 4888 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 16:44:13.0152 4888 Msfs - ok 16:44:13.0168 4888 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 16:44:13.0214 4888 mshidkmdf - ok 16:44:13.0246 4888 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 16:44:13.0246 4888 msisadrv - ok 16:44:13.0292 4888 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 16:44:13.0386 4888 MSiSCSI - ok 16:44:13.0386 4888 msiserver - ok 16:44:13.0417 4888 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 16:44:13.0480 4888 MSKSSRV - ok 16:44:13.0511 4888 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 16:44:13.0558 4888 MSPCLOCK - ok 16:44:13.0558 4888 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 16:44:13.0620 4888 MSPQM - ok 16:44:13.0667 4888 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 16:44:13.0714 4888 MsRPC - ok 16:44:13.0729 4888 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 16:44:13.0745 4888 mssmbios - ok 16:44:13.0760 4888 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 16:44:13.0823 4888 MSTEE - ok 16:44:13.0854 4888 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 16:44:13.0854 4888 MTConfig - ok 16:44:13.0885 4888 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 16:44:13.0901 4888 Mup - ok 16:44:13.0994 4888 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 16:44:14.0026 4888 MyWiFiDHCPDNS - ok 16:44:14.0057 4888 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 16:44:14.0135 4888 napagent - ok 16:44:14.0197 4888 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 16:44:14.0260 4888 NativeWifiP - ok 16:44:14.0416 4888 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe 16:44:14.0447 4888 NAUpdate - ok 16:44:14.0540 4888 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 16:44:14.0587 4888 NDIS - ok 16:44:14.0603 4888 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 16:44:14.0634 4888 NdisCap - ok 16:44:14.0665 4888 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 16:44:14.0712 4888 NdisTapi - ok 16:44:14.0759 4888 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 16:44:14.0837 4888 Ndisuio - ok 16:44:14.0884 4888 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 16:44:14.0962 4888 NdisWan - ok 16:44:15.0008 4888 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 16:44:15.0086 4888 NDProxy - ok 16:44:15.0118 4888 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 16:44:15.0196 4888 NetBIOS - ok 16:44:15.0242 4888 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 16:44:15.0320 4888 NetBT - ok 16:44:15.0352 4888 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:44:15.0367 4888 Netlogon - ok 16:44:15.0430 4888 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 16:44:15.0523 4888 Netman - ok 16:44:15.0570 4888 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 16:44:15.0679 4888 netprofm - ok 16:44:15.0757 4888 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 16:44:15.0773 4888 NetTcpPortSharing - ok 16:44:16.0194 4888 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys 16:44:16.0412 4888 NETw5s64 - ok 16:44:16.0522 4888 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 16:44:16.0553 4888 nfrd960 - ok 16:44:16.0600 4888 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 16:44:16.0693 4888 NlaSvc - ok 16:44:16.0787 4888 nosGetPlusHelper (431ada51e9d032f533548688ce5a2a24) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll 16:44:16.0802 4888 nosGetPlusHelper - ok 16:44:16.0818 4888 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 16:44:16.0865 4888 Npfs - ok 16:44:16.0896 4888 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 16:44:16.0943 4888 nsi - ok 16:44:16.0974 4888 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 16:44:17.0021 4888 nsiproxy - ok 16:44:17.0146 4888 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 16:44:17.0224 4888 Ntfs - ok 16:44:17.0302 4888 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 16:44:17.0364 4888 Null - ok 16:44:17.0395 4888 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys 16:44:17.0411 4888 nusb3hub - ok 16:44:17.0426 4888 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys 16:44:17.0426 4888 nusb3xhc - ok 16:44:17.0473 4888 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys 16:44:17.0504 4888 NVHDA - ok 16:44:18.0144 4888 nvlddmkm (536d174cb5cd021906e6035f40993493) C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:44:18.0440 4888 nvlddmkm - ok 16:44:18.0550 4888 nvpciflt (1ca55b50dbf7559ecc4f0f036edc29ec) C:\Windows\system32\DRIVERS\nvpciflt.sys 16:44:18.0565 4888 nvpciflt - ok 16:44:18.0596 4888 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 16:44:18.0628 4888 nvraid - ok 16:44:18.0659 4888 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 16:44:18.0674 4888 nvstor - ok 16:44:18.0706 4888 nvsvc (2c800281a92d5ab221b54df2d8b1a27d) C:\Windows\system32\nvvsvc.exe 16:44:18.0737 4888 nvsvc - ok 16:44:18.0784 4888 NvtlService (2664f84dbb5904fef141b8d914a17c39) C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe 16:44:18.0815 4888 NvtlService ( UnsignedFile.Multi.Generic ) - warning 16:44:18.0815 4888 NvtlService - detected UnsignedFile.Multi.Generic (1) 16:44:18.0877 4888 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 16:44:18.0908 4888 nv_agp - ok 16:44:18.0940 4888 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 16:44:18.0971 4888 ohci1394 - ok 16:44:19.0002 4888 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 16:44:19.0080 4888 p2pimsvc - ok 16:44:19.0127 4888 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 16:44:19.0158 4888 p2psvc - ok 16:44:19.0189 4888 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 16:44:19.0205 4888 Parport - ok 16:44:19.0236 4888 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 16:44:19.0252 4888 partmgr - ok 16:44:19.0267 4888 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 16:44:19.0330 4888 PcaSvc - ok 16:44:19.0361 4888 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 16:44:19.0392 4888 pci - ok 16:44:19.0408 4888 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 16:44:19.0423 4888 pciide - ok 16:44:19.0439 4888 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 16:44:19.0470 4888 pcmcia - ok 16:44:19.0486 4888 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 16:44:19.0501 4888 pcw - ok 16:44:19.0548 4888 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 16:44:19.0657 4888 PEAUTH - ok 16:44:19.0751 4888 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 16:44:19.0798 4888 PerfHost - ok 16:44:19.0907 4888 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 16:44:20.0000 4888 pla - ok 16:44:20.0047 4888 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 16:44:20.0094 4888 PlugPlay - ok 16:44:20.0125 4888 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 16:44:20.0156 4888 PNRPAutoReg - ok 16:44:20.0188 4888 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 16:44:20.0203 4888 PNRPsvc - ok 16:44:20.0250 4888 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 16:44:20.0344 4888 PolicyAgent - ok 16:44:20.0375 4888 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 16:44:20.0437 4888 Power - ok 16:44:20.0515 4888 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 16:44:20.0593 4888 PptpMiniport - ok 16:44:20.0624 4888 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 16:44:20.0671 4888 Processor - ok 16:44:20.0718 4888 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 16:44:20.0796 4888 ProfSvc - ok 16:44:20.0827 4888 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:44:20.0843 4888 ProtectedStorage - ok 16:44:20.0890 4888 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 16:44:20.0952 4888 Psched - ok 16:44:20.0983 4888 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys 16:44:20.0983 4888 qicflt - ok 16:44:21.0077 4888 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 16:44:21.0139 4888 ql2300 - ok 16:44:21.0233 4888 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 16:44:21.0248 4888 ql40xx - ok 16:44:21.0295 4888 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 16:44:21.0358 4888 QWAVE - ok 16:44:21.0389 4888 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 16:44:21.0420 4888 QWAVEdrv - ok 16:44:21.0436 4888 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 16:44:21.0498 4888 RasAcd - ok 16:44:21.0529 4888 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 16:44:21.0560 4888 RasAgileVpn - ok 16:44:21.0592 4888 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 16:44:21.0654 4888 RasAuto - ok 16:44:21.0685 4888 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 16:44:21.0763 4888 Rasl2tp - ok 16:44:21.0826 4888 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 16:44:21.0904 4888 RasMan - ok 16:44:21.0919 4888 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 16:44:21.0950 4888 RasPppoe - ok 16:44:21.0982 4888 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 16:44:22.0044 4888 RasSstp - ok 16:44:22.0075 4888 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 16:44:22.0153 4888 rdbss - ok 16:44:22.0184 4888 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 16:44:22.0200 4888 rdpbus - ok 16:44:22.0216 4888 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 16:44:22.0294 4888 RDPCDD - ok 16:44:22.0325 4888 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 16:44:22.0403 4888 RDPENCDD - ok 16:44:22.0418 4888 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 16:44:22.0450 4888 RDPREFMP - ok 16:44:22.0481 4888 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 16:44:22.0528 4888 RDPWD - ok 16:44:22.0559 4888 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 16:44:22.0590 4888 rdyboost - ok 16:44:22.0730 4888 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 16:44:22.0777 4888 RegSrvc - ok 16:44:22.0808 4888 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 16:44:22.0886 4888 RemoteAccess - ok 16:44:22.0902 4888 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 16:44:22.0980 4888 RemoteRegistry - ok 16:44:23.0042 4888 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 16:44:23.0105 4888 RFCOMM - ok 16:44:23.0120 4888 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 16:44:23.0183 4888 RpcEptMapper - ok 16:44:23.0183 4888 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 16:44:23.0198 4888 RpcLocator - ok 16:44:23.0261 4888 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 16:44:23.0308 4888 RpcSs - ok 16:44:23.0339 4888 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 16:44:23.0401 4888 rspndr - ok 16:44:23.0448 4888 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys 16:44:23.0479 4888 RTL8167 - ok 16:44:23.0510 4888 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:44:23.0510 4888 SamSs - ok 16:44:23.0542 4888 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 16:44:23.0557 4888 sbp2port - ok 16:44:23.0588 4888 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 16:44:23.0651 4888 SCardSvr - ok 16:44:23.0682 4888 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 16:44:23.0744 4888 scfilter - ok 16:44:23.0838 4888 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 16:44:23.0916 4888 Schedule - ok 16:44:23.0947 4888 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 16:44:23.0978 4888 SCPolicySvc - ok 16:44:24.0025 4888 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 16:44:24.0088 4888 SDRSVC - ok 16:44:24.0212 4888 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 16:44:24.0244 4888 SeaPort - ok 16:44:24.0290 4888 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 16:44:24.0368 4888 secdrv - ok 16:44:24.0384 4888 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 16:44:24.0431 4888 seclogon - ok 16:44:24.0446 4888 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 16:44:24.0493 4888 SENS - ok 16:44:24.0509 4888 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 16:44:24.0540 4888 SensrSvc - ok 16:44:24.0556 4888 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 16:44:24.0571 4888 Serenum - ok 16:44:24.0587 4888 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 16:44:24.0618 4888 Serial - ok 16:44:24.0634 4888 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 16:44:24.0649 4888 sermouse - ok 16:44:24.0696 4888 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 16:44:24.0774 4888 SessionEnv - ok 16:44:24.0805 4888 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 16:44:24.0868 4888 sffdisk - ok 16:44:24.0883 4888 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 16:44:24.0914 4888 sffp_mmc - ok 16:44:24.0946 4888 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 16:44:24.0992 4888 sffp_sd - ok 16:44:25.0008 4888 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 16:44:25.0024 4888 sfloppy - ok 16:44:25.0070 4888 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 16:44:25.0148 4888 SharedAccess - ok 16:44:25.0211 4888 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 16:44:25.0304 4888 ShellHWDetection - ok 16:44:25.0336 4888 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 16:44:25.0336 4888 SiSRaid2 - ok 16:44:25.0351 4888 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 16:44:25.0367 4888 SiSRaid4 - ok 16:44:25.0398 4888 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 16:44:25.0445 4888 Smb - ok 16:44:25.0476 4888 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 16:44:25.0507 4888 SNMPTRAP - ok 16:44:25.0523 4888 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 16:44:25.0538 4888 spldr - ok 16:44:25.0585 4888 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 16:44:25.0648 4888 Spooler - ok 16:44:25.0850 4888 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 16:44:25.0976 4888 sppsvc - ok 16:44:26.0054 4888 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 16:44:26.0132 4888 sppuinotify - ok 16:44:26.0210 4888 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 16:44:26.0273 4888 srv - ok 16:44:26.0351 4888 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 16:44:26.0397 4888 srv2 - ok 16:44:26.0429 4888 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 16:44:26.0460 4888 srvnet - ok 16:44:26.0507 4888 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 16:44:26.0600 4888 SSDPSRV - ok 16:44:26.0616 4888 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 16:44:26.0663 4888 SstpSvc - ok 16:44:26.0678 4888 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys 16:44:26.0694 4888 stdcfltn - ok 16:44:26.0787 4888 Stereo Service (66f60d8a26b665ec9d8d2f07addef22d) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 16:44:26.0819 4888 Stereo Service - ok 16:44:26.0850 4888 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 16:44:26.0850 4888 stexstor - ok 16:44:26.0897 4888 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 16:44:26.0928 4888 StillCam - ok 16:44:26.0990 4888 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 16:44:27.0053 4888 stisvc - ok 16:44:27.0068 4888 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 16:44:27.0084 4888 swenum - ok 16:44:27.0115 4888 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 16:44:27.0209 4888 swprv - ok 16:44:27.0271 4888 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys 16:44:27.0287 4888 SynTP - ok 16:44:27.0411 4888 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 16:44:27.0505 4888 SysMain - ok 16:44:27.0630 4888 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 16:44:27.0661 4888 TabletInputService - ok 16:44:27.0708 4888 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 16:44:27.0801 4888 TapiSrv - ok 16:44:27.0833 4888 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 16:44:27.0911 4888 TBS - ok 16:44:28.0067 4888 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 16:44:28.0145 4888 Tcpip - ok 16:44:28.0347 4888 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 16:44:28.0379 4888 TCPIP6 - ok 16:44:28.0503 4888 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 16:44:28.0550 4888 tcpipreg - ok 16:44:28.0566 4888 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 16:44:28.0581 4888 TDPIPE - ok 16:44:28.0613 4888 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 16:44:28.0659 4888 TDTCP - ok 16:44:28.0706 4888 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 16:44:28.0784 4888 tdx - ok 16:44:28.0831 4888 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 16:44:28.0847 4888 TermDD - ok 16:44:28.0893 4888 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 16:44:28.0971 4888 TermService - ok 16:44:28.0987 4888 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 16:44:29.0003 4888 Themes - ok 16:44:29.0018 4888 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 16:44:29.0049 4888 THREADORDER - ok 16:44:29.0081 4888 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 16:44:29.0112 4888 TrkWks - ok 16:44:29.0159 4888 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 16:44:29.0237 4888 TrustedInstaller - ok 16:44:29.0268 4888 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 16:44:29.0299 4888 tssecsrv - ok 16:44:29.0346 4888 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 16:44:29.0377 4888 TsUsbFlt - ok 16:44:29.0439 4888 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 16:44:29.0517 4888 tunnel - ok 16:44:29.0564 4888 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys 16:44:29.0580 4888 TurboB - ok 16:44:29.0627 4888 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 16:44:29.0642 4888 TurboBoost - ok 16:44:29.0658 4888 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 16:44:29.0673 4888 uagp35 - ok 16:44:29.0720 4888 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 16:44:29.0814 4888 udfs - ok 16:44:29.0845 4888 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 16:44:29.0861 4888 UI0Detect - ok 16:44:29.0892 4888 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 16:44:29.0907 4888 uliagpkx - ok 16:44:29.0939 4888 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 16:44:29.0954 4888 umbus - ok 16:44:29.0970 4888 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 16:44:30.0001 4888 UmPass - ok 16:44:30.0032 4888 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 16:44:30.0126 4888 upnphost - ok 16:44:30.0173 4888 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 16:44:30.0235 4888 USBAAPL64 - ok 16:44:30.0266 4888 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 16:44:30.0329 4888 usbccgp - ok 16:44:30.0375 4888 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 16:44:30.0407 4888 usbcir - ok 16:44:30.0438 4888 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 16:44:30.0469 4888 usbehci - ok 16:44:30.0531 4888 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 16:44:30.0563 4888 usbhub - ok 16:44:30.0594 4888 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 16:44:30.0625 4888 usbohci - ok 16:44:30.0672 4888 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 16:44:30.0703 4888 usbprint - ok 16:44:30.0750 4888 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 16:44:30.0765 4888 usbscan - ok 16:44:30.0797 4888 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:44:30.0859 4888 USBSTOR - ok 16:44:30.0890 4888 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 16:44:30.0937 4888 usbuhci - ok 16:44:30.0984 4888 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 16:44:31.0031 4888 usbvideo - ok 16:44:31.0046 4888 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 16:44:31.0109 4888 UxSms - ok 16:44:31.0140 4888 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 16:44:31.0171 4888 VaultSvc - ok 16:44:31.0202 4888 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 16:44:31.0218 4888 vdrvroot - ok 16:44:31.0280 4888 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 16:44:31.0374 4888 vds - ok 16:44:31.0405 4888 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 16:44:31.0421 4888 vga - ok 16:44:31.0436 4888 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 16:44:31.0483 4888 VgaSave - ok 16:44:31.0514 4888 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 16:44:31.0545 4888 vhdmp - ok 16:44:31.0577 4888 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 16:44:31.0608 4888 viaide - ok 16:44:31.0639 4888 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 16:44:31.0655 4888 volmgr - ok 16:44:31.0701 4888 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 16:44:31.0733 4888 volmgrx - ok 16:44:31.0779 4888 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 16:44:31.0811 4888 volsnap - ok 16:44:31.0842 4888 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 16:44:31.0873 4888 vsmraid - ok 16:44:31.0983 4888 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 16:44:32.0092 4888 VSS - ok 16:44:32.0202 4888 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 16:44:32.0217 4888 vwifibus - ok 16:44:32.0233 4888 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 16:44:32.0248 4888 vwififlt - ok 16:44:32.0264 4888 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 16:44:32.0295 4888 vwifimp - ok 16:44:32.0326 4888 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 16:44:32.0389 4888 W32Time - ok 16:44:32.0404 4888 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 16:44:32.0436 4888 WacomPen - ok 16:44:32.0498 4888 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:44:32.0560 4888 WANARP - ok 16:44:32.0560 4888 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 16:44:32.0607 4888 Wanarpv6 - ok 16:44:32.0716 4888 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 16:44:32.0794 4888 wbengine - ok 16:44:32.0888 4888 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 16:44:32.0935 4888 WbioSrvc - ok 16:44:32.0997 4888 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 16:44:33.0060 4888 wcncsvc - ok 16:44:33.0091 4888 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 16:44:33.0122 4888 WcsPlugInService - ok 16:44:33.0153 4888 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 16:44:33.0169 4888 Wd - ok 16:44:33.0216 4888 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 16:44:33.0278 4888 Wdf01000 - ok 16:44:33.0294 4888 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 16:44:33.0372 4888 WdiServiceHost - ok 16:44:33.0372 4888 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 16:44:33.0403 4888 WdiSystemHost - ok 16:44:33.0434 4888 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys 16:44:33.0434 4888 wdkmd - ok 16:44:33.0481 4888 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 16:44:33.0543 4888 WebClient - ok 16:44:33.0574 4888 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 16:44:33.0637 4888 Wecsvc - ok 16:44:33.0652 4888 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 16:44:33.0715 4888 wercplsupport - ok 16:44:33.0730 4888 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 16:44:33.0793 4888 WerSvc - ok 16:44:33.0840 4888 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 16:44:33.0871 4888 WfpLwf - ok 16:44:33.0918 4888 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 16:44:33.0933 4888 WimFltr - ok 16:44:33.0964 4888 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 16:44:33.0980 4888 WIMMount - ok 16:44:34.0011 4888 WinDefend - ok 16:44:34.0011 4888 WinHttpAutoProxySvc - ok 16:44:34.0074 4888 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 16:44:34.0136 4888 Winmgmt - ok 16:44:34.0261 4888 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 16:44:34.0370 4888 WinRM - ok 16:44:34.0464 4888 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 16:44:34.0510 4888 WinUsb - ok 16:44:34.0588 4888 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 16:44:34.0635 4888 Wlansvc - ok 16:44:34.0744 4888 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 16:44:34.0760 4888 wlcrasvc - ok 16:44:34.0932 4888 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:44:34.0994 4888 wlidsvc - ok 16:44:35.0056 4888 WMCoreService - ok 16:44:35.0166 4888 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 16:44:35.0212 4888 WmiAcpi - ok 16:44:35.0275 4888 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 16:44:35.0322 4888 wmiApSrv - ok 16:44:35.0353 4888 WMPNetworkSvc - ok 16:44:35.0384 4888 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 16:44:35.0415 4888 WPCSvc - ok 16:44:35.0462 4888 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 16:44:35.0493 4888 WPDBusEnum - ok 16:44:35.0509 4888 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 16:44:35.0571 4888 ws2ifsl - ok 16:44:35.0602 4888 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 16:44:35.0649 4888 wscsvc - ok 16:44:35.0649 4888 WSearch - ok 16:44:35.0805 4888 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 16:44:35.0930 4888 wuauserv - ok 16:44:36.0039 4888 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 16:44:36.0102 4888 WudfPf - ok 16:44:36.0133 4888 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 16:44:36.0195 4888 WUDFRd - ok 16:44:36.0242 4888 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 16:44:36.0289 4888 wudfsvc - ok 16:44:36.0320 4888 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 16:44:36.0382 4888 WwanSvc - ok 16:44:36.0445 4888 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 16:44:36.0726 4888 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 16:44:36.0726 4888 \Device\Harddisk0\DR0 - detected TDSS File System (1) 16:44:36.0741 4888 Boot (0x1200) (c27b706087c4eea52deea50c6cd520ab) \Device\Harddisk0\DR0\Partition0 16:44:36.0741 4888 \Device\Harddisk0\DR0\Partition0 - ok 16:44:36.0772 4888 Boot (0x1200) (08445ab26373f39b7227cc49dfb0e625) \Device\Harddisk0\DR0\Partition1 16:44:36.0772 4888 \Device\Harddisk0\DR0\Partition1 - ok 16:44:36.0772 4888 ============================================================ 16:44:36.0772 4888 Scan finished 16:44:36.0772 4888 ============================================================ 16:44:36.0788 1840 Detected object count: 3 16:44:36.0788 1840 Actual detected object count: 3 16:45:03.0059 1840 IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user 16:45:03.0059 1840 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:45:03.0074 1840 NvtlService ( UnsignedFile.Multi.Generic ) - skipped by user 16:45:03.0074 1840 NvtlService ( UnsignedFile.Multi.Generic ) - User select action: Skip 16:45:03.0074 1840 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 16:45:03.0074 1840 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip |
10.06.2012, 16:47 | #14 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Hijack.StartPage und startsear.ch / wie entfernen??Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
10.06.2012, 18:59 | #15 |
| Hijack.StartPage und startsear.ch / wie entfernen??Code:
ATTFilter 19:55:48.0742 5588 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16 19:55:49.0522 5588 ============================================================ 19:55:49.0522 5588 Current date / time: 2012/06/10 19:55:49.0522 19:55:49.0522 5588 SystemInfo: 19:55:49.0522 5588 19:55:49.0522 5588 OS Version: 6.1.7601 ServicePack: 1.0 19:55:49.0522 5588 Product type: Workstation 19:55:49.0538 5588 ComputerName: XXX-PC 19:55:49.0538 5588 UserName: XXX 19:55:49.0538 5588 Windows directory: C:\Windows 19:55:49.0538 5588 System windows directory: C:\Windows 19:55:49.0538 5588 Running under WOW64 19:55:49.0538 5588 Processor architecture: Intel x64 19:55:49.0538 5588 Number of processors: 4 19:55:49.0538 5588 Page size: 0x1000 19:55:49.0538 5588 Boot type: Normal boot 19:55:49.0538 5588 ============================================================ 19:55:51.0254 5588 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:55:51.0269 5588 ============================================================ 19:55:51.0269 5588 \Device\Harddisk0\DR0: 19:55:51.0269 5588 MBR partitions: 19:55:51.0269 5588 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000 19:55:51.0269 5588 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625800 19:55:51.0269 5588 ============================================================ 19:55:51.0285 5588 C: <-> \Device\Harddisk0\DR0\Partition1 19:55:51.0285 5588 ============================================================ 19:55:51.0285 5588 Initialize success 19:55:51.0285 5588 ============================================================ 19:56:00.0863 3532 ============================================================ 19:56:00.0863 3532 Scan started 19:56:00.0863 3532 Mode: Manual; SigCheck; TDLFS; 19:56:00.0863 3532 ============================================================ 19:56:01.0441 3532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:56:01.0565 3532 1394ohci - ok 19:56:01.0597 3532 Acceler (7a505465bbb1eb8b5ad4d76e8749383b) C:\Windows\system32\DRIVERS\Accelern.sys 19:56:01.0643 3532 Acceler - ok 19:56:01.0675 3532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:56:01.0706 3532 ACPI - ok 19:56:01.0737 3532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:56:01.0831 3532 AcpiPmi - ok 19:56:02.0018 3532 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:56:02.0033 3532 AdobeARMservice - ok 19:56:02.0158 3532 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:56:02.0189 3532 AdobeFlashPlayerUpdateSvc - ok 19:56:02.0236 3532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:56:02.0283 3532 adp94xx - ok 19:56:02.0330 3532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:56:02.0361 3532 adpahci - ok 19:56:02.0408 3532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:56:02.0439 3532 adpu320 - ok 19:56:02.0470 3532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:56:02.0626 3532 AeLookupSvc - ok 19:56:02.0689 3532 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe 19:56:02.0704 3532 AERTFilters - ok 19:56:02.0782 3532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:56:02.0876 3532 AFD - ok 19:56:02.0907 3532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:56:02.0923 3532 agp440 - ok 19:56:02.0954 3532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:56:03.0032 3532 ALG - ok 19:56:03.0063 3532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:56:03.0079 3532 aliide - ok 19:56:03.0094 3532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:56:03.0110 3532 amdide - ok 19:56:03.0141 3532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:56:03.0219 3532 AmdK8 - ok 19:56:03.0219 3532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:56:03.0281 3532 AmdPPM - ok 19:56:03.0328 3532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 19:56:03.0344 3532 amdsata - ok 19:56:03.0391 3532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:56:03.0422 3532 amdsbs - ok 19:56:03.0422 3532 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 19:56:03.0437 3532 amdxata - ok 19:56:03.0515 3532 AnyDVD (2c4a05fcef72ef614dcd11d0872498c9) C:\Windows\system32\Drivers\AnyDVD.sys 19:56:03.0531 3532 AnyDVD - ok 19:56:03.0578 3532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:56:03.0781 3532 AppID - ok 19:56:03.0812 3532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:56:03.0890 3532 AppIDSvc - ok 19:56:03.0921 3532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:56:03.0999 3532 Appinfo - ok 19:56:04.0108 3532 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:56:04.0124 3532 Apple Mobile Device - ok 19:56:04.0155 3532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:56:04.0171 3532 arc - ok 19:56:04.0202 3532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:56:04.0202 3532 arcsas - ok 19:56:04.0233 3532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:56:04.0311 3532 AsyncMac - ok 19:56:04.0358 3532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:56:04.0373 3532 atapi - ok 19:56:04.0451 3532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:56:04.0561 3532 AudioEndpointBuilder - ok 19:56:04.0561 3532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:56:04.0607 3532 AudioSrv - ok 19:56:04.0919 3532 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe 19:56:05.0060 3532 AVGIDSAgent - ok 19:56:05.0200 3532 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys 19:56:05.0216 3532 AVGIDSDriver - ok 19:56:05.0247 3532 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys 19:56:05.0263 3532 AVGIDSEH - ok 19:56:05.0278 3532 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys 19:56:05.0294 3532 AVGIDSFilter - ok 19:56:05.0341 3532 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys 19:56:05.0356 3532 Avgldx64 - ok 19:56:05.0387 3532 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys 19:56:05.0403 3532 Avgmfx64 - ok 19:56:05.0434 3532 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys 19:56:05.0434 3532 Avgrkx64 - ok 19:56:05.0481 3532 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys 19:56:05.0512 3532 Avgtdia - ok 19:56:05.0621 3532 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe 19:56:05.0653 3532 avgwd - ok 19:56:05.0699 3532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:56:05.0809 3532 AxInstSV - ok 19:56:05.0855 3532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:56:05.0933 3532 b06bdrv - ok 19:56:05.0980 3532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:56:06.0058 3532 b57nd60a - ok 19:56:06.0152 3532 BBSvc (0d1ea7509f394d8b705b239ee71f5118) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE 19:56:06.0199 3532 BBSvc - ok 19:56:06.0245 3532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:56:06.0308 3532 BDESVC - ok 19:56:06.0323 3532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:56:06.0401 3532 Beep - ok 19:56:06.0495 3532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 19:56:06.0573 3532 BFE - ok 19:56:06.0635 3532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 19:56:06.0760 3532 BITS - ok 19:56:06.0807 3532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:56:06.0854 3532 blbdrive - ok 19:56:06.0963 3532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 19:56:06.0994 3532 Bonjour Service - ok 19:56:07.0057 3532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:56:07.0088 3532 bowser - ok 19:56:07.0103 3532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:56:07.0166 3532 BrFiltLo - ok 19:56:07.0197 3532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:56:07.0213 3532 BrFiltUp - ok 19:56:07.0244 3532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:56:07.0322 3532 Browser - ok 19:56:07.0369 3532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:56:07.0447 3532 Brserid - ok 19:56:07.0462 3532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:56:07.0509 3532 BrSerWdm - ok 19:56:07.0509 3532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:56:07.0556 3532 BrUsbMdm - ok 19:56:07.0556 3532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:56:07.0571 3532 BrUsbSer - ok 19:56:07.0634 3532 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 19:56:07.0712 3532 BthEnum - ok 19:56:07.0727 3532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:56:07.0774 3532 BTHMODEM - ok 19:56:07.0821 3532 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 19:56:07.0868 3532 BthPan - ok 19:56:07.0946 3532 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 19:56:08.0008 3532 BTHPORT - ok 19:56:08.0055 3532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:56:08.0102 3532 bthserv - ok 19:56:08.0117 3532 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 19:56:08.0164 3532 BTHUSB - ok 19:56:08.0211 3532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:56:08.0289 3532 cdfs - ok 19:56:08.0336 3532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 19:56:08.0367 3532 cdrom - ok 19:56:08.0398 3532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:56:08.0476 3532 CertPropSvc - ok 19:56:08.0523 3532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:56:08.0539 3532 circlass - ok 19:56:08.0585 3532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:56:08.0617 3532 CLFS - ok 19:56:08.0695 3532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:56:08.0710 3532 clr_optimization_v2.0.50727_32 - ok 19:56:08.0757 3532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:56:08.0788 3532 clr_optimization_v2.0.50727_64 - ok 19:56:08.0866 3532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:56:08.0929 3532 clr_optimization_v4.0.30319_32 - ok 19:56:08.0960 3532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:56:08.0991 3532 clr_optimization_v4.0.30319_64 - ok 19:56:09.0007 3532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:56:09.0053 3532 CmBatt - ok 19:56:09.0100 3532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:56:09.0100 3532 cmdide - ok 19:56:09.0209 3532 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 19:56:09.0241 3532 CNG - ok 19:56:09.0319 3532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:56:09.0334 3532 Compbatt - ok 19:56:09.0397 3532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:56:09.0459 3532 CompositeBus - ok 19:56:09.0475 3532 COMSysApp - ok 19:56:09.0506 3532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:56:09.0537 3532 crcdisk - ok 19:56:09.0709 3532 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 19:56:09.0802 3532 CryptSvc - ok 19:56:10.0083 3532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:56:10.0161 3532 DcomLaunch - ok 19:56:10.0239 3532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:56:10.0333 3532 defragsvc - ok 19:56:10.0379 3532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:56:10.0473 3532 DfsC - ok 19:56:10.0535 3532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:56:10.0613 3532 Dhcp - ok 19:56:10.0645 3532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:56:10.0691 3532 discache - ok 19:56:10.0723 3532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:56:10.0723 3532 Disk - ok 19:56:10.0769 3532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:56:10.0832 3532 Dnscache - ok 19:56:10.0879 3532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:56:10.0957 3532 dot3svc - ok 19:56:11.0019 3532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:56:11.0081 3532 DPS - ok 19:56:11.0113 3532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:56:11.0159 3532 drmkaud - ok 19:56:11.0253 3532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:56:11.0284 3532 DXGKrnl - ok 19:56:11.0315 3532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:56:11.0362 3532 EapHost - ok 19:56:11.0627 3532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:56:11.0705 3532 ebdrv - ok 19:56:11.0815 3532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:56:11.0893 3532 EFS - ok 19:56:12.0501 3532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:56:12.0563 3532 ehRecvr - ok 19:56:12.0626 3532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:56:12.0719 3532 ehSched - ok 19:56:12.0875 3532 ElbyCDIO (a05fc7eca0966ebb70e4d17b855a853b) C:\Windows\system32\Drivers\ElbyCDIO.sys 19:56:12.0891 3532 ElbyCDIO - ok 19:56:13.0031 3532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:56:13.0078 3532 elxstor - ok 19:56:13.0109 3532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:56:13.0156 3532 ErrDev - ok 19:56:13.0297 3532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:56:13.0359 3532 EventSystem - ok 19:56:13.0655 3532 EvtEng (b56d9602db5fe1c116b1ca5efd8e2e50) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 19:56:13.0687 3532 EvtEng - ok 19:56:13.0999 3532 ewusbnet - ok 19:56:14.0045 3532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:56:14.0092 3532 exfat - ok 19:56:14.0186 3532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:56:14.0248 3532 fastfat - ok 19:56:14.0342 3532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:56:14.0389 3532 Fax - ok 19:56:14.0420 3532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:56:14.0451 3532 fdc - ok 19:56:14.0482 3532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:56:14.0529 3532 fdPHost - ok 19:56:14.0607 3532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:56:14.0669 3532 FDResPub - ok 19:56:14.0701 3532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:56:14.0716 3532 FileInfo - ok 19:56:14.0732 3532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:56:14.0794 3532 Filetrace - ok 19:56:14.0825 3532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:56:14.0857 3532 flpydisk - ok 19:56:14.0903 3532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:56:14.0935 3532 FltMgr - ok 19:56:14.0997 3532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:56:15.0075 3532 FontCache - ok 19:56:15.0153 3532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:56:15.0153 3532 FontCache3.0.0.0 - ok 19:56:15.0200 3532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:56:15.0215 3532 FsDepends - ok 19:56:15.0278 3532 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 19:56:15.0278 3532 fssfltr - ok 19:56:15.0559 3532 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 19:56:15.0715 3532 fsssvc - ok 19:56:15.0917 3532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:56:15.0933 3532 Fs_Rec - ok 19:56:16.0011 3532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:56:16.0042 3532 fvevol - ok 19:56:16.0089 3532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:56:16.0105 3532 gagp30kx - ok 19:56:16.0136 3532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:56:16.0151 3532 GEARAspiWDM - ok 19:56:16.0245 3532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:56:16.0339 3532 gpsvc - ok 19:56:16.0448 3532 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:56:16.0479 3532 gupdate - ok 19:56:16.0495 3532 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:56:16.0510 3532 gupdatem - ok 19:56:16.0557 3532 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 19:56:16.0588 3532 gusvc - ok 19:56:16.0619 3532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:56:16.0682 3532 hcw85cir - ok 19:56:16.0729 3532 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 19:56:16.0791 3532 HdAudAddService - ok 19:56:16.0807 3532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:56:16.0853 3532 HDAudBus - ok 19:56:16.0853 3532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:56:16.0916 3532 HidBatt - ok 19:56:17.0025 3532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:56:17.0072 3532 HidBth - ok 19:56:17.0119 3532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:56:17.0165 3532 HidIr - ok 19:56:17.0197 3532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 19:56:17.0243 3532 hidserv - ok 19:56:17.0275 3532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 19:56:17.0290 3532 HidUsb - ok 19:56:17.0337 3532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:56:17.0431 3532 hkmsvc - ok 19:56:17.0727 3532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:56:17.0789 3532 HomeGroupListener - ok 19:56:17.0821 3532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:56:17.0883 3532 HomeGroupProvider - ok 19:56:17.0961 3532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:56:17.0992 3532 HpSAMD - ok 19:56:18.0304 3532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:56:18.0413 3532 HTTP - ok 19:56:18.0476 3532 hwdatacard - ok 19:56:18.0569 3532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:56:18.0569 3532 hwpolicy - ok 19:56:18.0601 3532 hwusbdev - ok 19:56:18.0725 3532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 19:56:18.0741 3532 i8042prt - ok 19:56:18.0788 3532 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys 19:56:18.0819 3532 iaStor - ok 19:56:18.0881 3532 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:56:18.0897 3532 IAStorDataMgrSvc - ok 19:56:18.0944 3532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:56:18.0975 3532 iaStorV - ok 19:56:19.0318 3532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:56:19.0349 3532 idsvc - ok 19:56:20.0535 3532 igfx (1be8d9ca4f2363b8e8015621878e0043) C:\Windows\system32\DRIVERS\igdkmd64.sys 19:56:20.0878 3532 igfx - ok 19:56:21.0081 3532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:56:21.0112 3532 iirsp - ok 19:56:21.0237 3532 IJPLMSVC (51516252dbbfed36f70b341dba263167) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 19:56:21.0268 3532 IJPLMSVC ( UnsignedFile.Multi.Generic ) - warning 19:56:21.0268 3532 IJPLMSVC - detected UnsignedFile.Multi.Generic (1) 19:56:21.0409 3532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:56:21.0518 3532 IKEEXT - ok 19:56:21.0580 3532 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys 19:56:21.0658 3532 Impcd - ok 19:56:21.0986 3532 IntcAzAudAddService (f61d360072b67f5667765a2534b672d6) C:\Windows\system32\drivers\RTKVHD64.sys 19:56:22.0033 3532 IntcAzAudAddService - ok 19:56:22.0235 3532 IntcDAud (03c74719d48056a1078f3a51ceb76baa) C:\Windows\system32\DRIVERS\IntcDAud.sys 19:56:22.0313 3532 IntcDAud - ok 19:56:22.0329 3532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:56:22.0345 3532 intelide - ok 19:56:22.0376 3532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:56:22.0423 3532 intelppm - ok 19:56:22.0469 3532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:56:22.0532 3532 IPBusEnum - ok 19:56:22.0563 3532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:56:22.0625 3532 IpFilterDriver - ok 19:56:22.0719 3532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 19:56:22.0797 3532 iphlpsvc - ok 19:56:22.0813 3532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:56:22.0828 3532 IPMIDRV - ok 19:56:22.0844 3532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:56:22.0922 3532 IPNAT - ok 19:56:23.0047 3532 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe 19:56:23.0093 3532 iPod Service - ok 19:56:23.0125 3532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:56:23.0203 3532 IRENUM - ok 19:56:23.0234 3532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:56:23.0249 3532 isapnp - ok 19:56:23.0296 3532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:56:23.0327 3532 iScsiPrt - ok 19:56:23.0374 3532 JMCR (3926c8c55a2cd2c94888be39b4beb629) C:\Windows\system32\DRIVERS\jmcr.sys 19:56:23.0390 3532 JMCR - ok 19:56:23.0421 3532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 19:56:23.0437 3532 kbdclass - ok 19:56:23.0468 3532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 19:56:23.0483 3532 kbdhid - ok 19:56:23.0515 3532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:56:23.0530 3532 KeyIso - ok 19:56:23.0546 3532 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 19:56:23.0561 3532 KSecDD - ok 19:56:23.0577 3532 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 19:56:23.0608 3532 KSecPkg - ok 19:56:23.0624 3532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:56:23.0686 3532 ksthunk - ok 19:56:23.0764 3532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:56:23.0873 3532 KtmRm - ok 19:56:23.0967 3532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 19:56:24.0061 3532 LanmanServer - ok 19:56:24.0107 3532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:56:24.0185 3532 LanmanWorkstation - ok 19:56:24.0295 3532 LBTServ (4adc135f525d38a498f83b089228cc2d) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe 19:56:24.0326 3532 LBTServ - ok 19:56:24.0357 3532 LHidFilt (24e09882ba51b9830ae029888a3aaf18) C:\Windows\system32\DRIVERS\LHidFilt.Sys 19:56:24.0373 3532 LHidFilt - ok 19:56:24.0388 3532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:56:24.0435 3532 lltdio - ok 19:56:24.0466 3532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:56:24.0560 3532 lltdsvc - ok 19:56:24.0607 3532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:56:24.0653 3532 lmhosts - ok 19:56:24.0669 3532 LMouFilt (2f94325d8c10e2b715f3d753c2422aac) C:\Windows\system32\DRIVERS\LMouFilt.Sys 19:56:24.0685 3532 LMouFilt - ok 19:56:24.0716 3532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:56:24.0731 3532 LSI_FC - ok 19:56:24.0747 3532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:56:24.0747 3532 LSI_SAS - ok 19:56:24.0763 3532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:56:24.0778 3532 LSI_SAS2 - ok 19:56:24.0794 3532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:56:24.0809 3532 LSI_SCSI - ok 19:56:24.0841 3532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:56:24.0887 3532 luafv - ok 19:56:24.0934 3532 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 19:56:24.0950 3532 MBAMProtector - ok 19:56:25.0075 3532 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 19:56:25.0121 3532 MBAMService - ok 19:56:25.0153 3532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:56:25.0199 3532 Mcx2Svc - ok 19:56:25.0215 3532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:56:25.0231 3532 megasas - ok 19:56:25.0277 3532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:56:25.0309 3532 MegaSR - ok 19:56:25.0340 3532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:56:25.0371 3532 MMCSS - ok 19:56:25.0387 3532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:56:25.0418 3532 Modem - ok 19:56:25.0433 3532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:56:25.0465 3532 monitor - ok 19:56:25.0511 3532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 19:56:25.0527 3532 mouclass - ok 19:56:25.0558 3532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:56:25.0574 3532 mouhid - ok 19:56:25.0605 3532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:56:25.0621 3532 mountmgr - ok 19:56:25.0652 3532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:56:25.0683 3532 mpio - ok 19:56:25.0699 3532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:56:25.0745 3532 mpsdrv - ok 19:56:25.0886 3532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 19:56:25.0948 3532 MpsSvc - ok 19:56:25.0995 3532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:56:26.0042 3532 MRxDAV - ok 19:56:26.0135 3532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:56:26.0198 3532 mrxsmb - ok 19:56:26.0385 3532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:56:26.0447 3532 mrxsmb10 - ok 19:56:26.0588 3532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:56:26.0619 3532 mrxsmb20 - ok 19:56:26.0666 3532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:56:26.0666 3532 msahci - ok 19:56:26.0697 3532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:56:26.0728 3532 msdsm - ok 19:56:26.0744 3532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:56:26.0806 3532 MSDTC - ok 19:56:26.0837 3532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:56:26.0900 3532 Msfs - ok 19:56:26.0915 3532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:56:26.0993 3532 mshidkmdf - ok 19:56:27.0025 3532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:56:27.0040 3532 msisadrv - ok 19:56:27.0071 3532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:56:27.0134 3532 MSiSCSI - ok 19:56:27.0134 3532 msiserver - ok 19:56:27.0165 3532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:56:27.0227 3532 MSKSSRV - ok 19:56:27.0243 3532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:56:27.0290 3532 MSPCLOCK - ok 19:56:27.0305 3532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:56:27.0352 3532 MSPQM - ok 19:56:27.0415 3532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:56:27.0446 3532 MsRPC - ok 19:56:27.0477 3532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:56:27.0477 3532 mssmbios - ok 19:56:27.0493 3532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:56:27.0539 3532 MSTEE - ok 19:56:27.0602 3532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:56:27.0617 3532 MTConfig - ok 19:56:27.0633 3532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:56:27.0633 3532 Mup - ok 19:56:27.0727 3532 MyWiFiDHCPDNS (a9bc2302fbdf52c8af4e2fc966288d21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 19:56:27.0758 3532 MyWiFiDHCPDNS - ok 19:56:27.0820 3532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:56:27.0914 3532 napagent - ok 19:56:27.0961 3532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:56:28.0023 3532 NativeWifiP - ok 19:56:28.0179 3532 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files (x86)\Nero\Update\NASvc.exe 19:56:28.0210 3532 NAUpdate - ok 19:56:28.0273 3532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:56:28.0335 3532 NDIS - ok 19:56:28.0351 3532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:56:28.0382 3532 NdisCap - ok 19:56:28.0397 3532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:56:28.0460 3532 NdisTapi - ok 19:56:28.0507 3532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:56:28.0569 3532 Ndisuio - ok 19:56:28.0616 3532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:56:28.0694 3532 NdisWan - ok 19:56:28.0741 3532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:56:28.0803 3532 NDProxy - ok 19:56:28.0819 3532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:56:28.0865 3532 NetBIOS - ok 19:56:28.0912 3532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:56:28.0990 3532 NetBT - ok 19:56:29.0037 3532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:56:29.0037 3532 Netlogon - ok 19:56:29.0099 3532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:56:29.0193 3532 Netman - ok 19:56:29.0240 3532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:56:29.0302 3532 netprofm - ok 19:56:29.0365 3532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:56:29.0380 3532 NetTcpPortSharing - ok 19:56:29.0833 3532 NETw5s64 (18555f48844c2861d9dce8f2b7223ae5) C:\Windows\system32\DRIVERS\NETw5s64.sys 19:56:30.0082 3532 NETw5s64 - ok 19:56:30.0191 3532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:56:30.0223 3532 nfrd960 - ok 19:56:30.0269 3532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:56:30.0363 3532 NlaSvc - ok 19:56:30.0441 3532 nosGetPlusHelper (431ada51e9d032f533548688ce5a2a24) C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll 19:56:30.0457 3532 nosGetPlusHelper - ok 19:56:30.0472 3532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:56:30.0519 3532 Npfs - ok 19:56:30.0535 3532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:56:30.0597 3532 nsi - ok 19:56:30.0644 3532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:56:30.0737 3532 nsiproxy - ok 19:56:30.0862 3532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:56:30.0940 3532 Ntfs - ok 19:56:31.0018 3532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:56:31.0065 3532 Null - ok 19:56:31.0112 3532 nusb3hub (285acec1b13a15ba520aae06bacb9cff) C:\Windows\system32\DRIVERS\nusb3hub.sys 19:56:31.0112 3532 nusb3hub - ok 19:56:31.0143 3532 nusb3xhc (f6d625ff7b56bb6ea063f0d3a5bbc996) C:\Windows\system32\DRIVERS\nusb3xhc.sys 19:56:31.0159 3532 nusb3xhc - ok 19:56:31.0190 3532 NVHDA (e20abd5b229760158f753ca90b97e090) C:\Windows\system32\drivers\nvhda64v.sys 19:56:31.0221 3532 NVHDA - ok 19:56:31.0939 3532 nvlddmkm (536d174cb5cd021906e6035f40993493) C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:56:32.0126 3532 nvlddmkm - ok 19:56:32.0204 3532 nvpciflt (1ca55b50dbf7559ecc4f0f036edc29ec) C:\Windows\system32\DRIVERS\nvpciflt.sys 19:56:32.0204 3532 nvpciflt - ok 19:56:32.0251 3532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:56:32.0266 3532 nvraid - ok 19:56:32.0297 3532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:56:32.0329 3532 nvstor - ok 19:56:32.0360 3532 nvsvc (2c800281a92d5ab221b54df2d8b1a27d) C:\Windows\system32\nvvsvc.exe 19:56:32.0391 3532 nvsvc - ok 19:56:32.0438 3532 NvtlService (2664f84dbb5904fef141b8d914a17c39) C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe 19:56:32.0469 3532 NvtlService ( UnsignedFile.Multi.Generic ) - warning 19:56:32.0469 3532 NvtlService - detected UnsignedFile.Multi.Generic (1) 19:56:32.0516 3532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:56:32.0531 3532 nv_agp - ok 19:56:32.0625 3532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:56:32.0672 3532 ohci1394 - ok 19:56:32.0703 3532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:56:32.0765 3532 p2pimsvc - ok 19:56:32.0812 3532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:56:32.0843 3532 p2psvc - ok 19:56:32.0875 3532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:56:32.0890 3532 Parport - ok 19:56:32.0921 3532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 19:56:32.0937 3532 partmgr - ok 19:56:32.0953 3532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:56:32.0999 3532 PcaSvc - ok 19:56:33.0046 3532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:56:33.0077 3532 pci - ok 19:56:33.0109 3532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:56:33.0109 3532 pciide - ok 19:56:33.0140 3532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:56:33.0171 3532 pcmcia - ok 19:56:33.0187 3532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:56:33.0202 3532 pcw - ok 19:56:33.0249 3532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:56:33.0343 3532 PEAUTH - ok 19:56:33.0452 3532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:56:33.0483 3532 PerfHost - ok 19:56:33.0608 3532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:56:33.0779 3532 pla - ok 19:56:33.0842 3532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:56:33.0889 3532 PlugPlay - ok 19:56:33.0920 3532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:56:33.0951 3532 PNRPAutoReg - ok 19:56:33.0982 3532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:56:34.0013 3532 PNRPsvc - ok 19:56:34.0045 3532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:56:34.0138 3532 PolicyAgent - ok 19:56:34.0169 3532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:56:34.0247 3532 Power - ok 19:56:34.0325 3532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:56:34.0388 3532 PptpMiniport - ok 19:56:34.0435 3532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:56:34.0466 3532 Processor - ok 19:56:34.0544 3532 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 19:56:34.0622 3532 ProfSvc - ok 19:56:34.0669 3532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:56:34.0700 3532 ProtectedStorage - ok 19:56:34.0747 3532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:56:34.0809 3532 Psched - ok 19:56:34.0840 3532 qicflt (0928bd20273625622722fe1de5bbde57) C:\Windows\system32\DRIVERS\qicflt.sys 19:56:34.0856 3532 qicflt - ok 19:56:34.0965 3532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:56:35.0043 3532 ql2300 - ok 19:56:35.0152 3532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:56:35.0183 3532 ql40xx - ok 19:56:35.0230 3532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:56:35.0293 3532 QWAVE - ok 19:56:35.0308 3532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:56:35.0355 3532 QWAVEdrv - ok 19:56:35.0371 3532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:56:35.0433 3532 RasAcd - ok 19:56:35.0464 3532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:56:35.0495 3532 RasAgileVpn - ok 19:56:35.0511 3532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:56:35.0589 3532 RasAuto - ok 19:56:35.0651 3532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:56:35.0714 3532 Rasl2tp - ok 19:56:35.0792 3532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:56:35.0870 3532 RasMan - ok 19:56:35.0885 3532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:56:35.0963 3532 RasPppoe - ok 19:56:35.0995 3532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:56:36.0057 3532 RasSstp - ok 19:56:36.0104 3532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:56:36.0182 3532 rdbss - ok 19:56:36.0213 3532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:56:36.0244 3532 rdpbus - ok 19:56:36.0244 3532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:56:36.0322 3532 RDPCDD - ok 19:56:36.0353 3532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:56:36.0416 3532 RDPENCDD - ok 19:56:36.0447 3532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:56:36.0478 3532 RDPREFMP - ok 19:56:36.0541 3532 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 19:56:36.0587 3532 RDPWD - ok 19:56:36.0650 3532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:56:36.0681 3532 rdyboost - ok 19:56:36.0806 3532 RegSrvc (0aa473966357c4a41b5eb19649eb6e5e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 19:56:36.0931 3532 RegSrvc - ok 19:56:36.0977 3532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:56:37.0055 3532 RemoteAccess - ok 19:56:37.0087 3532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:56:37.0149 3532 RemoteRegistry - ok 19:56:37.0227 3532 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 19:56:37.0274 3532 RFCOMM - ok 19:56:37.0305 3532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:56:37.0383 3532 RpcEptMapper - ok 19:56:37.0383 3532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:56:37.0414 3532 RpcLocator - ok 19:56:37.0461 3532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:56:37.0508 3532 RpcSs - ok 19:56:37.0539 3532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:56:37.0586 3532 rspndr - ok 19:56:37.0679 3532 RTL8167 (4b42bc58294e83a6a92ec8b88c14c4a3) C:\Windows\system32\DRIVERS\Rt64win7.sys 19:56:37.0695 3532 RTL8167 - ok 19:56:37.0742 3532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:56:37.0757 3532 SamSs - ok 19:56:37.0773 3532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:56:37.0789 3532 sbp2port - ok 19:56:37.0835 3532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:56:37.0913 3532 SCardSvr - ok 19:56:37.0945 3532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:56:38.0007 3532 scfilter - ok 19:56:38.0101 3532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:56:38.0179 3532 Schedule - ok 19:56:38.0210 3532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:56:38.0241 3532 SCPolicySvc - ok 19:56:38.0288 3532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:56:38.0350 3532 SDRSVC - ok 19:56:38.0475 3532 SeaPort (78779ee07231c658b483b1f38b5088df) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE 19:56:38.0506 3532 SeaPort - ok 19:56:38.0553 3532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:56:38.0615 3532 secdrv - ok 19:56:38.0662 3532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:56:38.0725 3532 seclogon - ok 19:56:38.0756 3532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 19:56:38.0834 3532 SENS - ok 19:56:38.0865 3532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:56:38.0896 3532 SensrSvc - ok 19:56:38.0912 3532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:56:38.0927 3532 Serenum - ok 19:56:38.0943 3532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:56:38.0959 3532 Serial - ok 19:56:38.0990 3532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:56:39.0021 3532 sermouse - ok 19:56:39.0083 3532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:56:39.0146 3532 SessionEnv - ok 19:56:39.0177 3532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:56:39.0224 3532 sffdisk - ok 19:56:39.0239 3532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:56:39.0271 3532 sffp_mmc - ok 19:56:39.0302 3532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:56:39.0349 3532 sffp_sd - ok 19:56:39.0380 3532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:56:39.0395 3532 sfloppy - ok 19:56:39.0442 3532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:56:39.0536 3532 SharedAccess - ok 19:56:39.0583 3532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:56:39.0676 3532 ShellHWDetection - ok 19:56:39.0723 3532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:56:39.0739 3532 SiSRaid2 - ok 19:56:39.0754 3532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:56:39.0770 3532 SiSRaid4 - ok 19:56:39.0801 3532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:56:39.0848 3532 Smb - ok 19:56:39.0879 3532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:56:39.0910 3532 SNMPTRAP - ok 19:56:39.0926 3532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:56:39.0941 3532 spldr - ok 19:56:39.0988 3532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:56:40.0051 3532 Spooler - ok 19:56:40.0253 3532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:56:40.0378 3532 sppsvc - ok 19:56:40.0472 3532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:56:40.0534 3532 sppuinotify - ok 19:56:40.0659 3532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:56:40.0737 3532 srv - ok 19:56:40.0799 3532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:56:40.0831 3532 srv2 - ok 19:56:40.0862 3532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:56:40.0893 3532 srvnet - ok 19:56:40.0940 3532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:56:41.0018 3532 SSDPSRV - ok 19:56:41.0033 3532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:56:41.0080 3532 SstpSvc - ok 19:56:41.0096 3532 stdcfltn (92e7f6666633d2dd91d527503daa7be0) C:\Windows\system32\DRIVERS\stdcfltn.sys 19:56:41.0189 3532 stdcfltn - ok 19:56:41.0283 3532 Stereo Service (66f60d8a26b665ec9d8d2f07addef22d) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:56:41.0314 3532 Stereo Service - ok 19:56:41.0345 3532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:56:41.0361 3532 stexstor - ok 19:56:41.0392 3532 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys 19:56:41.0439 3532 StillCam - ok 19:56:41.0501 3532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:56:41.0564 3532 stisvc - ok 19:56:41.0657 3532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:56:41.0673 3532 swenum - ok 19:56:41.0720 3532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:56:41.0813 3532 swprv - ok 19:56:41.0860 3532 SynTP (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys 19:56:41.0891 3532 SynTP - ok 19:56:42.0016 3532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:56:42.0125 3532 SysMain - ok 19:56:42.0250 3532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:56:42.0281 3532 TabletInputService - ok 19:56:42.0328 3532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:56:42.0406 3532 TapiSrv - ok 19:56:42.0437 3532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:56:42.0484 3532 TBS - ok 19:56:42.0687 3532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 19:56:42.0827 3532 Tcpip - ok 19:56:43.0015 3532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 19:56:43.0061 3532 TCPIP6 - ok 19:56:43.0155 3532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:56:43.0217 3532 tcpipreg - ok 19:56:43.0249 3532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:56:43.0264 3532 TDPIPE - ok 19:56:43.0295 3532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:56:43.0327 3532 TDTCP - ok 19:56:43.0373 3532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:56:43.0451 3532 tdx - ok 19:56:43.0483 3532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:56:43.0498 3532 TermDD - ok 19:56:43.0561 3532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:56:43.0717 3532 TermService - ok 19:56:43.0732 3532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:56:43.0748 3532 Themes - ok 19:56:43.0763 3532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:56:43.0795 3532 THREADORDER - ok 19:56:43.0826 3532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:56:43.0873 3532 TrkWks - ok 19:56:43.0919 3532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:56:43.0997 3532 TrustedInstaller - ok 19:56:44.0044 3532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:56:44.0075 3532 tssecsrv - ok 19:56:44.0107 3532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:56:44.0138 3532 TsUsbFlt - ok 19:56:44.0200 3532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:56:44.0278 3532 tunnel - ok 19:56:44.0325 3532 TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys 19:56:44.0341 3532 TurboB - ok 19:56:44.0403 3532 TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe 19:56:44.0419 3532 TurboBoost - ok 19:56:44.0450 3532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:56:44.0465 3532 uagp35 - ok 19:56:44.0512 3532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:56:44.0606 3532 udfs - ok 19:56:44.0637 3532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:56:44.0653 3532 UI0Detect - ok 19:56:44.0699 3532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:56:44.0699 3532 uliagpkx - ok 19:56:44.0746 3532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 19:56:44.0777 3532 umbus - ok 19:56:44.0809 3532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:56:44.0840 3532 UmPass - ok 19:56:44.0887 3532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:56:44.0980 3532 upnphost - ok 19:56:45.0027 3532 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 19:56:45.0074 3532 USBAAPL64 - ok 19:56:45.0121 3532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:56:45.0183 3532 usbccgp - ok 19:56:45.0230 3532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:56:45.0245 3532 usbcir - ok 19:56:45.0292 3532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 19:56:45.0323 3532 usbehci - ok 19:56:45.0370 3532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 19:56:45.0417 3532 usbhub - ok 19:56:45.0448 3532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 19:56:45.0479 3532 usbohci - ok 19:56:45.0526 3532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:56:45.0573 3532 usbprint - ok 19:56:45.0651 3532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:56:45.0682 3532 usbscan - ok 19:56:45.0698 3532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:56:45.0760 3532 USBSTOR - ok 19:56:45.0807 3532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 19:56:45.0838 3532 usbuhci - ok 19:56:45.0885 3532 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 19:56:45.0916 3532 usbvideo - ok 19:56:45.0947 3532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:56:46.0025 3532 UxSms - ok 19:56:46.0057 3532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:56:46.0072 3532 VaultSvc - ok 19:56:46.0103 3532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:56:46.0119 3532 vdrvroot - ok 19:56:46.0166 3532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:56:46.0275 3532 vds - ok 19:56:46.0322 3532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:56:46.0337 3532 vga - ok 19:56:46.0353 3532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:56:46.0415 3532 VgaSave - ok 19:56:46.0462 3532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:56:46.0493 3532 vhdmp - ok 19:56:46.0525 3532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:56:46.0556 3532 viaide - ok 19:56:46.0587 3532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:56:46.0603 3532 volmgr - ok 19:56:46.0712 3532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:56:46.0759 3532 volmgrx - ok 19:56:46.0790 3532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 19:56:46.0821 3532 volsnap - ok 19:56:46.0852 3532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:56:46.0883 3532 vsmraid - ok 19:56:47.0008 3532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:56:47.0133 3532 VSS - ok 19:56:47.0258 3532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 19:56:47.0273 3532 vwifibus - ok 19:56:47.0320 3532 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 19:56:47.0351 3532 vwififlt - ok 19:56:47.0367 3532 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 19:56:47.0383 3532 vwifimp - ok 19:56:47.0429 3532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:56:47.0492 3532 W32Time - ok 19:56:47.0507 3532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:56:47.0539 3532 WacomPen - ok 19:56:47.0648 3532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:56:47.0726 3532 WANARP - ok 19:56:47.0741 3532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:56:47.0773 3532 Wanarpv6 - ok 19:56:47.0882 3532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:56:47.0975 3532 wbengine - ok 19:56:48.0069 3532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:56:48.0116 3532 WbioSrvc - ok 19:56:48.0163 3532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:56:48.0225 3532 wcncsvc - ok 19:56:48.0256 3532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:56:48.0272 3532 WcsPlugInService - ok 19:56:48.0319 3532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:56:48.0334 3532 Wd - ok 19:56:48.0381 3532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:56:48.0428 3532 Wdf01000 - ok 19:56:48.0459 3532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:56:48.0553 3532 WdiServiceHost - ok 19:56:48.0553 3532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:56:48.0584 3532 WdiSystemHost - ok 19:56:48.0662 3532 wdkmd (fe31110e39a0b11abae1ba43a2dc94f9) C:\Windows\system32\DRIVERS\WDKMD.sys 19:56:48.0677 3532 wdkmd - ok 19:56:48.0724 3532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:56:48.0787 3532 WebClient - ok 19:56:48.0818 3532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:56:48.0896 3532 Wecsvc - ok 19:56:48.0911 3532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:56:48.0974 3532 wercplsupport - ok 19:56:48.0989 3532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:56:49.0052 3532 WerSvc - ok 19:56:49.0099 3532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:56:49.0145 3532 WfpLwf - ok 19:56:49.0192 3532 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 19:56:49.0223 3532 WimFltr - ok 19:56:49.0239 3532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:56:49.0255 3532 WIMMount - ok 19:56:49.0286 3532 WinDefend - ok 19:56:49.0286 3532 WinHttpAutoProxySvc - ok 19:56:49.0348 3532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:56:49.0411 3532 Winmgmt - ok 19:56:49.0567 3532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:56:49.0738 3532 WinRM - ok 19:56:49.0847 3532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 19:56:49.0894 3532 WinUsb - ok 19:56:49.0972 3532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:56:50.0019 3532 Wlansvc - ok 19:56:50.0113 3532 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:56:50.0128 3532 wlcrasvc - ok 19:56:50.0300 3532 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:56:50.0409 3532 wlidsvc - ok 19:56:50.0456 3532 WMCoreService - ok 19:56:50.0565 3532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:56:50.0612 3532 WmiAcpi - ok 19:56:50.0674 3532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:56:50.0737 3532 wmiApSrv - ok 19:56:50.0799 3532 WMPNetworkSvc - ok 19:56:50.0830 3532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:56:50.0861 3532 WPCSvc - ok 19:56:50.0893 3532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:56:50.0924 3532 WPDBusEnum - ok 19:56:50.0955 3532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:56:51.0033 3532 ws2ifsl - ok 19:56:51.0049 3532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 19:56:51.0095 3532 wscsvc - ok 19:56:51.0095 3532 WSearch - ok 19:56:51.0251 3532 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 19:56:51.0376 3532 wuauserv - ok 19:56:51.0485 3532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:56:51.0532 3532 WudfPf - ok 19:56:51.0641 3532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:56:51.0719 3532 WUDFRd - ok 19:56:51.0766 3532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:56:51.0813 3532 wudfsvc - ok 19:56:51.0844 3532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:56:51.0907 3532 WwanSvc - ok 19:56:51.0953 3532 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 19:56:52.0359 3532 \Device\Harddisk0\DR0 - ok 19:56:52.0375 3532 Boot (0x1200) (c27b706087c4eea52deea50c6cd520ab) \Device\Harddisk0\DR0\Partition0 19:56:52.0375 3532 \Device\Harddisk0\DR0\Partition0 - ok 19:56:52.0406 3532 Boot (0x1200) (08445ab26373f39b7227cc49dfb0e625) \Device\Harddisk0\DR0\Partition1 19:56:52.0406 3532 \Device\Harddisk0\DR0\Partition1 - ok 19:56:52.0406 3532 ============================================================ 19:56:52.0406 3532 Scan finished 19:56:52.0406 3532 ============================================================ 19:56:52.0421 3524 Detected object count: 2 19:56:52.0421 3524 Actual detected object count: 2 19:58:26.0811 3524 IJPLMSVC ( UnsignedFile.Multi.Generic ) - skipped by user 19:58:26.0811 3524 IJPLMSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:58:26.0811 3524 NvtlService ( UnsignedFile.Multi.Generic ) - skipped by user 19:58:26.0811 3524 NvtlService ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Themen zu Hijack.StartPage und startsear.ch / wie entfernen?? |
anlage, beiträge, bereits, betreff, combo, diverse, entferne, entfernen, firefox, geändert, hijack.startpage, problem, seite, startsear.ch, startseite, wie entfernen, wie entfernen? |