| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gema Trojaner paysafe cardWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.06.2012, 16:15
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Gema Trojaner paysafe card Bitte jetzt routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen! Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.06.2012, 12:42
| #17 |
 | Gema Trojaner paysafe card So hier die Logs von Malwarebytes (ich habe 2 scans gemacht, da es beim ersten nichts gefunden hat, beim zweiten hat es allerdings auch nichts gefunden.):
__________________Log 1: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.25.08 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Frederik :: FREDERIK-VAIO [Administrator] Schutz: Aktiviert 25.06.2012 17:48:18 mbam-log-2012-06-25 (17-48-18).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 503198 Laufzeit: 2 Stunde(n), 2 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.06.25.08 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Frederik :: FREDERIK-VAIO [Administrator] Schutz: Aktiviert 26.06.2012 06:46:19 mbam-log-2012-06-26 (06-46-19).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 503097 Laufzeit: 1 Stunde(n), 55 Minute(n), 17 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6bc743879891d448ae8062c40b91b5eb
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-25 10:12:31
# local_time=2012-06-26 12:12:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1792 16777215 100 0 21991557 21991557 0 0
# compatibility_mode=5893 16776573 100 94 14426 92285591 0 0
# compatibility_mode=8192 67108863 100 0 8513 8513 0 0
# scanned=293305
# found=4
# cleaned=0
# scan_time=6609
C:\Users\Frederik\AppData\Local\Temp\SetupDataMngr_Searchqu.exe a variant of Win32/Toolbar.SearchSuite application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Frederik\AppData\Local\Temp\V.class a variant of Java/Agent.EQ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Frederik\AppData\Local\Temp\InstallShare31934\bab_setup.exe Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Users\Frederik\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\2dc6857b-295957be Java/Exploit.Agent.NCI trojan (unable to clean) 00000000000000000000000000000000 I
|
|
26.06.2012, 14:14
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Hätte da mal zwei Fragen bevor es weiter geht
__________________1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ |
|
26.06.2012, 21:37
| #19 |
| | Gema Trojaner paysafe card Hmm, es ist Zwar nicht mein Laptop, aber ich hab mal drübergeschaut, es fehlt eigentlich nichts, und der normale Windows Modus hat bisher auch noch keine Probleme gemacht. gruß Martin |
|
27.06.2012, 12:49
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.06.2012, 14:32
| #21 |
| | Gema Trojaner paysafe card Ok, hier ist die OTL.txt Code:
ATTFilter OTL logfile created on: 27.06.2012 14:25:35 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\Frederik\Downloads 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,86 Gb Total Physical Memory | 1,91 Gb Available Physical Memory | 49,61% Memory free 7,71 Gb Paging File | 5,25 Gb Available in Paging File | 68,09% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 452,23 Gb Total Space | 295,71 Gb Free Space | 65,39% Space Free | Partition Type: NTFS Drive D: | 389,26 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: FREDERIK-VAIO | User Name: Frederik | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.27 14:20:52 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Frederik\Downloads\OTL.exe PRC - [2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2012.05.08 13:56:41 | 000,466,896 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe PRC - [2012.05.08 13:56:41 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.05.08 13:56:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.05.08 13:56:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.04.12 10:56:46 | 000,445,624 | ---- | M] (Sony) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe PRC - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe PRC - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe PRC - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2010.06.01 03:01:54 | 000,600,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe PRC - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2010.05.31 19:18:32 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2010.05.31 17:01:52 | 000,673,136 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe PRC - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe PRC - [2007.12.12 09:29:26 | 000,036,864 | ---- | M] () -- C:\Megatech\MProtect\MPServ.exe PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (No Company Name) ========== MOD - [2012.06.26 03:47:35 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll MOD - [2012.06.26 03:47:13 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll MOD - [2012.06.26 03:47:07 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll MOD - [2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe MOD - [2012.05.11 16:02:27 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\73baa23d28d21c7c01e334211330a84e\IAStorUtil.ni.dll MOD - [2012.05.11 14:20:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll MOD - [2012.05.11 14:19:45 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll MOD - [2012.05.11 14:19:39 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll MOD - [2012.05.11 14:19:36 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll MOD - [2012.05.11 14:19:35 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll MOD - [2012.05.11 14:19:27 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll MOD - [2012.04.18 16:30:36 | 000,583,168 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll MOD - [2012.04.11 15:47:44 | 000,072,192 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe MOD - [2012.04.03 12:30:52 | 000,047,616 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll MOD - [2011.11.23 18:38:58 | 000,205,824 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll MOD - [2010.07.31 01:23:18 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010.07.31 01:23:15 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2010.10.08 08:55:08 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.06.25 18:22:19 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.05.08 13:56:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.05.08 13:56:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.06 16:04:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion) SRV - [2011.09.23 15:37:08 | 001,429,608 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.07.30 15:40:25 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.06.21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2010.06.20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2010.06.20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2010.06.18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2010.06.17 12:44:10 | 000,851,824 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010.06.09 15:57:16 | 000,101,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2010.06.09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2010.06.09 15:55:00 | 000,537,456 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2010.06.08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV - [2010.06.08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2010.06.06 22:13:46 | 000,304,496 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2010.06.01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU) SRV - [2010.06.01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2010.05.31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010.05.28 22:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.05.28 22:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.10.09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2007.12.12 09:29:26 | 000,036,864 | ---- | M] () [Auto | Running] -- C:\Megatech\MProtect\MPServ.exe -- (Megatech-Software-Protection) SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007.01.04 19:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.08 13:56:41 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.05.08 13:56:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.11 15:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2011.09.24 19:21:08 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc) DRV:64bit: - [2011.09.24 19:21:08 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt) DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.07 17:02:28 | 000,045,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011.01.06 20:37:02 | 000,051,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2010.10.08 08:55:08 | 006,661,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.10.08 08:55:08 | 000,195,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2010.06.24 22:34:53 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.06.24 22:33:43 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.06.23 22:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010.06.23 22:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl) DRV:64bit: - [2010.06.23 22:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010.06.23 22:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010.06.23 22:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010.06.23 22:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe) DRV:64bit: - [2010.06.23 22:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci) DRV:64bit: - [2010.06.17 10:04:04 | 000,014,848 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBTUSB.sys -- (VBTUSB) DRV:64bit: - [2010.05.31 23:36:54 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2010.05.31 23:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2010.05.31 23:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.05.31 22:10:13 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010.05.28 22:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:64bit: - [2010.05.28 22:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV:64bit: - [2007.11.02 13:22:30 | 000,145,448 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217mdm.sys -- (s217mdm) DRV:64bit: - [2007.11.02 13:22:30 | 000,138,792 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217unic.sys -- (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) DRV:64bit: - [2007.11.02 13:22:30 | 000,124,968 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217obex.sys -- (s217obex) DRV:64bit: - [2007.11.02 13:22:30 | 000,033,832 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217nd5.sys -- (s217nd5) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (NDIS) DRV:64bit: - [2007.11.02 13:22:28 | 000,108,072 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217bus.sys -- (s217bus) Sony Ericsson Device 217 driver (WDM) DRV:64bit: - [2007.11.02 13:22:28 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s217mdfl.sys -- (s217mdfl) DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\regi.sys -- (regi) DRV:64bit: - [2007.04.17 11:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (6077757b) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Frederik\Desktop IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SVEE_enDE412 IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms} IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms} IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825 IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Searchqu Web Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Frederik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.28 19:46:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.17 20:57:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.05.17 20:57:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.12.28 19:46:03 | 000,000,000 | ---D | M] [2011.10.11 22:46:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frederik\AppData\Roaming\mozilla\Extensions [2012.05.05 21:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frederik\AppData\Roaming\mozilla\Firefox\Profiles\1g7tcssw.default\extensions [2011.07.23 19:46:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Frederik\AppData\Roaming\mozilla\Firefox\Profiles\1g7tcssw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.05.03 18:54:14 | 000,000,947 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml [2012.06.26 13:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml [2011.08.27 22:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml [2011.09.02 11:48:36 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml [2011.09.07 09:49:45 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml [2011.09.27 17:29:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml [2011.10.11 22:25:30 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml [2011.11.10 19:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml [2011.06.28 23:24:38 | 000,001,056 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml [2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml [2012.01.13 21:06:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.05.06 16:04:42 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.05.05 17:22:37 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll [2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml [2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Web Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.searchqu.com/web?src=crb&appid=0&systemid=410&sr=0&q={searchTerms} CHR - default_search_provider: suggest_url = CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gears.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2012.06.25 06:24:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Facebook Update] "C:\Users\Frederik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Sony PC Companion] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Sony) O4 - HKU\S-1-5-21-1297331777-4265084911-555462683-1000..\Run: [Spotify Web Helper] C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.18.0.5 212.18.3.5 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC863AAA-54E2-4F05-A57B-5B003D0368DB}: DhcpNameServer = 212.18.0.5 212.18.3.5 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3FA99C0-6D20-46D3-A571-87208C430CB4}: DhcpNameServer = 192.168.43.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell - "" = AutoRun O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: MCODS - Reg Error: Value error. SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: MCODS - Reg Error: Value error. SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: MCODS - Reg Error: Value error. SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: MCODS - Reg Error: Value error. SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - ActiveX:64bit: >{F65A5BD6-CBD5-44BB-92EE-7CD500DC5948} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.26 03:35:15 | 000,000,000 | -HSD | C] -- C:\found.000 [2012.06.25 20:00:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.06.25 19:57:17 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Local\Macromedia [2012.06.25 17:45:24 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Roaming\Malwarebytes [2012.06.25 17:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.25 17:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.25 17:45:14 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.25 17:45:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.25 02:50:46 | 000,000,000 | ---D | C] -- C:\_OTL [2012.06.03 16:33:22 | 000,000,000 | ---D | C] -- C:\Users\Frederik\AppData\Roaming\.minecraft [2012.06.02 18:17:50 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\1.3 [2012.06.02 14:37:18 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\Survival [2012.05.30 01:58:45 | 000,000,000 | ---D | C] -- C:\Users\Frederik\Desktop\region [2011.04.12 15:49:58 | 012,420,392 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox.exe [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Frederik\Documents\*.tmp files -> C:\Users\Frederik\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.06.27 14:25:59 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.27 14:25:58 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.27 14:21:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.06.27 14:16:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.27 14:15:39 | 3106,480,128 | -HS- | M] () -- C:\hiberfil.sys [2012.06.26 21:25:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000UA.job [2012.06.26 21:25:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000Core.job [2012.06.26 06:49:48 | 000,001,057 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.06.26 06:49:40 | 000,001,031 | ---- | M] () -- C:\Users\Frederik\Desktop\Dropbox.lnk [2012.06.26 03:44:30 | 001,535,666 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.26 03:44:30 | 000,672,522 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.26 03:44:30 | 000,623,428 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.26 03:44:30 | 000,135,806 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.26 03:44:30 | 000,111,556 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.26 03:40:55 | 000,449,112 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.25 17:45:15 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.11 21:33:20 | 001,237,678 | ---- | M] () -- C:\Users\Frederik\Desktop\Essentials.zip [2012.06.10 12:12:47 | 002,088,915 | ---- | M] () -- C:\Users\Frederik\Desktop\2012-06-10_12.12.46.png [2012.06.08 19:26:12 | 000,351,460 | ---- | M] () -- C:\test.xml [2012.06.04 21:38:48 | 000,002,724 | ---- | M] () -- C:\Users\Frederik\.recently-used.xbel [2012.06.03 16:48:36 | 007,512,122 | ---- | M] () -- C:\Users\Frederik\Desktop\craftbukkit.jar [2012.05.31 12:46:41 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk [2012.05.30 14:30:18 | 000,008,672 | ---- | M] () -- C:\Users\Frederik\Desktop\ctm.png [2012.05.30 12:37:00 | 003,017,826 | ---- | M] () -- C:\Users\Frederik\Desktop\r.1.1.zip [2012.05.30 12:36:47 | 004,061,578 | ---- | M] () -- C:\Users\Frederik\Desktop\r.0.-1.zip [2012.05.30 12:36:32 | 009,193,469 | ---- | M] () -- C:\Users\Frederik\Desktop\r.0.0.zip [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] [1 C:\Users\Frederik\Documents\*.tmp files -> C:\Users\Frederik\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.06.25 17:45:15 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.11 21:33:19 | 001,237,678 | ---- | C] () -- C:\Users\Frederik\Desktop\Essentials.zip [2012.06.10 12:12:46 | 002,088,915 | ---- | C] () -- C:\Users\Frederik\Desktop\2012-06-10_12.12.46.png [2012.06.04 21:38:48 | 000,002,724 | ---- | C] () -- C:\Users\Frederik\.recently-used.xbel [2012.06.04 00:27:49 | 001,727,579 | ---- | C] () -- C:\Users\Frederik\Desktop\terrain.png [2012.06.04 00:25:13 | 000,008,672 | ---- | C] () -- C:\Users\Frederik\Desktop\ctm.png [2012.06.03 16:48:18 | 007,512,122 | ---- | C] () -- C:\Users\Frederik\Desktop\craftbukkit.jar [2012.05.30 12:37:00 | 003,017,826 | ---- | C] () -- C:\Users\Frederik\Desktop\r.1.1.zip [2012.05.30 12:36:47 | 004,061,578 | ---- | C] () -- C:\Users\Frederik\Desktop\r.0.-1.zip [2012.05.30 12:36:31 | 009,193,469 | ---- | C] () -- C:\Users\Frederik\Desktop\r.0.0.zip [2011.12.27 18:44:05 | 000,000,036 | ---- | C] () -- C:\Users\Frederik\.org.eclipse.epp.usagedata.recording.userId [2011.12.25 17:21:20 | 000,823,296 | ---- | C] () -- C:\Windows\j3dcore-d3d.dll [2011.12.25 17:21:20 | 000,163,840 | ---- | C] () -- C:\Windows\j3dcore-ogl.dll [2011.12.25 17:21:20 | 000,049,152 | ---- | C] () -- C:\Windows\j3dcore-ogl-chk.dll [2011.12.25 17:21:20 | 000,040,960 | ---- | C] () -- C:\Windows\j3dcore-ogl-cg.dll [2011.11.06 01:33:15 | 000,000,040 | ---- | C] () -- C:\Users\Frederik\AppData\Roaming\cdr.ini [2011.11.02 12:51:14 | 000,000,287 | ---- | C] () -- C:\Users\Frederik\AppData\Local\VersionChecker_16.xml [2011.10.15 23:20:19 | 000,004,518 | ---- | C] () -- C:\Windows\cdplayer.ini [2011.09.18 16:24:39 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll [2011.06.19 11:40:43 | 001,660,147 | ---- | C] () -- C:\Program Files (x86)\WinRAR.exe [2011.05.16 08:39:35 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\MPDLL.DLL [2011.05.16 08:39:34 | 000,000,075 | ---- | C] () -- C:\Windows\megapfad.ini [2011.04.11 21:47:57 | 000,000,951 | ---- | C] () -- C:\Program Files (x86)\RS_Bobingen_08_3DA.MPF [2011.02.24 22:12:12 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2010.12.28 19:39:34 | 000,266,400 | ---- | C] () -- C:\Windows\hpwins23.dat [2010.12.28 12:31:47 | 001,555,208 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010.12.27 16:50:10 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2010.10.08 08:55:10 | 000,002,023 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.07.13 00:11:37 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.07.12 22:27:34 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2010.07.12 22:27:34 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2010.07.12 22:27:34 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010.07.12 22:27:33 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2010.07.12 22:27:32 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010.07.12 22:27:25 | 000,028,732 | ---- | C] () -- C:\Windows\SysWow64\ativvsny.dat [2010.07.12 22:27:25 | 000,026,936 | ---- | C] () -- C:\Windows\SysWow64\ativvsnl.dat ========== LOP Check ========== [2011.02.21 16:51:41 | 000,000,000 | ---D | M] -- C:\Users\Elfir\AppData\Roaming\SoftGrid Client [2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.# [2012.06.11 22:05:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\.minecraft [2011.09.18 16:33:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Atari [2010.12.29 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Blender Foundation [2012.06.27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Dropbox [2011.07.24 02:05:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoft [2011.07.23 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers [2011.10.11 21:48:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\FreeAudioPack [2012.06.04 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\gtk-2.0 [2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs [2011.11.02 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MAXON [2011.12.10 19:38:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MTE [2011.11.02 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nemetschek [2011.11.11 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Notepad++ [2011.11.07 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nvu [2011.03.13 11:49:41 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\SoftGrid Client [2012.06.03 23:30:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Spotify [2010.12.28 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TP [2011.02.16 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TrueCrypt [2012.05.01 02:09:50 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TS3Client [2012.06.26 21:25:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000Core.job [2012.06.26 21:25:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1297331777-4265084911-555462683-1000UA.job [2012.03.23 14:34:19 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.# [2012.06.11 22:05:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\.minecraft [2011.12.10 23:13:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Adobe [2011.11.11 14:58:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Apple Computer [2011.06.13 21:31:08 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\ArcSoft [2011.09.18 16:33:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Atari [2010.12.27 15:12:42 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\ATI [2011.10.15 09:37:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Avira [2010.12.29 23:02:22 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Blender Foundation [2010.12.27 16:50:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Corel [2011.08.07 20:08:14 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DivX [2012.06.27 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Dropbox [2011.07.24 02:05:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoft [2011.07.23 19:46:16 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers [2011.10.11 21:48:06 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\FreeAudioPack [2010.12.27 16:09:27 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Google [2012.06.04 00:28:13 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\gtk-2.0 [2010.12.29 18:17:09 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\HP [2012.05.16 23:44:32 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\HpUpdate [2010.12.27 15:12:05 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Identities [2010.12.27 15:12:48 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Intel Corporation [2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs [2010.07.30 15:37:45 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Macromedia [2012.06.25 17:45:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Malwarebytes [2011.11.02 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MAXON [2010.07.13 20:20:19 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Media Center Programs [2012.06.25 19:57:17 | 000,000,000 | --SD | M] -- C:\Users\Frederik\AppData\Roaming\Microsoft [2011.07.17 08:57:35 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Microsoft Games [2011.04.12 15:51:11 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Mozilla [2011.12.10 19:38:24 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\MTE [2011.11.02 12:50:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nemetschek [2011.11.11 22:42:38 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Notepad++ [2011.11.07 21:10:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Nvu [2011.10.21 18:45:21 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Skype [2011.10.21 18:44:09 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\skypePM [2011.03.13 11:49:41 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\SoftGrid Client [2010.12.27 15:15:34 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Sony Corporation [2012.06.03 23:30:10 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Spotify [2010.12.28 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TP [2011.02.16 21:36:52 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TrueCrypt [2012.05.01 02:09:50 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\TS3Client [2011.06.19 11:42:28 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\WinRAR [2010.12.28 19:46:53 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\Yahoo! < %APPDATA%\*.exe /s > [2012.03.26 22:54:36 | 001,488,383 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\.minecraft\mcpatcher-2.3.5.exe [2012.01.13 18:09:04 | 000,270,142 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\.minecraft\Minecraft.exe [2011.04.06 18:48:16 | 000,270,848 | ---- | M] (Teckda) -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\Minecraft Custom Nickname Loader.exe [2011.01.14 12:37:54 | 000,232,501 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\Minecraft.exe [2011.06.01 16:23:57 | 000,957,367 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\DivX\.minecraft\texturepacks\mcpatcher-2.1.0_01.exe [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe [2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Uninstall.exe [2012.05.05 17:22:37 | 012,697,088 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\loadtbs\ffmpeg.exe [2012.05.05 17:22:36 | 001,243,136 | ---- | M] (InfiniAd GmbH) -- C:\Users\Frederik\AppData\Roaming\loadtbs\uninstall.exe [2012.05.05 17:22:37 | 000,694,784 | ---- | M] (InfiniAd GmbH) -- C:\Users\Frederik\AppData\Roaming\loadtbs\ytdl.exe [2010.07.30 15:37:23 | 000,038,784 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2011.02.09 23:27:58 | 000,010,134 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Installer\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}\ARPPRODUCTICON.exe [2011.01.03 01:37:52 | 000,124,584 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avadmin.exe [2011.01.03 01:37:52 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avcenter.exe [2011.01.03 01:37:53 | 000,361,128 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avconfig.exe [2011.01.03 01:37:53 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avgnt.exe [2011.01.03 01:37:53 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avguard.exe [2011.01.03 01:37:53 | 000,224,936 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avnotify.exe [2011.01.03 01:37:53 | 000,435,368 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avscan.exe [2011.01.03 01:37:53 | 000,060,072 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avupgsvc.exe [2011.01.03 01:37:53 | 000,214,184 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avwebloader.exe [2011.01.03 01:37:54 | 000,098,480 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\avwsc.exe [2011.01.03 01:37:56 | 000,348,840 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\fact.exe [2011.01.03 01:37:56 | 000,071,848 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\guardgui.exe [2011.01.03 01:37:56 | 000,017,064 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\guardhlp.exe [2011.01.03 01:37:57 | 000,045,416 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\imp64b.exe [2011.01.03 01:37:57 | 000,041,729 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\insthlp.exe [2011.01.03 01:37:57 | 000,132,456 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\licmgr.exe [2011.01.03 01:37:57 | 000,588,456 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\presetup.exe [2011.01.03 01:37:58 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\sched.exe [2011.01.03 01:37:58 | 000,666,280 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\setup.exe [2011.01.03 01:37:58 | 000,516,353 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\update.exe [2011.01.03 01:38:00 | 004,485,976 | ---- | M] (Microsoft Corporation) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\vcredist_x86.exe [2011.01.03 01:38:00 | 000,065,192 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\wsctool.exe [2011.01.03 01:38:00 | 000,260,776 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\vista64\avshadow.exe [2011.01.03 01:38:01 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avira\AntiVir\xp\avshadow.exe [2012.05.06 20:14:46 | 002,895,373 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Templates\SetupDJ3.exe [2012.05.27 17:38:35 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Frederik\AppData\Roaming\Spotify\spotify.exe [2012.05.27 17:38:35 | 000,932,528 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTOR.SYS > [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys < MD5 for: IASTORV.SYS > [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll < MD5 for: USER32.DLL > [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll < MD5 for: USERINIT.EXE > [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe [2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll < End of report > |
|
28.06.2012, 09:40
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}: "URL" = http://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}: "URL" = http://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}: "URL" = http://www.searchqu.com/web?src=ieb&appid=0&systemid=410&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-1297331777-4265084911-555462683-1000\..\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}: "URL" = http://de.shopping.com/?linkin_id=8056363
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Searchqu Web Search"
FF - user.js - File not found
[2012.05.03 18:54:14 | 000,000,947 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml
[2012.06.26 13:36:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml
[2011.08.27 22:34:03 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml
[2011.09.02 11:48:36 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml
[2011.09.07 09:49:45 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml
[2011.09.27 17:29:38 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml
[2011.10.11 22:25:30 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml
[2011.11.10 19:21:29 | 000,000,950 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml
[2011.06.28 23:24:38 | 000,001,056 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml
[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml
[2011.10.11 21:47:53 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = http://www.searchqu.com/web?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}
CHR - default_search_provider: suggest_url =
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (loadtbs) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell - "" = AutoRun
O33 - MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\Shell\AutoRun\command - "" = E:\Startme.exe
[2012.06.26 03:35:15 | 000,000,000 | -HSD | C] -- C:\found.000
[2010.12.27 15:20:22 | 000,000,000 | -HSD | M] -- C:\Users\Frederik\AppData\Roaming\.#
[2012.05.05 17:22:40 | 000,000,000 | ---D | M] -- C:\Users\Frederik\AppData\Roaming\loadtbs
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.06.2012, 13:05
| #23 |
| | Gema Trojaner paysafe card hier ist das Logfile: Code:
ATTFilter All processes killed
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{40c3cc16-7269-4b32-9531-17f2950fb06f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{40c3cc16-7269-4b32-9531-17f2950fb06f}\ not found.
Registry value HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully.
HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{72344400-8F20-4959-B4E9-956718E805DF}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72344400-8F20-4959-B4E9-956718E805DF}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{908F9AEF-5D8C-478A-A424-C308A5274D52}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{908F9AEF-5D8C-478A-A424-C308A5274D52}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3344A8E-9DE1-45B5-A8CA-1928CD9123FE}\ not found.
Registry key HKEY_USERS\S-1-5-21-1297331777-4265084911-555462683-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDA43DA9-9B5D-4D02-A3D2-96BA0018368D}\ not found.
Prefs.js: "ICQ Search" removed from browser.search.defaultenginename
Prefs.js: "Winload Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB8&ctid=CT2319825&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl
Prefs.js: "Searchqu Web Search" removed from browser.search.order.1
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\conduit.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-1.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-2.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-3.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-4.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-5.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-6.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin-7.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\icqplugin.xml moved successfully.
C:\Users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\searchplugins\SearchResults.xml moved successfully.
C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml moved successfully.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Unable to fix default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}\ deleted successfully.
C:\Users\Frederik\AppData\Roaming\loadtbs\toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ae3e3c3-e469-11e0-a967-a7bfb79dcbb5}\ not found.
File E:\Startme.exe not found.
C:\found.000 folder moved successfully.
C:\Users\Frederik\AppData\Roaming\.# folder moved successfully.
C:\Users\Frederik\AppData\Roaming\loadtbs\chrome@loadtubes.com folder moved successfully.
C:\Users\Frederik\AppData\Roaming\loadtbs folder moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Elfir
->Temp folder emptied: 7672253 bytes
->Temporary Internet Files folder emptied: 28031239 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 13011020 bytes
->Flash cache emptied: 42385 bytes
User: Frederik
->Temp folder emptied: 3180107265 bytes
->Temporary Internet Files folder emptied: 235157409 bytes
->Java cache emptied: 49753 bytes
->FireFox cache emptied: 1112124980 bytes
->Google Chrome cache emptied: 63384384 bytes
->Flash cache emptied: 67921 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 352256696 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 605405 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 4.761,00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Elfir
->Flash cache emptied: 0 bytes
User: Frederik
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
OTL by OldTimer - Version 3.2.53.0 log created on 06282012_180007
Files\Folders moved on Reboot...
C:\Users\Frederik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF0857E423C9172073.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF09955E96C4AF1C40.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF0EF21CFB05028E30.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF114613426949A6EF.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF194CE5E85E6EF032.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF2516312EE1AC5AED.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF331E68FD967518B4.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF3FBBF1169DCAEC23.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF5F49E2A9EE01FA18.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF7CA55B94542056C5.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF81F6CF965A451B77.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF97B4159CE8969B0C.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DF9DAB98D682CB09A0.TMP not found!
File\Folder C:\Users\Frederik\AppData\Local\Temp\~DFB69190B41EAC84C0.TMP not found!
PendingFileRenameOperations files...
File C:\Users\Frederik\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF0857E423C9172073.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF09955E96C4AF1C40.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF0EF21CFB05028E30.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF114613426949A6EF.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF194CE5E85E6EF032.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF2516312EE1AC5AED.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF331E68FD967518B4.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF3FBBF1169DCAEC23.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF5F49E2A9EE01FA18.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF7CA55B94542056C5.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF81F6CF965A451B77.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF97B4159CE8969B0C.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DF9DAB98D682CB09A0.TMP not found!
File C:\Users\Frederik\AppData\Local\Temp\~DFB69190B41EAC84C0.TMP not found!
Registry entries deleted on Reboot...
|
|
29.06.2012, 13:47
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.06.2012, 15:25
| #25 |
| | Gema Trojaner paysafe cardCode:
ATTFilter 15:39:57.0650 4884 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44
15:39:57.0850 4884 ============================================================
15:39:57.0850 4884 Current date / time: 2012/06/29 15:39:57.0850
15:39:57.0850 4884 SystemInfo:
15:39:57.0850 4884
15:39:57.0850 4884 OS Version: 6.1.7600 ServicePack: 0.0
15:39:57.0850 4884 Product type: Workstation
15:39:57.0850 4884 ComputerName: FREDERIK-VAIO
15:39:57.0850 4884 UserName: Frederik
15:39:57.0850 4884 Windows directory: C:\Windows
15:39:57.0850 4884 System windows directory: C:\Windows
15:39:57.0850 4884 Running under WOW64
15:39:57.0850 4884 Processor architecture: Intel x64
15:39:57.0850 4884 Number of processors: 4
15:39:57.0850 4884 Page size: 0x1000
15:39:57.0850 4884 Boot type: Normal boot
15:39:57.0850 4884 ============================================================
15:39:59.0260 4884 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:39:59.0280 4884 ============================================================
15:39:59.0280 4884 \Device\Harddisk0\DR0:
15:39:59.0280 4884 MBR partitions:
15:39:59.0280 4884 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1ADE800, BlocksNum 0x32000
15:39:59.0280 4884 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B10800, BlocksNum 0x38875030
15:39:59.0280 4884 ============================================================
15:39:59.0330 4884 C: <-> \Device\Harddisk0\DR0\Partition1
15:39:59.0340 4884 ============================================================
15:39:59.0340 4884 Initialize success
15:39:59.0340 4884 ============================================================
15:40:29.0467 6124 ============================================================
15:40:29.0467 6124 Scan started
15:40:29.0467 6124 Mode: Manual; SigCheck; TDLFS;
15:40:29.0467 6124 ============================================================
15:40:31.0407 6124 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
15:40:31.0607 6124 1394ohci - ok
15:40:31.0687 6124 6077757b (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:40:31.0787 6124 6077757b - ok
15:40:32.0067 6124 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:40:32.0147 6124 ACDaemon - ok
15:40:32.0207 6124 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
15:40:32.0227 6124 ACPI - ok
15:40:32.0257 6124 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
15:40:32.0367 6124 AcpiPmi - ok
15:40:32.0967 6124 AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
15:40:33.0047 6124 AdobeActiveFileMonitor8.0 - ok
15:40:34.0037 6124 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:40:34.0047 6124 AdobeFlashPlayerUpdateSvc - ok
15:40:34.0437 6124 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:40:34.0477 6124 adp94xx - ok
15:40:34.0717 6124 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:40:34.0787 6124 adpahci - ok
15:40:34.0867 6124 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:40:34.0887 6124 adpu320 - ok
15:40:35.0107 6124 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:40:35.0257 6124 AeLookupSvc - ok
15:40:35.0517 6124 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
15:40:35.0677 6124 AFD - ok
15:40:35.0737 6124 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:40:35.0757 6124 agp440 - ok
15:40:35.0807 6124 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:40:35.0867 6124 ALG - ok
15:40:35.0897 6124 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:40:35.0927 6124 aliide - ok
15:40:35.0977 6124 AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
15:40:36.0057 6124 AMD External Events Utility - ok
15:40:36.0087 6124 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:40:36.0097 6124 amdide - ok
15:40:36.0137 6124 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:40:36.0197 6124 AmdK8 - ok
15:40:38.0797 6124 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:40:39.0037 6124 amdkmdag - ok
15:40:40.0117 6124 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
15:40:40.0267 6124 amdkmdap - ok
15:40:40.0387 6124 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:40:40.0437 6124 AmdPPM - ok
15:40:40.0487 6124 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:40:40.0507 6124 amdsata - ok
15:40:40.0537 6124 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:40:40.0567 6124 amdsbs - ok
15:40:40.0587 6124 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:40:40.0607 6124 amdxata - ok
15:40:41.0197 6124 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:40:41.0227 6124 AntiVirSchedulerService - ok
15:40:41.0447 6124 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:40:41.0457 6124 AntiVirService - ok
15:40:42.0117 6124 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
15:40:42.0237 6124 ApfiltrService - ok
15:40:42.0307 6124 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:40:42.0447 6124 AppID - ok
15:40:42.0527 6124 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:40:42.0587 6124 AppIDSvc - ok
15:40:42.0757 6124 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:40:42.0857 6124 Appinfo - ok
15:40:42.0917 6124 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:40:42.0947 6124 arc - ok
15:40:43.0127 6124 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:40:43.0157 6124 arcsas - ok
15:40:43.0227 6124 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:40:43.0237 6124 ArcSoftKsUFilter - ok
15:40:43.0277 6124 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:40:43.0397 6124 AsyncMac - ok
15:40:43.0437 6124 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:40:43.0447 6124 atapi - ok
15:40:45.0187 6124 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
15:40:45.0327 6124 athr - ok
15:40:48.0977 6124 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:40:49.0077 6124 atikmdag - ok
15:40:49.0437 6124 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:40:49.0537 6124 AudioEndpointBuilder - ok
15:40:49.0537 6124 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:40:49.0577 6124 AudioSrv - ok
15:40:49.0967 6124 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
15:40:49.0987 6124 avgntflt - ok
15:40:50.0097 6124 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
15:40:50.0117 6124 avipbb - ok
15:40:50.0257 6124 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:40:50.0277 6124 avkmgr - ok
15:40:50.0687 6124 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:40:50.0837 6124 AxInstSV - ok
15:40:50.0957 6124 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:40:51.0017 6124 b06bdrv - ok
15:40:51.0177 6124 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:40:51.0297 6124 b57nd60a - ok
15:40:51.0467 6124 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:40:51.0587 6124 BDESVC - ok
15:40:51.0687 6124 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:40:51.0757 6124 Beep - ok
15:40:52.0097 6124 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
15:40:52.0177 6124 BFE - ok
15:40:52.0247 6124 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:40:52.0527 6124 BITS - ok
15:40:52.0687 6124 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:40:52.0727 6124 blbdrive - ok
15:40:52.0797 6124 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:40:52.0927 6124 bowser - ok
15:40:53.0037 6124 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:40:53.0087 6124 BrFiltLo - ok
15:40:53.0147 6124 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:40:53.0187 6124 BrFiltUp - ok
15:40:53.0487 6124 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:40:53.0547 6124 Browser - ok
15:40:53.0717 6124 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:40:53.0787 6124 Brserid - ok
15:40:53.0867 6124 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:40:53.0957 6124 BrSerWdm - ok
15:40:54.0067 6124 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:40:54.0157 6124 BrUsbMdm - ok
15:40:54.0267 6124 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:40:54.0307 6124 BrUsbSer - ok
15:40:54.0377 6124 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:40:54.0467 6124 BthEnum - ok
15:40:54.0757 6124 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:40:54.0827 6124 BTHMODEM - ok
15:40:55.0037 6124 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:40:55.0087 6124 BthPan - ok
15:40:55.0337 6124 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
15:40:55.0457 6124 BTHPORT - ok
15:40:55.0587 6124 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:40:55.0697 6124 bthserv - ok
15:40:55.0807 6124 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
15:40:55.0837 6124 BTHUSB - ok
15:40:56.0157 6124 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
15:40:56.0207 6124 btwampfl - ok
15:40:56.0307 6124 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
15:40:56.0327 6124 btwaudio - ok
15:40:56.0727 6124 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
15:40:56.0777 6124 btwavdt - ok
15:40:57.0567 6124 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:40:57.0587 6124 btwdins - ok
15:40:57.0707 6124 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:40:57.0737 6124 btwl2cap - ok
15:40:57.0777 6124 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
15:40:57.0797 6124 btwrchid - ok
15:40:57.0907 6124 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:40:57.0997 6124 cdfs - ok
15:40:58.0197 6124 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:40:58.0247 6124 cdrom - ok
15:40:58.0327 6124 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:40:58.0377 6124 CertPropSvc - ok
15:40:58.0477 6124 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:40:58.0537 6124 circlass - ok
15:40:58.0707 6124 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:40:58.0737 6124 CLFS - ok
15:40:58.0957 6124 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:40:58.0997 6124 clr_optimization_v2.0.50727_32 - ok
15:40:59.0137 6124 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:40:59.0177 6124 clr_optimization_v2.0.50727_64 - ok
15:40:59.0427 6124 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:40:59.0487 6124 clr_optimization_v4.0.30319_32 - ok
15:40:59.0527 6124 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:40:59.0557 6124 clr_optimization_v4.0.30319_64 - ok
15:40:59.0637 6124 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:40:59.0677 6124 CmBatt - ok
15:40:59.0737 6124 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:40:59.0767 6124 cmdide - ok
15:40:59.0887 6124 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
15:41:00.0067 6124 CNG - ok
15:41:00.0157 6124 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:41:00.0197 6124 Compbatt - ok
15:41:00.0267 6124 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
15:41:00.0337 6124 CompositeBus - ok
15:41:00.0357 6124 COMSysApp - ok
15:41:00.0387 6124 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:41:00.0407 6124 crcdisk - ok
15:41:00.0567 6124 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
15:41:00.0737 6124 CryptSvc - ok
15:41:00.0947 6124 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys
15:41:00.0967 6124 dc3d - ok
15:41:01.0057 6124 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:41:01.0147 6124 DcomLaunch - ok
15:41:01.0507 6124 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:41:01.0677 6124 defragsvc - ok
15:41:01.0907 6124 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:41:02.0017 6124 DfsC - ok
15:41:02.0187 6124 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:41:02.0547 6124 Dhcp - ok
15:41:02.0697 6124 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:41:02.0787 6124 discache - ok
15:41:02.0887 6124 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:41:02.0907 6124 Disk - ok
15:41:03.0097 6124 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
15:41:03.0187 6124 Dnscache - ok
15:41:03.0287 6124 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:41:03.0407 6124 dot3svc - ok
15:41:03.0547 6124 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:41:03.0637 6124 Dot4 - ok
15:41:03.0747 6124 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:41:03.0817 6124 Dot4Print - ok
15:41:03.0907 6124 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:41:03.0967 6124 dot4usb - ok
15:41:04.0087 6124 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:41:04.0167 6124 DPS - ok
15:41:04.0207 6124 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:41:04.0237 6124 drmkaud - ok
15:41:04.0487 6124 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
15:41:04.0667 6124 DXGKrnl - ok
15:41:04.0757 6124 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:41:04.0837 6124 EapHost - ok
15:41:05.0807 6124 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:41:05.0987 6124 ebdrv - ok
15:41:06.0317 6124 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
15:41:06.0517 6124 EFS - ok
15:41:06.0687 6124 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
15:41:06.0807 6124 ehRecvr - ok
15:41:06.0837 6124 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:41:07.0047 6124 ehSched - ok
15:41:07.0137 6124 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:41:07.0187 6124 elxstor - ok
15:41:07.0227 6124 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:41:07.0247 6124 ErrDev - ok
15:41:07.0407 6124 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:41:07.0497 6124 EventSystem - ok
15:41:07.0587 6124 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:41:07.0657 6124 exfat - ok
15:41:07.0727 6124 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:41:07.0787 6124 fastfat - ok
15:41:08.0127 6124 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:41:08.0197 6124 Fax - ok
15:41:08.0317 6124 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:41:08.0377 6124 fdc - ok
15:41:08.0417 6124 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:41:08.0467 6124 fdPHost - ok
15:41:08.0527 6124 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:41:08.0587 6124 FDResPub - ok
15:41:08.0617 6124 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:41:08.0637 6124 FileInfo - ok
15:41:08.0647 6124 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:41:08.0717 6124 Filetrace - ok
15:41:08.0997 6124 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:41:09.0097 6124 FLEXnet Licensing Service - ok
15:41:09.0177 6124 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:41:09.0207 6124 flpydisk - ok
15:41:09.0257 6124 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:41:09.0297 6124 FltMgr - ok
15:41:09.0487 6124 FontCache (97223981a9214f1b4997e9075abb6bf5) C:\Windows\system32\FntCache.dll
15:41:09.0607 6124 FontCache - ok
15:41:09.0817 6124 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:41:09.0847 6124 FontCache3.0.0.0 - ok
15:41:09.0947 6124 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:41:09.0967 6124 FsDepends - ok
15:41:10.0037 6124 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
15:41:10.0067 6124 Fs_Rec - ok
15:41:10.0237 6124 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:41:10.0297 6124 fvevol - ok
15:41:10.0407 6124 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:41:10.0447 6124 gagp30kx - ok
15:41:10.0607 6124 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
15:41:10.0627 6124 ggflt - ok
15:41:10.0717 6124 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
15:41:10.0747 6124 ggsemc - ok
15:41:11.0007 6124 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:41:11.0077 6124 gpsvc - ok
15:41:11.0217 6124 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:41:11.0347 6124 hcw85cir - ok
15:41:11.0487 6124 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:41:11.0587 6124 HdAudAddService - ok
15:41:11.0757 6124 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
15:41:11.0797 6124 HDAudBus - ok
15:41:11.0887 6124 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
15:41:11.0907 6124 HECIx64 - ok
15:41:12.0007 6124 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:41:12.0067 6124 HidBatt - ok
15:41:12.0207 6124 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:41:12.0257 6124 HidBth - ok
15:41:12.0277 6124 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:41:12.0317 6124 HidIr - ok
15:41:12.0347 6124 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:41:12.0417 6124 hidserv - ok
15:41:12.0507 6124 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:41:12.0547 6124 HidUsb - ok
15:41:12.0637 6124 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:41:12.0737 6124 hkmsvc - ok
15:41:12.0857 6124 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:41:12.0967 6124 HomeGroupListener - ok
15:41:13.0067 6124 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:41:13.0107 6124 HomeGroupProvider - ok
15:41:13.0507 6124 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:41:13.0527 6124 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:41:13.0527 6124 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:41:13.0697 6124 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:41:13.0727 6124 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:41:13.0727 6124 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:41:13.0817 6124 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
15:41:13.0837 6124 HpSAMD - ok
15:41:14.0057 6124 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:41:14.0107 6124 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:41:14.0107 6124 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:41:14.0427 6124 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:41:14.0547 6124 HTTP - ok
15:41:14.0637 6124 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:41:14.0667 6124 hwpolicy - ok
15:41:14.0997 6124 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:41:15.0057 6124 i8042prt - ok
15:41:15.0507 6124 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
15:41:15.0527 6124 iaStor - ok
15:41:15.0917 6124 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:41:15.0937 6124 IAStorDataMgrSvc - ok
15:41:16.0127 6124 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:41:16.0177 6124 iaStorV - ok
15:41:16.0417 6124 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:41:16.0427 6124 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:41:16.0427 6124 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:41:17.0017 6124 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:41:17.0347 6124 idsvc - ok
15:41:21.0727 6124 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:41:22.0187 6124 igfx ( UnsignedFile.Multi.Generic ) - warning
15:41:22.0187 6124 igfx - detected UnsignedFile.Multi.Generic (1)
15:41:22.0777 6124 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:41:22.0817 6124 iirsp - ok
15:41:23.0187 6124 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:41:23.0277 6124 IKEEXT - ok
15:41:23.0387 6124 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
15:41:23.0487 6124 Impcd - ok
15:41:25.0017 6124 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
15:41:25.0117 6124 IntcAzAudAddService - ok
15:41:25.0547 6124 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:41:25.0587 6124 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
15:41:25.0587 6124 IntcDAud - detected UnsignedFile.Multi.Generic (1)
15:41:25.0667 6124 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:41:25.0707 6124 intelide - ok
15:41:25.0787 6124 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:41:25.0827 6124 intelppm - ok
15:41:25.0977 6124 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:41:26.0067 6124 IPBusEnum - ok
15:41:26.0277 6124 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:41:26.0387 6124 IpFilterDriver - ok
15:41:27.0017 6124 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
15:41:27.0117 6124 iphlpsvc - ok
15:41:27.0297 6124 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
15:41:27.0377 6124 IPMIDRV - ok
15:41:27.0597 6124 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:41:27.0687 6124 IPNAT - ok
15:41:27.0747 6124 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:41:27.0767 6124 IRENUM - ok
15:41:27.0847 6124 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:41:27.0887 6124 isapnp - ok
15:41:28.0077 6124 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
15:41:28.0117 6124 iScsiPrt - ok
15:41:28.0317 6124 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:41:28.0327 6124 IviRegMgr - ok
15:41:28.0437 6124 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:41:28.0467 6124 kbdclass - ok
15:41:28.0527 6124 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:41:28.0597 6124 kbdhid - ok
15:41:28.0637 6124 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:41:28.0657 6124 KeyIso - ok
15:41:28.0727 6124 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
15:41:28.0757 6124 KSecDD - ok
15:41:28.0947 6124 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
15:41:28.0977 6124 KSecPkg - ok
15:41:29.0057 6124 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:41:29.0127 6124 ksthunk - ok
15:41:29.0257 6124 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:41:29.0367 6124 KtmRm - ok
15:41:29.0517 6124 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
15:41:29.0647 6124 LanmanServer - ok
15:41:29.0777 6124 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:41:29.0847 6124 LanmanWorkstation - ok
15:41:29.0987 6124 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:41:30.0057 6124 lltdio - ok
15:41:30.0147 6124 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:41:30.0247 6124 lltdsvc - ok
15:41:30.0347 6124 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:41:30.0407 6124 lmhosts - ok
15:41:30.0557 6124 LMS (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:41:30.0567 6124 LMS - ok
15:41:30.0647 6124 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:41:30.0667 6124 LSI_FC - ok
15:41:30.0697 6124 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:41:30.0717 6124 LSI_SAS - ok
15:41:30.0767 6124 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:41:30.0787 6124 LSI_SAS2 - ok
15:41:30.0847 6124 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:41:30.0867 6124 LSI_SCSI - ok
15:41:30.0897 6124 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:41:30.0967 6124 luafv - ok
15:41:31.0067 6124 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:41:31.0087 6124 MBAMProtector - ok
15:41:31.0277 6124 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:41:31.0297 6124 MBAMService - ok
15:41:31.0437 6124 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:41:31.0507 6124 Mcx2Svc - ok
15:41:31.0567 6124 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:41:31.0597 6124 megasas - ok
15:41:31.0667 6124 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:41:31.0687 6124 MegaSR - ok
15:41:31.0767 6124 Megatech-Software-Protection (68b005af0bc4f8823eab5b105a40cc28) C:\Megatech\MProtect\MPSERV.EXE
15:41:31.0777 6124 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - warning
15:41:31.0777 6124 Megatech-Software-Protection - detected UnsignedFile.Multi.Generic (1)
15:41:31.0867 6124 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:41:31.0937 6124 MMCSS - ok
15:41:31.0987 6124 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:41:32.0057 6124 Modem - ok
15:41:32.0147 6124 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:41:32.0207 6124 monitor - ok
15:41:32.0277 6124 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:41:32.0307 6124 mouclass - ok
15:41:32.0447 6124 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:41:32.0477 6124 mouhid - ok
15:41:32.0567 6124 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:41:32.0617 6124 mountmgr - ok
15:41:32.0927 6124 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:41:32.0987 6124 MozillaMaintenance - ok
15:41:33.0127 6124 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
15:41:33.0167 6124 mpio - ok
15:41:33.0227 6124 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:41:33.0267 6124 mpsdrv - ok
15:41:33.0597 6124 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
15:41:33.0687 6124 MpsSvc - ok
15:41:33.0747 6124 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:41:33.0797 6124 MRxDAV - ok
15:41:33.0887 6124 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:41:33.0957 6124 mrxsmb - ok
15:41:34.0157 6124 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:41:34.0227 6124 mrxsmb10 - ok
15:41:34.0287 6124 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:41:34.0347 6124 mrxsmb20 - ok
15:41:34.0457 6124 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
15:41:34.0487 6124 msahci - ok
15:41:34.0527 6124 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
15:41:34.0547 6124 msdsm - ok
15:41:34.0607 6124 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:41:34.0697 6124 MSDTC - ok
15:41:34.0797 6124 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:41:34.0827 6124 Msfs - ok
15:41:34.0847 6124 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:41:34.0907 6124 mshidkmdf - ok
15:41:34.0937 6124 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:41:34.0957 6124 msisadrv - ok
15:41:35.0077 6124 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:41:35.0147 6124 MSiSCSI - ok
15:41:35.0157 6124 msiserver - ok
15:41:35.0207 6124 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:41:35.0267 6124 MSKSSRV - ok
15:41:35.0307 6124 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:41:35.0357 6124 MSPCLOCK - ok
15:41:35.0377 6124 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:41:35.0437 6124 MSPQM - ok
15:41:35.0587 6124 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:41:35.0617 6124 MsRPC - ok
15:41:35.0737 6124 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:41:35.0747 6124 mssmbios - ok
15:41:35.0787 6124 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:41:35.0837 6124 MSTEE - ok
15:41:35.0867 6124 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:41:35.0897 6124 MTConfig - ok
15:41:35.0957 6124 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:41:35.0987 6124 Mup - ok
15:41:36.0067 6124 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:41:36.0117 6124 napagent - ok
15:41:36.0257 6124 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:41:36.0317 6124 NativeWifiP - ok
15:41:36.0487 6124 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:41:36.0517 6124 NDIS - ok
15:41:36.0697 6124 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:41:36.0767 6124 NdisCap - ok
15:41:36.0837 6124 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:41:36.0937 6124 NdisTapi - ok
15:41:37.0077 6124 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:41:37.0187 6124 Ndisuio - ok
15:41:37.0287 6124 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:41:37.0357 6124 NdisWan - ok
15:41:37.0447 6124 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:41:37.0507 6124 NDProxy - ok
15:41:37.0647 6124 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
15:41:37.0707 6124 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:41:37.0707 6124 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:41:37.0817 6124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:41:37.0897 6124 NetBIOS - ok
15:41:37.0977 6124 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:41:38.0087 6124 NetBT - ok
15:41:38.0167 6124 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:41:38.0197 6124 Netlogon - ok
15:41:38.0347 6124 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:41:38.0417 6124 Netman - ok
15:41:38.0547 6124 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:41:38.0647 6124 netprofm - ok
15:41:38.0847 6124 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:41:38.0897 6124 NetTcpPortSharing - ok
15:41:38.0967 6124 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:41:38.0987 6124 nfrd960 - ok
15:41:39.0157 6124 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:41:39.0247 6124 NlaSvc - ok
15:41:39.0987 6124 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:41:40.0117 6124 NOBU - ok
15:41:40.0437 6124 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:41:40.0497 6124 Npfs - ok
15:41:40.0607 6124 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:41:40.0657 6124 nsi - ok
15:41:40.0697 6124 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:41:40.0737 6124 nsiproxy - ok
15:41:41.0527 6124 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:41:41.0847 6124 Ntfs - ok
15:41:42.0397 6124 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:41:42.0447 6124 Null - ok
15:41:42.0587 6124 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:41:42.0617 6124 nvraid - ok
15:41:42.0797 6124 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:41:42.0827 6124 nvstor - ok
15:41:42.0887 6124 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:41:42.0907 6124 nv_agp - ok
15:41:42.0997 6124 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:41:43.0017 6124 ohci1394 - ok
15:41:43.0327 6124 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:41:43.0357 6124 ose - ok
15:41:44.0297 6124 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:41:44.0657 6124 osppsvc - ok
15:41:45.0127 6124 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:41:45.0187 6124 p2pimsvc - ok
15:41:45.0317 6124 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:41:45.0357 6124 p2psvc - ok
15:41:45.0517 6124 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:41:45.0537 6124 Parport - ok
15:41:45.0597 6124 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
15:41:45.0627 6124 partmgr - ok
15:41:45.0797 6124 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:41:45.0837 6124 PcaSvc - ok
15:41:46.0117 6124 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
15:41:46.0137 6124 pci - ok
15:41:46.0177 6124 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:41:46.0197 6124 pciide - ok
15:41:46.0287 6124 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:41:46.0317 6124 pcmcia - ok
15:41:46.0507 6124 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:41:46.0557 6124 pcw - ok
15:41:46.0947 6124 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:41:47.0107 6124 PEAUTH - ok
15:41:47.0697 6124 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:41:47.0757 6124 PerfHost - ok
15:41:48.0347 6124 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:41:48.0577 6124 pla - ok
15:41:48.0817 6124 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
15:41:48.0977 6124 PlugPlay - ok
15:41:49.0197 6124 PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:41:49.0217 6124 PMBDeviceInfoProvider - ok
15:41:49.0437 6124 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
15:41:49.0487 6124 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:41:49.0487 6124 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:41:49.0557 6124 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:41:49.0637 6124 PNRPAutoReg - ok
15:41:49.0767 6124 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:41:49.0807 6124 PNRPsvc - ok
15:41:49.0927 6124 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys
15:41:49.0947 6124 Point64 - ok
15:41:50.0177 6124 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:41:50.0257 6124 PolicyAgent - ok
15:41:50.0397 6124 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:41:50.0457 6124 Power - ok
15:41:50.0557 6124 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:41:50.0657 6124 PptpMiniport - ok
15:41:50.0777 6124 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:41:50.0837 6124 Processor - ok
15:41:50.0897 6124 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
15:41:51.0007 6124 ProfSvc - ok
15:41:51.0067 6124 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:41:51.0087 6124 ProtectedStorage - ok
15:41:51.0177 6124 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:41:51.0217 6124 Psched - ok
15:41:51.0327 6124 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:41:51.0347 6124 PSI_SVC_2 - ok
15:41:51.0497 6124 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:41:51.0537 6124 PxHlpa64 - ok
15:41:51.0937 6124 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:41:52.0107 6124 ql2300 - ok
15:41:52.0517 6124 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:41:52.0547 6124 ql40xx - ok
15:41:52.0697 6124 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:41:52.0727 6124 QWAVE - ok
15:41:52.0847 6124 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:41:52.0907 6124 QWAVEdrv - ok
15:41:52.0977 6124 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:41:53.0087 6124 RasAcd - ok
15:41:53.0187 6124 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:41:53.0247 6124 RasAgileVpn - ok
15:41:53.0377 6124 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:41:53.0457 6124 RasAuto - ok
15:41:53.0607 6124 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:41:53.0677 6124 Rasl2tp - ok
15:41:54.0387 6124 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:41:54.0457 6124 RasMan - ok
15:41:54.0507 6124 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:41:54.0567 6124 RasPppoe - ok
15:41:54.0587 6124 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:41:54.0647 6124 RasSstp - ok
15:41:54.0677 6124 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:41:54.0727 6124 rdbss - ok
15:41:54.0747 6124 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:41:54.0787 6124 rdpbus - ok
15:41:54.0807 6124 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:41:54.0847 6124 RDPCDD - ok
15:41:54.0887 6124 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:41:54.0937 6124 RDPENCDD - ok
15:41:54.0967 6124 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:41:55.0027 6124 RDPREFMP - ok
15:41:55.0157 6124 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
15:41:55.0257 6124 RDPWD - ok
15:41:55.0307 6124 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
15:41:55.0327 6124 rdyboost - ok
15:41:55.0347 6124 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:41:55.0347 6124 regi - ok
15:41:55.0427 6124 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:41:55.0487 6124 RemoteAccess - ok
15:41:55.0587 6124 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:41:55.0667 6124 RemoteRegistry - ok
15:41:55.0787 6124 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:41:55.0837 6124 RFCOMM - ok
15:41:56.0077 6124 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
15:41:56.0137 6124 rimspci - ok
15:41:56.0377 6124 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
15:41:56.0437 6124 risdsnpe - ok
15:41:56.0507 6124 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:41:56.0577 6124 RpcEptMapper - ok
15:41:56.0647 6124 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:41:56.0657 6124 RpcLocator - ok
15:41:56.0817 6124 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:41:56.0867 6124 RpcSs - ok
15:41:56.0997 6124 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:41:57.0067 6124 rspndr - ok
15:41:57.0207 6124 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
15:41:57.0227 6124 RTHDMIAzAudService - ok
15:41:57.0477 6124 s217bus (b49951a2c8fd81307707443d01936e37) C:\Windows\system32\DRIVERS\s217bus.sys
15:41:57.0497 6124 s217bus - ok
15:41:57.0557 6124 s217mdfl (58204ec551d1a94d60cac130440f0feb) C:\Windows\system32\DRIVERS\s217mdfl.sys
15:41:57.0587 6124 s217mdfl - ok
15:41:57.0667 6124 s217mdm (e2b3de89339a7a807520c6063cd146d3) C:\Windows\system32\DRIVERS\s217mdm.sys
15:41:57.0687 6124 s217mdm - ok
15:41:57.0747 6124 s217nd5 (7bc7d18351b846f4544b54db38fb4208) C:\Windows\system32\DRIVERS\s217nd5.sys
15:41:57.0757 6124 s217nd5 - ok
15:41:57.0847 6124 s217obex (d498b2082f51858f121d4584a7787cd5) C:\Windows\system32\DRIVERS\s217obex.sys
15:41:57.0867 6124 s217obex - ok
15:41:57.0907 6124 s217unic (43512d0c3a59eb20fda06ce4265a1549) C:\Windows\system32\DRIVERS\s217unic.sys
15:41:57.0927 6124 s217unic - ok
15:41:58.0077 6124 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:41:58.0107 6124 SamSs - ok
15:41:58.0197 6124 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
15:41:58.0227 6124 sbp2port - ok
15:41:58.0277 6124 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:41:58.0327 6124 SCardSvr - ok
15:41:58.0377 6124 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:41:58.0497 6124 scfilter - ok
15:41:58.0737 6124 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
15:41:58.0827 6124 Schedule - ok
15:41:58.0857 6124 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:41:58.0907 6124 SCPolicySvc - ok
15:41:58.0987 6124 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
15:41:59.0067 6124 sdbus - ok
15:41:59.0137 6124 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:41:59.0227 6124 SDRSVC - ok
15:41:59.0247 6124 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:41:59.0307 6124 secdrv - ok
15:41:59.0377 6124 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:41:59.0457 6124 seclogon - ok
15:41:59.0477 6124 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:41:59.0527 6124 SENS - ok
15:41:59.0567 6124 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:41:59.0637 6124 SensrSvc - ok
15:41:59.0697 6124 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:41:59.0737 6124 Serenum - ok
15:41:59.0957 6124 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:42:00.0007 6124 Serial - ok
15:42:00.0117 6124 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:42:00.0167 6124 sermouse - ok
15:42:00.0247 6124 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:42:00.0307 6124 SessionEnv - ok
15:42:00.0397 6124 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
15:42:00.0467 6124 SFEP - ok
15:42:00.0527 6124 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:42:00.0567 6124 sffdisk - ok
15:42:00.0597 6124 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:42:00.0637 6124 sffp_mmc - ok
15:42:00.0647 6124 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
15:42:00.0687 6124 sffp_sd - ok
15:42:00.0747 6124 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:42:00.0767 6124 sfloppy - ok
15:42:00.0837 6124 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:42:00.0917 6124 SharedAccess - ok
15:42:01.0167 6124 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:42:01.0207 6124 ShellHWDetection - ok
15:42:01.0257 6124 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:42:01.0277 6124 SiSRaid2 - ok
15:42:01.0387 6124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:42:01.0417 6124 SiSRaid4 - ok
15:42:01.0467 6124 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:42:01.0537 6124 Smb - ok
15:42:01.0617 6124 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:42:01.0647 6124 SNMPTRAP - ok
15:42:01.0967 6124 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:42:01.0997 6124 SOHCImp - ok
15:42:02.0217 6124 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:42:02.0267 6124 SOHDms - ok
15:42:02.0297 6124 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:42:02.0317 6124 SOHDs - ok
15:42:02.0537 6124 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
15:42:02.0567 6124 Sony PC Companion - ok
15:42:02.0977 6124 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:42:03.0017 6124 SpfService - ok
15:42:03.0097 6124 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:42:03.0107 6124 spldr - ok
15:42:03.0327 6124 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
15:42:03.0387 6124 Spooler - ok
15:42:03.0777 6124 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:42:03.0907 6124 sppsvc - ok
15:42:04.0247 6124 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:42:04.0307 6124 sppuinotify - ok
15:42:04.0437 6124 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:42:04.0507 6124 srv - ok
15:42:04.0647 6124 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:42:04.0677 6124 srv2 - ok
15:42:04.0807 6124 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:42:04.0857 6124 srvnet - ok
15:42:04.0997 6124 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:42:05.0127 6124 SSDPSRV - ok
15:42:05.0177 6124 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:42:05.0207 6124 SstpSvc - ok
15:42:05.0397 6124 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:42:05.0437 6124 stexstor - ok
15:42:05.0517 6124 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:42:05.0567 6124 stisvc - ok
15:42:05.0597 6124 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:42:05.0607 6124 swenum - ok
15:42:05.0707 6124 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:42:05.0757 6124 swprv - ok
15:42:06.0057 6124 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:42:06.0157 6124 SysMain - ok
15:42:06.0387 6124 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:42:06.0427 6124 TabletInputService - ok
15:42:06.0617 6124 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:42:06.0707 6124 TapiSrv - ok
15:42:06.0747 6124 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:42:06.0797 6124 TBS - ok
15:42:06.0977 6124 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
15:42:07.0067 6124 Tcpip - ok
15:42:07.0627 6124 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
15:42:07.0667 6124 TCPIP6 - ok
15:42:07.0877 6124 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:42:07.0937 6124 tcpipreg - ok
15:42:07.0977 6124 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:42:08.0067 6124 TDPIPE - ok
15:42:08.0127 6124 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
15:42:08.0177 6124 TDTCP - ok
15:42:08.0217 6124 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:42:08.0277 6124 tdx - ok
15:42:08.0387 6124 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
15:42:08.0407 6124 TermDD - ok
15:42:08.0857 6124 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:42:08.0937 6124 TermService - ok
15:42:09.0047 6124 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:42:09.0077 6124 Themes - ok
15:42:09.0117 6124 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:42:09.0147 6124 THREADORDER - ok
15:42:09.0237 6124 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:42:09.0297 6124 TrkWks - ok
15:42:09.0497 6124 truecrypt (c6a1a2b4e8a7b92c11ca038369bd7dbe) C:\Windows\syswow64\drivers\truecrypt.sys
15:42:09.0517 6124 truecrypt - ok
15:42:09.0557 6124 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:42:09.0597 6124 TrustedInstaller - ok
15:42:09.0677 6124 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:42:09.0717 6124 tssecsrv - ok
15:42:09.0757 6124 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:42:09.0827 6124 tunnel - ok
15:42:09.0857 6124 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:42:09.0887 6124 uagp35 - ok
15:42:09.0967 6124 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:42:09.0987 6124 uCamMonitor - ok
15:42:10.0037 6124 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
15:42:10.0117 6124 udfs - ok
15:42:10.0147 6124 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:42:10.0167 6124 UI0Detect - ok
15:42:10.0207 6124 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:42:10.0217 6124 uliagpkx - ok
15:42:10.0297 6124 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:42:10.0337 6124 umbus - ok
15:42:10.0377 6124 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:42:10.0387 6124 UmPass - ok
15:42:10.0667 6124 UNS (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:42:10.0767 6124 UNS - ok
15:42:10.0917 6124 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:42:10.0977 6124 upnphost - ok
15:42:11.0067 6124 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
15:42:11.0127 6124 usbccgp - ok
15:42:11.0187 6124 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:42:11.0237 6124 usbcir - ok
15:42:11.0277 6124 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
15:42:11.0297 6124 usbehci - ok
15:42:11.0347 6124 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
15:42:11.0397 6124 usbhub - ok
15:42:11.0427 6124 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
15:42:11.0447 6124 usbohci - ok
15:42:11.0487 6124 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:42:11.0527 6124 usbprint - ok
15:42:11.0557 6124 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:42:11.0577 6124 usbscan - ok
15:42:11.0607 6124 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:42:11.0697 6124 USBSTOR - ok
15:42:11.0727 6124 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
15:42:11.0757 6124 usbuhci - ok
15:42:11.0857 6124 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
15:42:11.0937 6124 usbvideo - ok
15:42:11.0967 6124 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:42:11.0997 6124 UxSms - ok
15:42:12.0107 6124 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:42:12.0117 6124 VAIO Event Service - ok
15:42:12.0307 6124 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:42:12.0337 6124 VAIO Power Management - ok
15:42:12.0417 6124 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:42:12.0427 6124 VaultSvc - ok
15:42:12.0517 6124 VBTUSB (70a90412f0ae18021794a0754c2d6299) C:\Windows\system32\Drivers\VBTUSB.sys
15:42:12.0527 6124 VBTUSB ( UnsignedFile.Multi.Generic ) - warning
15:42:12.0527 6124 VBTUSB - detected UnsignedFile.Multi.Generic (1)
15:42:12.0677 6124 VCFw (96efa2698d6b9e2931609a3ea73fc5dc) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:42:12.0697 6124 VCFw - ok
15:42:12.0857 6124 VcmIAlzMgr (7bebf6a5285ffc03c34a7297a4e177cb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:42:12.0917 6124 VcmIAlzMgr - ok
15:42:12.0967 6124 VcmINSMgr (e005b04dfca99f5880c5111933194ca9) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:42:12.0997 6124 VcmINSMgr - ok
15:42:13.0097 6124 VcmXmlIfHelper (829a32fd1334f72429ca0515760eb7a7) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:42:13.0107 6124 VcmXmlIfHelper - ok
15:42:13.0207 6124 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
15:42:13.0217 6124 VCService - ok
15:42:13.0447 6124 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:42:13.0457 6124 vdrvroot - ok
15:42:13.0527 6124 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:42:13.0547 6124 vds - ok
15:42:13.0597 6124 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:42:13.0637 6124 vga - ok
15:42:13.0637 6124 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:42:13.0707 6124 VgaSave - ok
15:42:13.0757 6124 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
15:42:13.0787 6124 vhdmp - ok
15:42:13.0827 6124 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:42:13.0837 6124 viaide - ok
15:42:13.0887 6124 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
15:42:13.0907 6124 volmgr - ok
15:42:13.0987 6124 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:42:14.0037 6124 volmgrx - ok
15:42:14.0127 6124 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
15:42:14.0147 6124 volsnap - ok
15:42:14.0267 6124 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:42:14.0287 6124 vsmraid - ok
15:42:14.0777 6124 VSNService (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:42:14.0807 6124 VSNService ( UnsignedFile.Multi.Generic ) - warning
15:42:14.0807 6124 VSNService - detected UnsignedFile.Multi.Generic (1)
15:42:14.0967 6124 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:42:15.0007 6124 VSS - ok
15:42:15.0247 6124 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
15:42:15.0277 6124 VUAgent - ok
15:42:15.0487 6124 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:42:15.0497 6124 vwifibus - ok
15:42:15.0537 6124 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:42:15.0597 6124 vwififlt - ok
15:42:15.0667 6124 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:42:15.0707 6124 W32Time - ok
15:42:15.0737 6124 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:42:15.0767 6124 WacomPen - ok
15:42:15.0837 6124 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:42:15.0877 6124 WANARP - ok
15:42:15.0877 6124 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:42:15.0917 6124 Wanarpv6 - ok
15:42:16.0067 6124 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:42:16.0137 6124 wbengine - ok
15:42:16.0297 6124 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:42:16.0327 6124 WbioSrvc - ok
15:42:16.0377 6124 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
15:42:16.0457 6124 wcncsvc - ok
15:42:16.0487 6124 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:42:16.0547 6124 WcsPlugInService - ok
15:42:16.0607 6124 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:42:16.0617 6124 Wd - ok
15:42:16.0707 6124 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:42:16.0737 6124 Wdf01000 - ok
15:42:16.0757 6124 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:42:16.0797 6124 WdiServiceHost - ok
15:42:16.0797 6124 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:42:16.0817 6124 WdiSystemHost - ok
15:42:16.0867 6124 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
15:42:16.0917 6124 WebClient - ok
15:42:16.0977 6124 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:42:17.0027 6124 Wecsvc - ok
15:42:17.0077 6124 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:42:17.0137 6124 wercplsupport - ok
15:42:17.0187 6124 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:42:17.0237 6124 WerSvc - ok
15:42:17.0417 6124 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:42:17.0457 6124 WfpLwf - ok
15:42:17.0537 6124 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:42:17.0557 6124 WIMMount - ok
15:42:17.0737 6124 WinDefend - ok
15:42:17.0747 6124 WinHttpAutoProxySvc - ok
15:42:18.0027 6124 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:42:18.0087 6124 Winmgmt - ok
15:42:18.0587 6124 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:42:18.0717 6124 WinRM - ok
15:42:18.0887 6124 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:42:18.0907 6124 WinUsb - ok
15:42:18.0987 6124 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:42:19.0017 6124 Wlansvc - ok
15:42:19.0057 6124 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:42:19.0067 6124 WmiAcpi - ok
15:42:19.0127 6124 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:42:19.0177 6124 wmiApSrv - ok
15:42:19.0227 6124 WMPNetworkSvc - ok
15:42:19.0267 6124 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:42:19.0317 6124 WPCSvc - ok
15:42:19.0337 6124 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:42:19.0397 6124 WPDBusEnum - ok
15:42:19.0417 6124 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:42:19.0477 6124 ws2ifsl - ok
15:42:19.0527 6124 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
15:42:19.0597 6124 wscsvc - ok
15:42:19.0597 6124 WSearch - ok
15:42:19.0767 6124 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:42:19.0837 6124 wuauserv - ok
15:42:19.0997 6124 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:42:20.0037 6124 WudfPf - ok
15:42:20.0267 6124 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:42:20.0327 6124 WUDFRd - ok
15:42:20.0357 6124 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:42:20.0407 6124 wudfsvc - ok
15:42:20.0447 6124 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:42:20.0497 6124 WwanSvc - ok
15:42:20.0587 6124 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
15:42:20.0597 6124 yukonw7 - ok
15:42:20.0667 6124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:42:21.0347 6124 \Device\Harddisk0\DR0 - ok
15:42:21.0367 6124 Boot (0x1200) (afb50ac67b2958360cae28bac7bd7f1b) \Device\Harddisk0\DR0\Partition0
15:42:21.0377 6124 \Device\Harddisk0\DR0\Partition0 - ok
15:42:21.0387 6124 Boot (0x1200) (8a6dc18ba0564a73262625f882328fae) \Device\Harddisk0\DR0\Partition1
15:42:21.0387 6124 \Device\Harddisk0\DR0\Partition1 - ok
15:42:21.0387 6124 ============================================================
15:42:21.0387 6124 Scan finished
15:42:21.0387 6124 ============================================================
15:42:21.0397 6576 Detected object count: 11
15:42:21.0397 6576 Actual detected object count: 11
15:42:57.0527 6576 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0527 6576 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0527 6576 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0527 6576 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0537 6576 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0537 6576 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0547 6576 VBTUSB ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0547 6576 VBTUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:42:57.0547 6576 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
15:42:57.0547 6576 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:43:14.0663 6920 ============================================================
15:43:14.0663 6920 Scan started
15:43:14.0663 6920 Mode: Manual; SigCheck; TDLFS;
15:43:14.0663 6920 ============================================================
15:43:15.0630 6920 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
15:43:15.0692 6920 1394ohci - ok
15:43:15.0755 6920 6077757b (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:43:15.0770 6920 6077757b - ok
15:43:15.0989 6920 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
15:43:16.0004 6920 ACDaemon - ok
15:43:16.0223 6920 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
15:43:16.0238 6920 ACPI - ok
15:43:16.0285 6920 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
15:43:16.0301 6920 AcpiPmi - ok
15:43:16.0597 6920 AdobeActiveFileMonitor8.0 (34400005de52842c4d6d4ee978b4d7ce) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
15:43:16.0613 6920 AdobeActiveFileMonitor8.0 - ok
15:43:17.0627 6920 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:43:17.0642 6920 AdobeFlashPlayerUpdateSvc - ok
15:43:17.0814 6920 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
15:43:17.0845 6920 adp94xx - ok
15:43:18.0656 6920 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
15:43:18.0687 6920 adpahci - ok
15:43:18.0843 6920 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
15:43:18.0875 6920 adpu320 - ok
15:43:18.0937 6920 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
15:43:18.0999 6920 AeLookupSvc - ok
15:43:19.0639 6920 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
15:43:19.0670 6920 AFD - ok
15:43:19.0733 6920 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
15:43:19.0748 6920 agp440 - ok
15:43:19.0920 6920 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
15:43:19.0951 6920 ALG - ok
15:43:19.0998 6920 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
15:43:20.0013 6920 aliide - ok
15:43:20.0325 6920 AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
15:43:20.0341 6920 AMD External Events Utility - ok
15:43:20.0419 6920 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
15:43:20.0435 6920 amdide - ok
15:43:20.0700 6920 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
15:43:20.0715 6920 AmdK8 - ok
15:43:24.0912 6920 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:43:25.0099 6920 amdkmdag - ok
15:43:25.0739 6920 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
15:43:25.0770 6920 amdkmdap - ok
15:43:25.0832 6920 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
15:43:25.0863 6920 AmdPPM - ok
15:43:26.0113 6920 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
15:43:26.0144 6920 amdsata - ok
15:43:26.0238 6920 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
15:43:26.0269 6920 amdsbs - ok
15:43:26.0316 6920 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
15:43:26.0316 6920 amdxata - ok
15:43:26.0628 6920 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:43:26.0643 6920 AntiVirSchedulerService - ok
15:43:26.0721 6920 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:43:26.0737 6920 AntiVirService - ok
15:43:26.0987 6920 ApfiltrService (2d45f2dfbc3d8f53df7ebeffa8c9bc38) C:\Windows\system32\drivers\Apfiltr.sys
15:43:27.0018 6920 ApfiltrService - ok
15:43:27.0143 6920 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
15:43:27.0174 6920 AppID - ok
15:43:27.0283 6920 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
15:43:27.0345 6920 AppIDSvc - ok
15:43:27.0486 6920 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
15:43:27.0501 6920 Appinfo - ok
15:43:27.0579 6920 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
15:43:27.0595 6920 arc - ok
15:43:27.0767 6920 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
15:43:27.0798 6920 arcsas - ok
15:43:27.0829 6920 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
15:43:27.0845 6920 ArcSoftKsUFilter - ok
15:43:27.0907 6920 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
15:43:27.0954 6920 AsyncMac - ok
15:43:28.0016 6920 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
15:43:28.0032 6920 atapi - ok
15:43:28.0640 6920 athr (cca705cdf038d5bc243203ce4416b345) C:\Windows\system32\DRIVERS\athrx.sys
15:43:28.0718 6920 athr - ok
15:43:34.0740 6920 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
15:43:34.0818 6920 atikmdag - ok
15:43:35.0723 6920 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:43:35.0769 6920 AudioEndpointBuilder - ok
15:43:35.0785 6920 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
15:43:35.0816 6920 AudioSrv - ok
15:43:36.0035 6920 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
15:43:36.0050 6920 avgntflt - ok
15:43:36.0175 6920 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
15:43:36.0191 6920 avipbb - ok
15:43:36.0237 6920 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
15:43:36.0253 6920 avkmgr - ok
15:43:36.0378 6920 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
15:43:36.0409 6920 AxInstSV - ok
15:43:37.0345 6920 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
15:43:37.0392 6920 b06bdrv - ok
15:43:37.0673 6920 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
15:43:37.0704 6920 b57nd60a - ok
15:43:37.0860 6920 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
15:43:37.0875 6920 BDESVC - ok
15:43:37.0907 6920 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
15:43:37.0953 6920 Beep - ok
15:43:38.0546 6920 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
15:43:38.0640 6920 BFE - ok
15:43:38.0936 6920 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
15:43:39.0030 6920 BITS - ok
15:43:39.0217 6920 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
15:43:39.0233 6920 blbdrive - ok
15:43:39.0326 6920 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
15:43:39.0357 6920 bowser - ok
15:43:39.0435 6920 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
15:43:39.0451 6920 BrFiltLo - ok
15:43:39.0529 6920 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
15:43:39.0545 6920 BrFiltUp - ok
15:43:39.0685 6920 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
15:43:39.0732 6920 Browser - ok
15:43:39.0997 6920 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
15:43:40.0028 6920 Brserid - ok
15:43:40.0169 6920 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
15:43:40.0200 6920 BrSerWdm - ok
15:43:40.0231 6920 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
15:43:40.0262 6920 BrUsbMdm - ok
15:43:40.0325 6920 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
15:43:40.0356 6920 BrUsbSer - ok
15:43:40.0403 6920 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
15:43:40.0434 6920 BthEnum - ok
15:43:40.0559 6920 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
15:43:40.0590 6920 BTHMODEM - ok
15:43:40.0839 6920 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
15:43:40.0871 6920 BthPan - ok
15:43:41.0417 6920 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\system32\Drivers\BTHport.sys
15:43:41.0463 6920 BTHPORT - ok
15:43:41.0557 6920 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
15:43:41.0604 6920 bthserv - ok
15:43:41.0744 6920 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\system32\Drivers\BTHUSB.sys
15:43:41.0760 6920 BTHUSB - ok
15:43:41.0885 6920 btwampfl (59e3510784548c6939c1b3b985c232e3) C:\Windows\system32\drivers\btwampfl.sys
15:43:41.0916 6920 btwampfl - ok
15:43:42.0165 6920 btwaudio (1872074ed0a3fb22e3f1e3197b984bfa) C:\Windows\system32\drivers\btwaudio.sys
15:43:42.0181 6920 btwaudio - ok
15:43:42.0399 6920 btwavdt (691cf076c33ab1c3a5b2fd5450300733) C:\Windows\system32\DRIVERS\btwavdt.sys
15:43:42.0415 6920 btwavdt - ok
15:43:42.0930 6920 btwdins (8ba6e93a182126781952a7895ec1e4b2) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:43:42.0992 6920 btwdins - ok
15:43:43.0055 6920 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
15:43:43.0070 6920 btwl2cap - ok
15:43:43.0195 6920 btwrchid (c9273b20dec8ce38dbce5d29de63c907) C:\Windows\system32\DRIVERS\btwrchid.sys
15:43:43.0211 6920 btwrchid - ok
15:43:43.0289 6920 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
15:43:43.0335 6920 cdfs - ok
15:43:43.0710 6920 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
15:43:43.0725 6920 cdrom - ok
15:43:43.0897 6920 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:43:43.0959 6920 CertPropSvc - ok
15:43:44.0037 6920 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
15:43:44.0053 6920 circlass - ok
15:43:44.0381 6920 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
15:43:44.0396 6920 CLFS - ok
15:43:44.0693 6920 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:43:44.0708 6920 clr_optimization_v2.0.50727_32 - ok
15:43:44.0849 6920 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:43:44.0864 6920 clr_optimization_v2.0.50727_64 - ok
15:43:45.0098 6920 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:43:45.0114 6920 clr_optimization_v4.0.30319_32 - ok
15:43:45.0395 6920 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:43:45.0410 6920 clr_optimization_v4.0.30319_64 - ok
15:43:45.0473 6920 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
15:43:45.0504 6920 CmBatt - ok
15:43:45.0582 6920 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
15:43:45.0597 6920 cmdide - ok
15:43:45.0707 6920 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
15:43:45.0738 6920 CNG - ok
15:43:45.0816 6920 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
15:43:45.0831 6920 Compbatt - ok
15:43:45.0909 6920 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
15:43:45.0925 6920 CompositeBus - ok
15:43:45.0925 6920 COMSysApp - ok
15:43:45.0956 6920 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
15:43:45.0972 6920 crcdisk - ok
15:43:46.0253 6920 CryptSvc (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
15:43:46.0284 6920 CryptSvc - ok
15:43:46.0346 6920 dc3d (23d4b856725f5fc3c4f410c150ab107b) C:\Windows\system32\DRIVERS\dc3d.sys
15:43:46.0362 6920 dc3d - ok
15:43:46.0502 6920 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:43:46.0565 6920 DcomLaunch - ok
15:43:46.0658 6920 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
15:43:46.0721 6920 defragsvc - ok
15:43:46.0877 6920 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
15:43:46.0908 6920 DfsC - ok
15:43:47.0204 6920 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
15:43:47.0251 6920 Dhcp - ok
15:43:47.0329 6920 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
15:43:47.0376 6920 discache - ok
15:43:47.0469 6920 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
15:43:47.0485 6920 Disk - ok
15:43:47.0672 6920 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
15:43:47.0703 6920 Dnscache - ok
15:43:48.0327 6920 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
15:43:48.0390 6920 dot3svc - ok
15:43:48.0499 6920 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
15:43:48.0530 6920 Dot4 - ok
15:43:48.0577 6920 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:43:48.0593 6920 Dot4Print - ok
15:43:48.0686 6920 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
15:43:48.0717 6920 dot4usb - ok
15:43:49.0029 6920 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
15:43:49.0092 6920 DPS - ok
15:43:49.0170 6920 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
15:43:49.0201 6920 drmkaud - ok
15:43:49.0497 6920 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
15:43:49.0513 6920 DXGKrnl - ok
15:43:49.0669 6920 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
15:43:49.0716 6920 EapHost - ok
15:43:51.0759 6920 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
15:43:51.0822 6920 ebdrv - ok
15:43:52.0352 6920 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
15:43:52.0383 6920 EFS - ok
15:43:53.0195 6920 ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
15:43:53.0226 6920 ehRecvr - ok
15:43:53.0413 6920 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
15:43:53.0429 6920 ehSched - ok
15:43:54.0193 6920 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
15:43:54.0224 6920 elxstor - ok
15:43:54.0255 6920 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
15:43:54.0271 6920 ErrDev - ok
15:43:54.0583 6920 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
15:43:54.0645 6920 EventSystem - ok
15:43:54.0739 6920 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
15:43:54.0770 6920 exfat - ok
15:43:54.0942 6920 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
15:43:54.0989 6920 fastfat - ok
15:43:55.0722 6920 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
15:43:55.0784 6920 Fax - ok
15:43:55.0878 6920 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
15:43:55.0893 6920 fdc - ok
15:43:55.0971 6920 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
15:43:56.0034 6920 fdPHost - ok
15:43:56.0127 6920 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
15:43:56.0190 6920 FDResPub - ok
15:43:56.0315 6920 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
15:43:56.0346 6920 FileInfo - ok
15:43:56.0377 6920 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
15:43:56.0408 6920 Filetrace - ok
15:43:56.0736 6920 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:43:56.0767 6920 FLEXnet Licensing Service - ok
15:43:56.0861 6920 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
15:43:56.0876 6920 flpydisk - ok
15:43:56.0985 6920 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
15:43:57.0017 6920 FltMgr - ok
15:43:58.0062 6920 FontCache (97223981a9214f1b4997e9075abb6bf5) C:\Windows\system32\FntCache.dll
15:43:58.0124 6920 FontCache - ok
15:43:58.0358 6920 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:43:58.0374 6920 FontCache3.0.0.0 - ok
15:43:58.0545 6920 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
15:43:58.0561 6920 FsDepends - ok
15:43:58.0608 6920 Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
15:43:58.0623 6920 Fs_Rec - ok
15:43:58.0717 6920 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
15:43:58.0733 6920 fvevol - ok
15:43:58.0795 6920 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
15:43:58.0811 6920 gagp30kx - ok
15:43:58.0873 6920 ggflt (a4198f2bd8aa592cb90476277a81b5e1) C:\Windows\system32\DRIVERS\ggflt.sys
15:43:58.0889 6920 ggflt - ok
15:43:58.0951 6920 ggsemc (d266350bdaab9eb6c1aec370eeaaff3a) C:\Windows\system32\DRIVERS\ggsemc.sys
15:43:58.0967 6920 ggsemc - ok
15:43:59.0669 6920 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
15:43:59.0747 6920 gpsvc - ok
15:43:59.0856 6920 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
15:43:59.0871 6920 hcw85cir - ok
15:44:00.0137 6920 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
15:44:00.0168 6920 HdAudAddService - ok
15:44:00.0355 6920 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
15:44:00.0371 6920 HDAudBus - ok
15:44:00.0433 6920 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys
15:44:00.0449 6920 HECIx64 - ok
15:44:00.0589 6920 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
15:44:00.0605 6920 HidBatt - ok
15:44:00.0823 6920 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
15:44:00.0854 6920 HidBth - ok
15:44:00.0885 6920 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
15:44:00.0901 6920 HidIr - ok
15:44:00.0932 6920 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
15:44:00.0979 6920 hidserv - ok
15:44:01.0041 6920 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
15:44:01.0057 6920 HidUsb - ok
15:44:01.0307 6920 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
15:44:01.0369 6920 hkmsvc - ok
15:44:01.0478 6920 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
15:44:01.0525 6920 HomeGroupListener - ok
15:44:01.0743 6920 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
15:44:01.0775 6920 HomeGroupProvider - ok
15:44:02.0071 6920 hpqcxs08 (0a3c6aa4a9fc38c20ba4eac2c3351c05) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:44:02.0087 6920 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:44:02.0087 6920 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:44:02.0165 6920 hpqddsvc (75cc8c5146a3fb76221a7606628778d5) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:44:02.0180 6920 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:44:02.0180 6920 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:44:02.0305 6920 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
15:44:02.0321 6920 HpSAMD - ok
15:44:02.0960 6920 HPSLPSVC (f37882f128efacefe353e0bae2766909) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:44:03.0023 6920 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:44:03.0023 6920 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:44:04.0380 6920 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
15:44:04.0442 6920 HTTP - ok
15:44:04.0473 6920 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
15:44:04.0520 6920 hwpolicy - ok
15:44:04.0707 6920 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
15:44:04.0723 6920 i8042prt - ok
15:44:04.0926 6920 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
15:44:04.0973 6920 iaStor - ok
15:44:05.0253 6920 IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:44:05.0269 6920 IAStorDataMgrSvc - ok
15:44:05.0659 6920 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
15:44:05.0690 6920 iaStorV - ok
15:44:05.0831 6920 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:44:05.0831 6920 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:44:05.0831 6920 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:44:06.0127 6920 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:44:06.0158 6920 idsvc - ok
15:44:13.0319 6920 igfx (2a22ab054f4630d2ef4bab2853f6d5f6) C:\Windows\system32\DRIVERS\igdkmd64.sys
15:44:13.0428 6920 igfx ( UnsignedFile.Multi.Generic ) - warning
15:44:13.0428 6920 igfx - detected UnsignedFile.Multi.Generic (1)
15:44:14.0208 6920 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
15:44:14.0223 6920 iirsp - ok
15:44:14.0910 6920 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
15:44:15.0003 6920 IKEEXT - ok
15:44:15.0222 6920 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
15:44:15.0284 6920 Impcd - ok
15:44:17.0983 6920 IntcAzAudAddService (526e482afb586cb1cdd687869decf686) C:\Windows\system32\drivers\RTKVHD64.sys
15:44:18.0077 6920 IntcAzAudAddService - ok
15:44:20.0167 6920 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
15:44:20.0167 6920 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
15:44:20.0167 6920 IntcDAud - detected UnsignedFile.Multi.Generic (1)
15:44:20.0245 6920 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
15:44:20.0276 6920 intelide - ok
15:44:20.0401 6920 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
15:44:20.0417 6920 intelppm - ok
15:44:20.0666 6920 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
15:44:20.0713 6920 IPBusEnum - ok
15:44:20.0885 6920 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:44:20.0947 6920 IpFilterDriver - ok
15:44:21.0680 6920 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
15:44:21.0774 6920 iphlpsvc - ok
15:44:21.0899 6920 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
15:44:21.0914 6920 IPMIDRV - ok
15:44:22.0164 6920 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
15:44:22.0211 6920 IPNAT - ok
15:44:22.0273 6920 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
15:44:22.0304 6920 IRENUM - ok
15:44:22.0367 6920 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
15:44:22.0398 6920 isapnp - ok
15:44:22.0679 6920 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
15:44:22.0694 6920 iScsiPrt - ok
15:44:22.0975 6920 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
15:44:22.0991 6920 IviRegMgr - ok
15:44:23.0100 6920 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
15:44:23.0115 6920 kbdclass - ok
15:44:23.0225 6920 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
15:44:23.0256 6920 kbdhid - ok
15:44:23.0318 6920 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:44:23.0334 6920 KeyIso - ok
15:44:23.0396 6920 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
15:44:23.0412 6920 KSecDD - ok
15:44:23.0817 6920 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
15:44:23.0833 6920 KSecPkg - ok
15:44:23.0911 6920 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
15:44:23.0958 6920 ksthunk - ok
15:44:24.0067 6920 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
15:44:24.0098 6920 KtmRm - ok
15:44:24.0223 6920 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
15:44:24.0254 6920 LanmanServer - ok
15:44:24.0441 6920 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
15:44:24.0488 6920 LanmanWorkstation - ok
15:44:24.0535 6920 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
15:44:24.0566 6920 lltdio - ok
15:44:24.0691 6920 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
15:44:24.0753 6920 lltdsvc - ok
15:44:24.0800 6920 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
15:44:24.0863 6920 lmhosts - ok
15:44:25.0253 6920 LMS (3d23191672d83e90d1cf63927ee98136) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:44:25.0268 6920 LMS - ok
15:44:25.0596 6920 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
15:44:25.0611 6920 LSI_FC - ok
15:44:25.0752 6920 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
15:44:25.0767 6920 LSI_SAS - ok
15:44:25.0908 6920 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
15:44:25.0923 6920 LSI_SAS2 - ok
15:44:25.0986 6920 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
15:44:26.0017 6920 LSI_SCSI - ok
15:44:26.0220 6920 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
15:44:26.0282 6920 luafv - ok
15:44:26.0360 6920 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
15:44:26.0376 6920 MBAMProtector - ok
15:44:27.0546 6920 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:44:27.0608 6920 MBAMService - ok
15:44:27.0795 6920 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
15:44:27.0811 6920 Mcx2Svc - ok
15:44:27.0905 6920 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
15:44:27.0920 6920 megasas - ok
15:44:28.0326 6920 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
15:44:28.0357 6920 MegaSR - ok
15:44:28.0497 6920 Megatech-Software-Protection (68b005af0bc4f8823eab5b105a40cc28) C:\Megatech\MProtect\MPSERV.EXE
15:44:28.0513 6920 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - warning
15:44:28.0513 6920 Megatech-Software-Protection - detected UnsignedFile.Multi.Generic (1)
15:44:28.0669 6920 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:44:28.0716 6920 MMCSS - ok
15:44:28.0825 6920 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
15:44:28.0872 6920 Modem - ok
15:44:28.0981 6920 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
15:44:29.0012 6920 monitor - ok
15:44:29.0059 6920 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
15:44:29.0075 6920 mouclass - ok
15:44:29.0168 6920 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
15:44:29.0199 6920 mouhid - ok
15:44:29.0387 6920 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
15:44:29.0418 6920 mountmgr - ok
15:44:29.0761 6920 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:44:29.0777 6920 MozillaMaintenance - ok
15:44:29.0933 6920 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
15:44:29.0964 6920 mpio - ok
15:44:30.0089 6920 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
15:44:30.0151 6920 mpsdrv - ok
15:44:30.0416 6920 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
15:44:30.0494 6920 MpsSvc - ok
15:44:30.0619 6920 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
15:44:30.0650 6920 MRxDAV - ok
15:44:31.0227 6920 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
15:44:31.0259 6920 mrxsmb - ok
15:44:31.0399 6920 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:44:31.0430 6920 mrxsmb10 - ok
15:44:31.0508 6920 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:44:31.0524 6920 mrxsmb20 - ok
15:44:31.0617 6920 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
15:44:31.0633 6920 msahci - ok
15:44:31.0773 6920 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
15:44:31.0789 6920 msdsm - ok
15:44:31.0867 6920 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
15:44:31.0883 6920 MSDTC - ok
15:44:31.0929 6920 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
15:44:31.0976 6920 Msfs - ok
15:44:32.0007 6920 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
15:44:32.0085 6920 mshidkmdf - ok
15:44:32.0179 6920 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
15:44:32.0195 6920 msisadrv - ok
15:44:32.0273 6920 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
15:44:32.0319 6920 MSiSCSI - ok
15:44:32.0335 6920 msiserver - ok
15:44:32.0397 6920 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
15:44:32.0444 6920 MSKSSRV - ok
15:44:32.0475 6920 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
15:44:32.0507 6920 MSPCLOCK - ok
15:44:32.0538 6920 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
15:44:32.0616 6920 MSPQM - ok
15:44:32.0819 6920 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
15:44:32.0850 6920 MsRPC - ok
15:44:32.0943 6920 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
15:44:32.0959 6920 mssmbios - ok
15:44:33.0006 6920 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
15:44:33.0084 6920 MSTEE - ok
15:44:33.0162 6920 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
15:44:33.0177 6920 MTConfig - ok
15:44:33.0271 6920 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
15:44:33.0302 6920 Mup - ok
15:44:33.0427 6920 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
15:44:33.0474 6920 napagent - ok
15:44:33.0645 6920 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
15:44:33.0677 6920 NativeWifiP - ok
15:44:33.0973 6920 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
15:44:34.0035 6920 NDIS - ok
15:44:34.0082 6920 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
15:44:34.0113 6920 NdisCap - ok
15:44:34.0160 6920 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
15:44:34.0207 6920 NdisTapi - ok
15:44:34.0332 6920 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
15:44:34.0379 6920 Ndisuio - ok
15:44:34.0457 6920 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
15:44:34.0519 6920 NdisWan - ok
15:44:34.0566 6920 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
15:44:34.0597 6920 NDProxy - ok
15:44:34.0800 6920 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
15:44:34.0815 6920 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:44:34.0815 6920 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:44:34.0971 6920 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
15:44:35.0003 6920 NetBIOS - ok
15:44:35.0486 6920 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
15:44:35.0533 6920 NetBT - ok
15:44:35.0611 6920 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:44:35.0611 6920 Netlogon - ok
15:44:35.0861 6920 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
15:44:35.0907 6920 Netman - ok
15:44:36.0095 6920 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
15:44:36.0173 6920 netprofm - ok
15:44:36.0360 6920 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:44:36.0375 6920 NetTcpPortSharing - ok
15:44:36.0453 6920 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
15:44:36.0469 6920 nfrd960 - ok
15:44:36.0703 6920 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
15:44:36.0750 6920 NlaSvc - ok
15:44:41.0445 6920 NOBU (5839a8027d6d324a7cd494051a96628c) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
15:44:41.0492 6920 NOBU - ok
15:44:44.0456 6920 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
15:44:44.0503 6920 Npfs - ok
15:44:44.0612 6920 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
15:44:44.0675 6920 nsi - ok
15:44:44.0753 6920 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
15:44:44.0799 6920 nsiproxy - ok
15:44:49.0074 6920 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
15:44:49.0121 6920 Ntfs - ok
15:44:51.0664 6920 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
15:44:51.0742 6920 Null - ok
15:44:51.0960 6920 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
15:44:51.0991 6920 nvraid - ok
15:44:52.0288 6920 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
15:44:52.0303 6920 nvstor - ok
15:44:52.0490 6920 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
15:44:52.0506 6920 nv_agp - ok
15:44:52.0662 6920 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
15:44:52.0678 6920 ohci1394 - ok
15:44:52.0927 6920 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:52.0943 6920 ose - ok
15:45:00.0322 6920 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:45:00.0400 6920 osppsvc - ok
15:45:01.0897 6920 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:45:01.0944 6920 p2pimsvc - ok
15:45:02.0599 6920 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
15:45:02.0630 6920 p2psvc - ok
15:45:03.0020 6920 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
15:45:03.0052 6920 Parport - ok
15:45:03.0332 6920 partmgr (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
15:45:03.0348 6920 partmgr - ok
15:45:03.0410 6920 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
15:45:03.0442 6920 PcaSvc - ok
15:45:03.0629 6920 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
15:45:03.0676 6920 pci - ok
15:45:03.0707 6920 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
15:45:03.0707 6920 pciide - ok
15:45:03.0988 6920 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
15:45:04.0019 6920 pcmcia - ok
15:45:04.0175 6920 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
15:45:04.0190 6920 pcw - ok
15:45:04.0799 6920 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
15:45:04.0861 6920 PEAUTH - ok
15:45:05.0641 6920 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
15:45:05.0672 6920 PerfHost - ok
15:45:08.0262 6920 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
15:45:08.0324 6920 pla - ok
15:45:08.0668 6920 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
15:45:08.0699 6920 PlugPlay - ok
15:45:09.0385 6920 PMBDeviceInfoProvider (80e85394d8cd7f84340b1c6f4b9d698f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:45:09.0385 6920 PMBDeviceInfoProvider - ok
15:45:09.0494 6920 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
15:45:09.0494 6920 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:45:09.0494 6920 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:45:09.0572 6920 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
15:45:09.0619 6920 PNRPAutoReg - ok
15:45:09.0994 6920 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
15:45:10.0025 6920 PNRPsvc - ok
15:45:10.0212 6920 Point64 (b23f79e41e30ed500586151a9ef27d8f) C:\Windows\system32\DRIVERS\point64.sys
15:45:10.0228 6920 Point64 - ok
15:45:10.0961 6920 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
15:45:11.0054 6920 PolicyAgent - ok
15:45:11.0398 6920 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
15:45:11.0476 6920 Power - ok
15:45:11.0616 6920 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
15:45:11.0663 6920 PptpMiniport - ok
15:45:11.0772 6920 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
15:45:11.0788 6920 Processor - ok
15:45:12.0349 6920 ProfSvc (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
15:45:12.0396 6920 ProfSvc - ok
15:45:12.0412 6920 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:12.0427 6920 ProtectedStorage - ok
15:45:13.0004 6920 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
15:45:13.0067 6920 Psched - ok
15:45:13.0691 6920 PSI_SVC_2 (a6a7ad767bf5141665f5c675f671b3e1) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:45:13.0706 6920 PSI_SVC_2 - ok
15:45:13.0784 6920 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
15:45:13.0800 6920 PxHlpa64 - ok
15:45:14.0533 6920 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
15:45:14.0580 6920 ql2300 - ok
15:45:15.0812 6920 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
15:45:15.0844 6920 ql40xx - ok
15:45:16.0109 6920 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
15:45:16.0140 6920 QWAVE - ok
15:45:16.0234 6920 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
15:45:16.0249 6920 QWAVEdrv - ok
15:45:16.0312 6920 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
15:45:16.0374 6920 RasAcd - ok
15:45:16.0514 6920 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
15:45:16.0561 6920 RasAgileVpn - ok
15:45:16.0702 6920 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
15:45:16.0748 6920 RasAuto - ok
15:45:17.0123 6920 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
15:45:17.0185 6920 Rasl2tp - ok
15:45:17.0950 6920 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
15:45:17.0996 6920 RasMan - ok
15:45:18.0137 6920 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
15:45:18.0184 6920 RasPppoe - ok
15:45:18.0308 6920 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
15:45:18.0371 6920 RasSstp - ok
15:45:18.0745 6920 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
15:45:18.0808 6920 rdbss - ok
15:45:18.0854 6920 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
15:45:18.0886 6920 rdpbus - ok
15:45:18.0917 6920 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
15:45:18.0964 6920 RDPCDD - ok
15:45:18.0995 6920 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
15:45:19.0042 6920 RDPENCDD - ok
15:45:19.0088 6920 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
15:45:19.0151 6920 RDPREFMP - ok
15:45:19.0229 6920 RDPWD (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
15:45:19.0260 6920 RDPWD - ok
15:45:19.0432 6920 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\Windows\system32\drivers\rdyboost.sys
15:45:19.0463 6920 rdyboost - ok
15:45:19.0572 6920 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
15:45:19.0603 6920 regi - ok
15:45:19.0837 6920 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
15:45:19.0884 6920 RemoteAccess - ok
15:45:20.0399 6920 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
15:45:20.0446 6920 RemoteRegistry - ok
15:45:20.0602 6920 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
15:45:20.0633 6920 RFCOMM - ok
15:45:20.0758 6920 rimspci (fa6abc06b629da29634d31f1fe0347bd) C:\Windows\system32\drivers\rimssne64.sys
15:45:20.0773 6920 rimspci - ok
15:45:20.0898 6920 risdsnpe (8f8539a7f5c117d4407b2985995671f2) C:\Windows\system32\drivers\risdsne64.sys
15:45:20.0929 6920 risdsnpe - ok
15:45:21.0007 6920 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
15:45:21.0054 6920 RpcEptMapper - ok
15:45:21.0085 6920 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
15:45:21.0116 6920 RpcLocator - ok
15:45:21.0584 6920 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
15:45:21.0631 6920 RpcSs - ok
15:45:21.0772 6920 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
15:45:21.0834 6920 rspndr - ok
15:45:22.0052 6920 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
15:45:22.0068 6920 RTHDMIAzAudService - ok
15:45:22.0162 6920 s217bus (b49951a2c8fd81307707443d01936e37) C:\Windows\system32\DRIVERS\s217bus.sys
15:45:22.0177 6920 s217bus - ok
15:45:22.0333 6920 s217mdfl (58204ec551d1a94d60cac130440f0feb) C:\Windows\system32\DRIVERS\s217mdfl.sys
15:45:22.0364 6920 s217mdfl - ok
15:45:22.0474 6920 s217mdm (e2b3de89339a7a807520c6063cd146d3) C:\Windows\system32\DRIVERS\s217mdm.sys
15:45:22.0505 6920 s217mdm - ok
15:45:22.0614 6920 s217nd5 (7bc7d18351b846f4544b54db38fb4208) C:\Windows\system32\DRIVERS\s217nd5.sys
15:45:22.0630 6920 s217nd5 - ok
15:45:22.0864 6920 s217obex (d498b2082f51858f121d4584a7787cd5) C:\Windows\system32\DRIVERS\s217obex.sys
15:45:22.0879 6920 s217obex - ok
15:45:23.0020 6920 s217unic (43512d0c3a59eb20fda06ce4265a1549) C:\Windows\system32\DRIVERS\s217unic.sys
15:45:23.0035 6920 s217unic - ok
15:45:23.0129 6920 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:23.0144 6920 SamSs - ok
15:45:23.0300 6920 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
15:45:23.0316 6920 sbp2port - ok
15:45:23.0534 6920 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
15:45:23.0581 6920 SCardSvr - ok
15:45:23.0644 6920 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
15:45:23.0690 6920 scfilter - ok
15:45:24.0127 6920 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
15:45:24.0205 6920 Schedule - ok
15:45:24.0486 6920 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
15:45:24.0548 6920 SCPolicySvc - ok
15:45:24.0658 6920 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
15:45:24.0689 6920 sdbus - ok
15:45:24.0829 6920 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
15:45:24.0845 6920 SDRSVC - ok
15:45:24.0876 6920 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
15:45:24.0907 6920 secdrv - ok
15:45:24.0970 6920 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
15:45:25.0016 6920 seclogon - ok
15:45:25.0094 6920 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
15:45:25.0157 6920 SENS - ok
15:45:25.0172 6920 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
15:45:25.0188 6920 SensrSvc - ok
15:45:25.0204 6920 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
15:45:25.0219 6920 Serenum - ok
15:45:25.0250 6920 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
15:45:25.0266 6920 Serial - ok
15:45:25.0328 6920 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
15:45:25.0344 6920 sermouse - ok
15:45:25.0406 6920 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
15:45:25.0469 6920 SessionEnv - ok
15:45:25.0531 6920 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
15:45:25.0562 6920 SFEP - ok
15:45:25.0609 6920 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
15:45:25.0625 6920 sffdisk - ok
15:45:25.0687 6920 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
15:45:25.0703 6920 sffp_mmc - ok
15:45:25.0781 6920 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
15:45:25.0796 6920 sffp_sd - ok
15:45:25.0828 6920 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
15:45:25.0859 6920 sfloppy - ok
15:45:26.0015 6920 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
15:45:26.0077 6920 SharedAccess - ok
15:45:26.0218 6920 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
15:45:26.0249 6920 ShellHWDetection - ok
15:45:26.0296 6920 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
15:45:26.0311 6920 SiSRaid2 - ok
15:45:26.0342 6920 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
15:45:26.0358 6920 SiSRaid4 - ok
15:45:26.0436 6920 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
15:45:26.0483 6920 Smb - ok
15:45:26.0530 6920 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
15:45:26.0561 6920 SNMPTRAP - ok
15:45:26.0857 6920 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
15:45:26.0873 6920 SOHCImp - ok
15:45:27.0091 6920 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
15:45:27.0107 6920 SOHDms - ok
15:45:27.0169 6920 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
15:45:27.0185 6920 SOHDs - ok
15:45:27.0388 6920 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
15:45:27.0403 6920 Sony PC Companion - ok
15:45:27.0637 6920 SpfService (5449fc97476f52e027409e703791e6a9) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
15:45:27.0653 6920 SpfService - ok
15:45:27.0684 6920 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
15:45:27.0715 6920 spldr - ok
15:45:28.0121 6920 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
15:45:28.0183 6920 Spooler - ok
15:45:29.0072 6920 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
15:45:29.0182 6920 sppsvc - ok
15:45:30.0305 6920 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
15:45:30.0367 6920 sppuinotify - ok
15:45:31.0646 6920 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
15:45:31.0693 6920 srv - ok
15:45:32.0021 6920 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
15:45:32.0036 6920 srv2 - ok
15:45:32.0239 6920 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
15:45:32.0270 6920 srvnet - ok
15:45:32.0754 6920 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
15:45:32.0816 6920 SSDPSRV - ok
15:45:32.0988 6920 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
15:45:33.0050 6920 SstpSvc - ok
15:45:33.0144 6920 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
15:45:33.0160 6920 stexstor - ok
15:45:33.0581 6920 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
15:45:33.0628 6920 stisvc - ok
15:45:33.0690 6920 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
15:45:33.0706 6920 swenum - ok
15:45:34.0018 6920 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
15:45:34.0096 6920 swprv - ok
15:45:34.0891 6920 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
15:45:34.0985 6920 SysMain - ok
15:45:35.0578 6920 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
15:45:35.0609 6920 TabletInputService - ok
15:45:35.0796 6920 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
15:45:35.0843 6920 TapiSrv - ok
15:45:35.0983 6920 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
15:45:36.0046 6920 TBS - ok
15:45:37.0528 6920 Tcpip (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
15:45:37.0559 6920 Tcpip - ok
15:45:40.0975 6920 TCPIP6 (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
15:45:41.0069 6920 TCPIP6 - ok
15:45:42.0535 6920 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
15:45:42.0582 6920 tcpipreg - ok
15:45:42.0676 6920 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
15:45:42.0707 6920 TDPIPE - ok
15:45:42.0800 6920 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
15:45:42.0847 6920 TDTCP - ok
15:45:43.0034 6920 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
15:45:43.0081 6920 tdx - ok
15:45:43.0175 6920 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
15:45:43.0190 6920 TermDD - ok
15:45:44.0345 6920 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
15:45:44.0407 6920 TermService - ok
15:45:44.0454 6920 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
15:45:44.0501 6920 Themes - ok
15:45:44.0594 6920 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
15:45:44.0641 6920 THREADORDER - ok
15:45:44.0688 6920 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
15:45:44.0766 6920 TrkWks - ok
15:45:45.0437 6920 truecrypt (c6a1a2b4e8a7b92c11ca038369bd7dbe) C:\Windows\syswow64\drivers\truecrypt.sys
15:45:45.0468 6920 truecrypt - ok
15:45:45.0889 6920 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
15:45:45.0920 6920 TrustedInstaller - ok
15:45:46.0076 6920 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
15:45:46.0139 6920 tssecsrv - ok
15:45:46.0357 6920 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
15:45:46.0404 6920 tunnel - ok
15:45:46.0498 6920 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
15:45:46.0513 6920 uagp35 - ok
15:45:46.0981 6920 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
15:45:46.0997 6920 uCamMonitor - ok
15:45:47.0293 6920 udfs (0e5e962b5649d544be54e8c90761ea2b) C:\Windows\system32\DRIVERS\udfs.sys
15:45:47.0340 6920 udfs - ok
15:45:47.0418 6920 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
15:45:47.0449 6920 UI0Detect - ok
15:45:47.0574 6920 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
15:45:47.0605 6920 uliagpkx - ok
15:45:47.0683 6920 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
15:45:47.0699 6920 umbus - ok
15:45:47.0746 6920 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
15:45:47.0761 6920 UmPass - ok
15:45:49.0633 6920 UNS (11a559e0f10cc5e788984023df400a6f) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:45:49.0680 6920 UNS - ok
15:45:50.0164 6920 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
15:45:50.0226 6920 upnphost - ok
15:45:50.0538 6920 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys
15:45:50.0569 6920 usbccgp - ok
15:45:50.0710 6920 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
15:45:50.0725 6920 usbcir - ok
15:45:50.0788 6920 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\drivers\usbehci.sys
15:45:50.0803 6920 usbehci - ok
15:45:50.0990 6920 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys
15:45:51.0022 6920 usbhub - ok
15:45:51.0100 6920 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\drivers\usbohci.sys
15:45:51.0115 6920 usbohci - ok
15:45:51.0193 6920 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
15:45:51.0209 6920 usbprint - ok
15:45:51.0349 6920 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
15:45:51.0380 6920 usbscan - ok
15:45:51.0505 6920 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:45:51.0536 6920 USBSTOR - ok
15:45:51.0630 6920 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys
15:45:51.0646 6920 usbuhci - ok
15:45:51.0989 6920 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
15:45:52.0036 6920 usbvideo - ok
15:45:52.0145 6920 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
15:45:52.0207 6920 UxSms - ok
15:45:52.0566 6920 VAIO Event Service (a60605fc66552b421ee1f3d4ebb9a4e0) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
15:45:52.0582 6920 VAIO Event Service - ok
15:45:53.0003 6920 VAIO Power Management (d469be2723f79cf4b384680b1fdc577d) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
15:45:53.0034 6920 VAIO Power Management - ok
15:45:53.0128 6920 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
15:45:53.0143 6920 VaultSvc - ok
15:45:53.0237 6920 VBTUSB (70a90412f0ae18021794a0754c2d6299) C:\Windows\system32\Drivers\VBTUSB.sys
15:45:53.0237 6920 VBTUSB ( UnsignedFile.Multi.Generic ) - warning
15:45:53.0237 6920 VBTUSB - detected UnsignedFile.Multi.Generic (1)
15:45:53.0814 6920 VCFw (96efa2698d6b9e2931609a3ea73fc5dc) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
15:45:53.0845 6920 VCFw - ok
15:45:54.0422 6920 VcmIAlzMgr (7bebf6a5285ffc03c34a7297a4e177cb) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
15:45:54.0454 6920 VcmIAlzMgr - ok
15:45:54.0922 6920 VcmINSMgr (e005b04dfca99f5880c5111933194ca9) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
15:45:54.0953 6920 VcmINSMgr - ok
15:45:55.0374 6920 VcmXmlIfHelper (829a32fd1334f72429ca0515760eb7a7) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
15:45:55.0390 6920 VcmXmlIfHelper - ok
15:45:55.0530 6920 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
15:45:55.0546 6920 VCService - ok
15:45:56.0060 6920 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
15:45:56.0092 6920 vdrvroot - ok
15:45:56.0279 6920 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
15:45:56.0326 6920 vds - ok
15:45:56.0372 6920 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
15:45:56.0404 6920 vga - ok
15:45:56.0450 6920 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
15:45:56.0497 6920 VgaSave - ok
15:45:56.0903 6920 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
15:45:56.0934 6920 vhdmp - ok
15:45:56.0996 6920 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
15:45:57.0028 6920 viaide - ok
15:45:57.0199 6920 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
15:45:57.0230 6920 volmgr - ok
15:45:57.0402 6920 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
15:45:57.0433 6920 volmgrx - ok
15:45:57.0605 6920 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
15:45:57.0636 6920 volsnap - ok
15:45:57.0808 6920 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
15:45:57.0823 6920 vsmraid - ok
15:45:59.0118 6920 VSNService (a7eb62c664a03901165290a714bd48d0) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
15:45:59.0134 6920 VSNService ( UnsignedFile.Multi.Generic ) - warning
15:45:59.0134 6920 VSNService - detected UnsignedFile.Multi.Generic (1)
15:46:00.0038 6920 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
15:46:00.0132 6920 VSS - ok
15:46:01.0801 6920 VUAgent (d62d16e057be87f5b84a54d1b83822c4) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
15:46:01.0832 6920 VUAgent - ok
15:46:02.0862 6920 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
15:46:02.0878 6920 vwifibus - ok
15:46:02.0987 6920 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
15:46:03.0018 6920 vwififlt - ok
15:46:03.0205 6920 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
15:46:03.0268 6920 W32Time - ok
15:46:03.0330 6920 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
15:46:03.0346 6920 WacomPen - ok
15:46:03.0439 6920 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:46:03.0486 6920 WANARP - ok
15:46:03.0486 6920 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
15:46:03.0517 6920 Wanarpv6 - ok
15:46:04.0796 6920 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
15:46:04.0859 6920 wbengine - ok
15:46:06.0278 6920 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
15:46:06.0310 6920 WbioSrvc - ok
15:46:06.0980 6920 wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
15:46:07.0012 6920 wcncsvc - ok
15:46:07.0121 6920 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
15:46:07.0152 6920 WcsPlugInService - ok
15:46:07.0277 6920 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
15:46:07.0308 6920 Wd - ok
15:46:08.0135 6920 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
15:46:08.0166 6920 Wdf01000 - ok
15:46:08.0291 6920 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:46:08.0322 6920 WdiServiceHost - ok
15:46:08.0322 6920 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
15:46:08.0353 6920 WdiSystemHost - ok
15:46:08.0665 6920 WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
15:46:08.0712 6920 WebClient - ok
15:46:08.0946 6920 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
15:46:08.0993 6920 Wecsvc - ok
15:46:09.0118 6920 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
15:46:09.0180 6920 wercplsupport - ok
15:46:09.0274 6920 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
15:46:09.0336 6920 WerSvc - ok
15:46:09.0492 6920 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
15:46:09.0554 6920 WfpLwf - ok
15:46:09.0617 6920 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
15:46:09.0632 6920 WIMMount - ok
15:46:09.0742 6920 WinDefend - ok
15:46:09.0757 6920 WinHttpAutoProxySvc - ok
15:46:10.0038 6920 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
15:46:10.0100 6920 Winmgmt - ok
15:46:12.0082 6920 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
15:46:12.0144 6920 WinRM - ok
15:46:13.0189 6920 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
15:46:13.0220 6920 WinUsb - ok
15:46:13.0829 6920 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
15:46:13.0891 6920 Wlansvc - ok
15:46:13.0985 6920 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
15:46:14.0016 6920 WmiAcpi - ok
15:46:14.0390 6920 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
15:46:14.0422 6920 wmiApSrv - ok
15:46:14.0500 6920 WMPNetworkSvc - ok
15:46:14.0562 6920 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
15:46:14.0609 6920 WPCSvc - ok
15:46:14.0796 6920 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
15:46:14.0827 6920 WPDBusEnum - ok
15:46:14.0858 6920 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
15:46:14.0905 6920 ws2ifsl - ok
15:46:14.0999 6920 wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
15:46:15.0046 6920 wscsvc - ok
15:46:15.0046 6920 WSearch - ok
15:46:17.0900 6920 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
15:46:18.0041 6920 wuauserv - ok
15:46:19.0195 6920 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
15:46:19.0258 6920 WudfPf - ok
15:46:19.0382 6920 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
15:46:19.0429 6920 WUDFRd - ok
15:46:19.0523 6920 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
15:46:19.0601 6920 wudfsvc - ok
15:46:19.0897 6920 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
15:46:19.0928 6920 WwanSvc - ok
15:46:20.0459 6920 yukonw7 (5250193ef8e173aa7491250f00eb367f) C:\Windows\system32\DRIVERS\yk62x64.sys
15:46:20.0490 6920 yukonw7 - ok
15:46:20.0521 6920 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
15:46:22.0190 6920 \Device\Harddisk0\DR0 - ok
15:46:22.0237 6920 Boot (0x1200) (afb50ac67b2958360cae28bac7bd7f1b) \Device\Harddisk0\DR0\Partition0
15:46:22.0237 6920 \Device\Harddisk0\DR0\Partition0 - ok
15:46:22.0253 6920 Boot (0x1200) (8a6dc18ba0564a73262625f882328fae) \Device\Harddisk0\DR0\Partition1
15:46:22.0268 6920 \Device\Harddisk0\DR0\Partition1 - ok
15:46:22.0268 6920 ============================================================
15:46:22.0268 6920 Scan finished
15:46:22.0268 6920 ============================================================
15:46:22.0284 6908 Detected object count: 11
15:46:22.0284 6908 Actual detected object count: 11
16:21:49.0488 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 Megatech-Software-Protection ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0488 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0488 6908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0504 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0504 6908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0504 6908 VBTUSB ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0504 6908 VBTUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:49.0504 6908 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
16:21:49.0504 6908 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:21:52.0483 5788 Deinitialize success
|
|
29.06.2012, 23:05
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
30.06.2012, 13:08
| #27 |
| | Gema Trojaner paysafe cardCode:
ATTFilter ComboFix 12-06-28.03 - Frederik 30.06.2012 13:45:20.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3950.1628 [GMT 2:00]
ausgeführt von:: c:\users\Frederik\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Windows Searchqu Toolbar
c:\users\Frederik\Documents\~WRL1058.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-05-28 bis 2012-06-30 ))))))))))))))))))))))))))))))
.
.
2012-06-30 11:57 . 2012-06-30 11:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-30 11:57 . 2012-06-30 11:57 -------- d-----w- c:\users\Elfir\AppData\Local\temp
2012-06-29 13:50 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6857072D-66E3-4FDC-B4C0-4C7C0F8E170B}\mpengine.dll
2012-06-27 12:25 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-27 12:25 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-27 12:25 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-27 12:25 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-27 12:25 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-27 12:25 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-27 12:25 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-27 12:24 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-27 12:24 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-25 18:00 . 2012-06-25 18:00 -------- d-----w- c:\program files (x86)\ESET
2012-06-25 17:57 . 2012-06-25 17:57 -------- d-----w- c:\users\Frederik\AppData\Local\Macromedia
2012-06-25 16:01 . 2012-04-26 05:34 76288 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-25 16:01 . 2012-04-26 05:34 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-25 16:01 . 2012-04-26 05:28 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-25 16:01 . 2012-05-02 05:32 208896 ----a-w- c:\windows\system32\profsvc.dll
2012-06-25 15:59 . 2012-05-04 10:52 5505392 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-06-25 15:59 . 2012-05-04 10:08 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-06-25 15:59 . 2012-05-04 10:08 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-06-25 15:59 . 2012-05-15 01:32 3144192 ----a-w- c:\windows\system32\win32k.sys
2012-06-25 15:58 . 2012-04-28 03:50 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-25 15:58 . 2012-04-07 12:18 3213824 ----a-w- c:\windows\system32\msi.dll
2012-06-25 15:58 . 2012-04-07 11:34 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-06-25 15:58 . 2012-04-24 05:59 1460224 ----a-w- c:\windows\system32\crypt32.dll
2012-06-25 15:58 . 2012-04-24 04:47 1156608 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-06-25 15:58 . 2012-04-24 05:59 182272 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-25 15:58 . 2012-04-24 05:59 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-25 15:58 . 2012-04-24 04:47 139264 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-06-25 15:58 . 2012-04-24 04:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-06-25 15:45 . 2012-06-25 15:45 -------- d-----w- c:\users\Frederik\AppData\Roaming\Malwarebytes
2012-06-25 15:45 . 2012-06-25 15:45 -------- d-----w- c:\programdata\Malwarebytes
2012-06-25 15:45 . 2012-06-25 15:45 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-25 15:45 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-25 00:50 . 2012-06-25 16:18 -------- d-----w- C:\_OTL
2012-06-03 14:33 . 2012-06-11 20:05 -------- d-----w- c:\users\Frederik\AppData\Roaming\.minecraft
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-25 16:22 . 2012-03-30 10:24 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-25 16:22 . 2011-05-30 10:36 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-08 11:56 . 2011-10-15 07:36 98848 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-05-08 11:56 . 2011-10-15 07:36 132832 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-05-06 18:14 . 2012-05-06 18:14 2895373 ----a-w- c:\users\Frederik\AppData\Roaming\Microsoft\Windows\Templates\SetupDJ3.exe
2012-04-18 18:56 . 2012-04-18 18:56 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2012-04-18 18:56 . 2012-04-18 18:56 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-06-19 09:40 . 2011-06-19 09:40 1660147 ----a-w- c:\program files (x86)\WinRAR.exe
2011-04-12 13:50 . 2011-04-12 13:49 12420392 ----a-w- c:\program files (x86)\Firefox.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2012-04-12 445624]
"Spotify Web Helper"="c:\users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-05-27 932528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-8 1128224]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Megatech-Software-Protection;Megatech-Software-Protection;c:\megatech\MProtect\MPSERV.EXE [2007-12-12 36864]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-25 250056]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-23 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-01-06 51584]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2011-09-24 13352]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-06 129976]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-01-07 45408]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [2012-01-18 155320]
R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys [2010-06-17 14848]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-06-09 537456]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-06-09 101232]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-10-11 27760]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 6077757b;6077757b;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-08 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-06-17 851824]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-08 195584]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-05-28 56344]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2010-05-28 158976]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2010-04-26 12032]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-06-06 304496]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-05-31 402720]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 45505357
*Deregistered* - 45505357
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 16:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Frederik\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-01-07 2328944]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page =
uInternet Settings,ProxyOverride = <local>
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Frederik\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 212.18.0.5 212.18.3.5
FF - ProfilePath - c:\users\Frederik\AppData\Roaming\Mozilla\Firefox\Profiles\1g7tcssw.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Facebook Update - c:\users\Frederik\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-CraftBukkit - c:\users\Frederik\Desktop\1.2.4 Minecraft-Server\Uninstall.exe
AddRemove-loadtbs-2.1 - c:\users\Frederik\AppData\Roaming\loadtbs\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-06-30 14:02:53
ComboFix-quarantined-files.txt 2012-06-30 12:02
.
Vor Suchlauf: 19 Verzeichnis(se), 321.507.086.336 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 321.416.089.600 Bytes frei
.
- - End Of File - - 3D4F8E13EB2D59DF70B2A25A1F3DA749
|
|
01.07.2012, 15:49
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.07.2012, 20:42
| #29 |
| | Gema Trojaner paysafe card Hier das GMER log: Code:
ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-03 21:14:35
Windows 6.1.7600
Running: edk59oct.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076a27abb
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5@2021a57f526a 0x58 0xFD 0x39 0xD9 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\f07bcbe77cb4
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Linkage@Export ?????g??????os??t????????????????????????????????s??m3??Avira mini-filter driver????????????????s???v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=%SystemRoot%\system32\svchost.exe|Svc=fdrespub|Name=@FirewallAPI.dll,-32809|Desc=@FirewallAPI.dll,-32810|EmbedCtxt=@FirewallAPI.dll,-32752|????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe|Name=McAfee Shared Service Host|?????? ??????s???????????????????-??????????????????01???????????????????????????????6???????????????????????????????????????????????????????????t??????????v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|LPort=5357|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=@FirewallAPI.dll,-32817|Desc=@FirewallAPI.dll,-32818|EmbedCtxt=@FirewallAPI.dll,-32752|???????????????z???z???????????s??t????????x???$???????m??????????????????e1??????????????????????sp????.??????z?????e??????????????????????V
Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanWorkstation\Linkage@Export ???z??????:????????g80???????x??????????Microsoft????????????????????????????????????????{????????????|?????????????????????6-21-2006??????????????????'?????????????????????????????????????????????u?????????r??????N??????????????????????A??????sP??????????????????????????????te??????????????t?????4??z?????????e??????H??z???s???????????)???????)??Microsoft???????????????????????????????*6to4mp??????????<??v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|ICMP6=143:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-25076|Desc=@FirewallAPI.dll,-25081|EmbedCtxt=@FirewallAPI.dll,-25000|???????6??z???:??????am?????????????????s?????????????"??Tc????v??????C??????? ??????????????????????????????4332?????z??????????????v2.10|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|Profile=Public|ICMP6=128:*|RA6=LocalSubnet|Name=@FirewallAPI.dll,-28546|Desc=@FirewallAPI.dll,-28547|EmbedCtxt=@FirewallAPI.dll,-28502|??API.dll,-28502|?????????????????????????????e???Virtual WiFi Bus Driver?rivers\vwifibus.sys,-257?????????????e??6.???|?????
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076a27abb (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\c0cb38e4d1c5@2021a57f526a 0x58 0xFD 0x39 0xD9 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\f07bcbe77cb4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Linkage@Export ???n?p???????????????????????????????????0?????s????? 0????????????z?????????d??????s???????????Volume???????????o??BanzaiU??????????h???????????????d??????????? V??m???????????????????????????????????????k????????????V??????????????????????????????l?z??????N??l?????????D?????????????????????n???????????????????????????????????????l?l???????k?&???????k???????????????l????????????:??l??????????machine.inf?????8&20955f15&0?????????k???????????????l???2???????l?l????? ???????k???????????k????????????????????????s?????SLP\HPSLPDEVICE?????? ???????k???????????????????????????????f??? ???????k?????l???????0??L????????? ??????????????l???l???l????????? ???????l?????l???????0????????????&???????????????????????? ???????l?????l???????0?????????????????????l?l????? ???????l???????????i?0?????????????????????????j???????e?????l????? ???????l?????l???????0???????????????????????l???l????? ???????l???????????j?0????????????????????root\rdp_mou???????????????????????????????l????? ???????l?????l???????0????????????&??????
Reg HKLM\SYSTEM\ControlSet002\services\LanmanWorkstation\Linkage@Export ???p?????????s??ep???t?t?t?????????????????????????????????????????????e?????????????????????p??????????????? ???????n???????????o??????????x?X??????????????????????????????????p???o??to????????????????????s??????????????????????????????????????????????????????p???%???????????????p???%??????????kbd101a.dll?dl???????p???6?????????????hpa??PCAT_101KEY????????????????????e????Standbild???? ???????n???????????n??????????R?Y??????????????????7???????????e???????????0???????????e???p?p?p?p?p?p?p?pem??????????????????11?er????????f???????????????h????8???????????h??????????????B??????????????0???1?????????????X??????s???????????????????????????{?{?{??????? ???????n???????????o??????????2?Z????G?????????????s??ep????8??q????????h?????????????7&16e97060&1? ??????????????t???????????????!???????????????t???????????????????????????????????????????????????????????????? ???????n???????????o??????????V?[?????????System32\Drivers\ksecpkg.sys?????????p???0??????Video Save??????????????????????????t????????t??\SystemRoot\sys
---- Files - GMER 1.0.15 ----
File C:\Users\Frederik\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.079_NetStorage.exe (size mismatch) 688128/0 bytes executable
---- EOF - GMER 1.0.15 ----
Code:
ATTFilter Report of OSAM: Autorun Manager v5.0.11926.0 hxxp://www.online-solutions.ru/en/ Saved at 21:27:22 on 03.07.2012 OS: Windows 7 Home Premium Edition (Build 7600), 64-bit Default Browser: Microsoft Corporation Internet Explorer 9.00.8112.16421 Scanner Settings [x] Rootkits detection (hidden registry) [x] Rootkits detection (hidden files) [x] Retrieve files information [x] Check Microsoft signatures Filters [ ] Trusted entries [ ] Empty entries [x] Hidden registry entries (rootkit activity) [x] Exclusively opened files [x] Not found files [x] Files without detailed information [x] Existing files [ ] Non-startable services [ ] Non-startable drivers [x] Active entries [x] Disabled entries [Common] -----( %SystemRoot%\Tasks )----- "Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [Control Panel Objects] -----( %SystemRoot%\system32 )----- "igfxcpl.cpl" - "Intel Corporation" - C:\Windows\system32\igfxcpl.cpl -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )----- "mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLCFG32.CPL "QuickTime" - "Apple Inc." - C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.cpl [Drivers] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "6077757b" (6077757b) - "InterVideo" - C:\Windows\system32\drivers\regi.sys "avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys "avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys "avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys "catchme" (catchme) - ? - C:\ComboFix\catchme.sys (File not found) "igfx" (igfx) - "Intel Corporation" - C:\Windows\System32\DRIVERS\igdkmd64.sys "Intel(R) Display Audio" (IntcDAud) - "Intel(R) Corporation" - C:\Windows\System32\DRIVERS\IntcDAud.sys "MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys "PxHlpa64" (PxHlpa64) - "Sonic Solutions" - C:\Windows\System32\Drivers\PxHlpa64.sys "regi" (regi) - "InterVideo" - C:\Windows\system32\drivers\regi.sys "truecrypt" (truecrypt) - "TrueCrypt Foundation" - C:\Windows\SysWOW64\drivers\truecrypt.sys "VBTUSB.Sys VAIO Bluetooth Driver over USB device" (VBTUSB) - "Sony Corporation" - C:\Windows\System32\Drivers\VBTUSB.sys [Explorer] -----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? - (File not found | COM-object registry key not found) -----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )----- {F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll -----( HKLM\Software\Classes\Protocols\Filter )----- {807573E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL -----( HKLM\Software\Classes\Protocols\Handler )----- {314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL {03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )----- {23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files (x86)\7-Zip\7-zip.dll {5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? - (File not found | COM-object registry key not found) {D66DC78C-4F61-447F-942B-3FB6980118CF} "CInfoTipShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll {506F4668-F13E-4AA1-BB04-B43203AB3CC0} "ImageExtractorShellExt Class" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\VISSHE.DLL {42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\msohevi.dll {993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\msoshext.dll {0875DCB6-C686-4243-9432-ADCCF0B9F2D7} "Microsoft OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONFILTER.DLL {00020D75-0000-0000-C000-000000000046} "Microsoft Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\MLSHEXT.DLL {0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\OLKFSTUB.DLL {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll {06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Internet Explorer] -----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )----- {555D4D79-4BD2-4094-A395-CFC534424A05} "HP Smart Web Printing" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll -----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )----- ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found) <binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found) -----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )----- {8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_29" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_29.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab {67DABFBF-D0AB-41FA-9C46-CC0F21721616} "{67DABFBF-D0AB-41FA-9C46-CC0F21721616}" - ? - (File not found | COM-object registry key not found) / hxxp://download.divx.com/player/DivXBrowserPlugin.cab -----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )----- {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} "Add to Evernote" - "Evernote Corporation" - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll {48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll {DDE87865-83C5-48c4-8357-2F5B1AA84522} "HP Smart Web Printing ein- oder ausblenden" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll {FFFDC614-B694-4AE6-AB38-5D6374584B52} "Verknüpfte &OneNote-Notizen" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )----- {18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {0347C33E-8762-4905-BF09-768834316C61} "HP Print Enhancer" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} "HP Smart BHO Class" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll {DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll {B4F3A835-0E21-4959-BA22-42B3008E02FF} "Office Document Cache Handler" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL {9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Logon] -----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\Users\Frederik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "Dropbox.lnk" - "Dropbox, Inc." - C:\Users\Frederik\AppData\Roaming\Dropbox\bin\Dropbox.exe (Shortcut exists | File exists) -----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )----- "desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini "HP Digital Imaging Monitor.lnk" - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Shortcut exists | File exists) "Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (Shortcut exists | File not found) -----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )----- "Sony PC Companion" - "Sony" - "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background "Spotify Web Helper" - ? - "C:\Users\Frederik\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" (File found, but it contains no detailed information) -----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )----- "StartupPrograms" - ? - rdpclip (File not found) -----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )----- "Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min "HP Software Update" - "Hewlett-Packard" - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe "IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe "ISBMgr.exe" - ? - "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" "Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "Norton Online Backup" - "Symantec Corporation" - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe "PMBVolumeWatcher" - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe "QuickTime Task" - "Apple Inc." - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun "SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [Services] -----( HKLM\SYSTEM\CurrentControlSet\Services )----- "@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll (File not found) "@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe" (File not found) "Adobe Active File Monitor V8" (AdobeActiveFileMonitor8.0) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe "Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe "ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe "Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe "Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe "Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe "CamMonitor" (uCamMonitor) - "ArcSoft, Inc." - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe "FLEXnet Licensing Service" (FLEXnet Licensing Service) - "Acresso Software Inc." - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe "HP CUE DeviceDiscovery Service" (hpqddsvc) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll "HP Network Devices Support" (HPSLPSVC) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL "hpqcxs08" (hpqcxs08) - "Hewlett-Packard Co." - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll "InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe "Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe "Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe "Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe "IviRegMgr" (IviRegMgr) - "InterVideo" - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe "MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe "Megatech-Software-Protection" (Megatech-Software-Protection) - ? - C:\Megatech\MProtect\MPSERV.EXE (File found, but it contains no detailed information) "Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe "Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe "Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe "Net Driver HPZ12" (Net Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZinw12.dll "Norton Online Backup" (NOBU) - "Symantec Corporation" - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe "Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE "Office Software Protection Platform" (osppsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE "PMBDeviceInfoProvider" (PMBDeviceInfoProvider) - "Sony Corporation" - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe "Pml Driver HPZ12" (Pml Driver HPZ12) - "Hewlett-Packard" - C:\Windows\system32\HPZipm12.dll "Protexis Licensing V2" (PSI_SVC_2) - "Protexis Inc." - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe "Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe "VAIO Care Performance Service" (SampleCollector) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCPerfService.exe "VAIO Content Folder Watcher" (VCFw) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe "VAIO Content Metadata Intelligent Analyzing Manager" (VcmIAlzMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe "VAIO Content Metadata Intelligent Network Service Manager" (VcmINSMgr) - "Sony Corporation" - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe "VAIO Content Metadata XML Interface" (VcmXmlIfHelper) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe "VAIO Entertainment Common Service" (SpfService) - "Sony Corporation" - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe "VAIO Event Service" (VAIO Event Service) - "Sony Corporation" - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe "VAIO Media plus Content Importer" (SOHCImp) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe "VAIO Media plus Device Searcher" (SOHDs) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe "VAIO Media plus Digital Media Server" (SOHDms) - "Sony Corporation" - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe "VAIO Power Management" (VAIO Power Management) - "Sony Corporation" - C:\Program Files\Sony\VAIO Power Management\SPMService.exe "VCService" (VCService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Care\VCService.exe "VSNService" (VSNService) - "Sony Corporation" - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe "VUAgent" (VUAgent) - "Sony Corporation" - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe ===[ Logfile end ]=========================================[ Logfile end ]=== If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru Code:
ATTFilter aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-03 21:35:44
-----------------------------
21:35:44.939 OS Version: Windows x64 6.1.7600
21:35:44.939 Number of processors: 4 586 0x2505
21:35:44.939 ComputerName: FREDERIK-VAIO UserName: Frederik
21:35:46.780 Initialize success
21:35:50.758 AVAST engine defs: 12070300
21:35:57.934 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:35:57.950 Disk 0 Vendor: SAMSUNG_ 2AC1 Size: 476940MB BusType: 3
21:35:57.981 Disk 0 MBR read successfully
21:35:57.981 Disk 0 MBR scan
21:35:57.981 Disk 0 Windows 7 default MBR code
21:35:57.996 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13756 MB offset 2048
21:35:58.012 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 28174336
21:35:58.028 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463082 MB offset 28379136
21:35:58.074 Disk 0 scanning C:\Windows\system32\drivers
21:36:09.821 Service scanning
21:36:35.499 Modules scanning
21:36:35.499 Disk 0 trace - called modules:
21:36:35.546 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
21:36:35.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800638e060]
21:36:35.561 3 CLASSPNP.SYS[fffff88001b1043f] -> nt!IofCallDriver -> [0xfffffa8003571b20]
21:36:35.561 5 ACPI.sys[fffff88000f8f781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800434d050]
21:36:35.577 Scan finished successfully
21:38:28.022 Disk 0 MBR has been saved successfully to "C:\Users\Frederik\Desktop\MBR.dat"
21:38:28.022 The log file has been saved successfully to "C:\Users\Frederik\Desktop\aswMBR.txt"
|
|
04.07.2012, 16:32
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gema Trojaner paysafe card Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs. Denk dran beide Tools zu updaten vor dem Scan!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Gema Trojaner paysafe card |
| abgesicherten, adf.ly, anmeldung, besser, bild, dateien, fehlermeldung, heute, interne, internetverbindung, kumpel, meldung, modus, notebook, passwörter, problem, schonmal, screen, starte, starten, startet, trojaner, verbindung, virus, wahrscheinlich, windows |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
