| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.06.2012, 10:48
| #1 |
| |  GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi Community, bin neu hier und habe schon diverse Berichte zu dem GVU/ BSI Trojaner gelesen, nachdem dieser den Lap meiner Mutter Gestern befallen hat. Im Gegensatz zu vielen, hatte ich die Gelegenheit im abgesicherten Modus mit Netzwerk zu starten. Was ich bisher gamcht habe, Malewarebytes laufengelassen, leider ohne treffer, habe den Kontonamen geändert (warum auch immer, nicht fragen bin Leihe) und habe einen Reboot gemacht. Reboot erfolgreich, habe dann auch wieder Interzugang gehabt und nachfolgend alle offen Updates durchgeführt und noch Maleware von Emisoft geladen und gescannt. Der hatte dann noch etwas gefunden und gelöscht...die Hinweise zum nicht löschen hatte ich leider in der Hektik nicht gelesen, sorry dafür! Jetzt läuft das Ding wieder ohen Probleme, trau dem Frieden jedoch nicht ganz, daher habe ich noch OTL geladen und ausgeführt und den Log anbei angefügt. Würde mich über Feedback aus der Reihe der Wissenden freuen und gerne wissen ob noch etwas zu tun ist und wenn was? Gruß und besten Dank im Voraus --> sorry for typos Code:
ATTFilter OTL logfile created on: 21.06.2012 10:09:05 - Run 1 OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\...\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,73% Memory free 7,49 Gb Paging File | 5,13 Gb Available in Paging File | 68,56% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 581,28 Gb Total Space | 527,46 Gb Free Space | 90,74% Space Free | Partition Type: NTFS Drive D: | 14,60 Gb Total Space | 1,80 Gb Free Space | 12,33% Space Free | Partition Type: NTFS Unable to calculate disk information. Computer Name: ...-LAP1 | User Name: ... | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.21 10:06:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe PRC - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe PRC - [2012.06.17 15:44:44 | 003,367,328 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE PRC - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe PRC - [2011.08.19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe PRC - [2011.03.23 09:16:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe PRC - [2010.12.15 22:01:28 | 000,249,672 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe PRC - [2010.12.15 22:01:22 | 000,635,208 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe PRC - [2010.12.15 22:01:08 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe PRC - [2010.12.11 04:32:56 | 000,154,816 | ---- | M] (Zecter Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe PRC - [2010.11.18 12:57:28 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.11.09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe PRC - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe PRC - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe PRC - [2010.01.04 12:07:06 | 000,083,280 | ---- | M] (Trend Micro Inc.) -- C:\Programme\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe PRC - [2009.07.25 03:09:14 | 000,329,040 | ---- | M] (Trend Micro Inc.) -- C:\Programme\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe ========== Modules (No Company Name) ========== MOD - [2012.06.21 07:02:36 | 000,379,904 | ---- | M] () -- C:\Users\...\AppData\Local\Temp\libsqlitejdbc-3938884281665348199.lib MOD - [2012.06.21 07:02:28 | 000,199,168 | ---- | M] () -- C:\Users\...\AppData\Local\Temp\WindowsAPI.dll1905712988578935392.lib MOD - [2010.11.18 13:07:50 | 001,700,920 | ---- | M] () -- C:\Users\...\AppData\Roaming\PictureMover\DE-DE\Presentation.dll MOD - [2010.11.18 12:57:42 | 012,284,984 | ---- | M] () -- C:\Users\...\AppData\Roaming\PictureMover\Bin\Core.dll MOD - [2010.08.16 13:21:30 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2010.08.16 13:21:30 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2010.08.16 13:21:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.12.28 19:51:30 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer) SRV:64bit: - [2011.05.27 12:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:64bit: - [2010.12.10 09:05:42 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010.12.09 23:33:22 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service) SRV - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate) SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc) SRV - [2011.12.28 19:51:30 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Programme\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy) SRV - [2011.12.28 19:51:30 | 000,595,960 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Programme\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw) SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011.09.09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service) SRV - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe) SRV - [2010.12.15 22:01:28 | 000,249,672 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService) SRV - [2010.12.02 06:44:08 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC) SRV - [2010.11.08 18:52:56 | 000,836,504 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Programme\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom) SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.08.05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc) SRV - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service) SRV - [2010.06.17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.09.20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.28 19:51:31 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp) DRV:64bit: - [2011.12.28 19:51:31 | 000,200,720 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf) DRV:64bit: - [2011.12.28 19:51:31 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi) DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2011.07.12 12:56:50 | 000,342,288 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt) DRV:64bit: - [2011.07.12 12:56:36 | 000,042,768 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt) DRV:64bit: - [2011.07.12 12:47:06 | 002,077,456 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint) DRV:64bit: - [2011.05.27 12:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2011.05.27 12:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2011.05.18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:64bit: - [2011.03.23 09:17:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.17 04:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.12.10 11:40:38 | 008,121,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010.12.10 08:24:20 | 000,291,328 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.12.08 23:30:08 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2010.12.02 06:44:08 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.19 20:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.11.19 20:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.10.19 21:56:44 | 000,406,632 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.09.28 13:54:56 | 002,562,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwx.sys -- (AR5416) DRV:64bit: - [2010.09.26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.06.17 15:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010.05.06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2010.04.29 14:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc) DRV - [2012.04.30 18:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver) DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA) DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4 IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\...\Desktop IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4 IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes,DefaultScope = {734E87CA-0C26-44BC-B70A-AE0ED8B086BB} IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{734E87CA-0C26-44BC-B70A-AE0ED8B086BB}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{7BC37B0B-ED6D-4949-AD42-9B19E901DD70}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050 IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.27 18:58:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2011.12.28 20:16:45 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.27 18:58:39 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\gcswf32.dll CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\npwebsitelogon.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: Google-Suche = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: Website Logon = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\ CHR - Extension: Google Mail = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.) O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe () O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH) O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.) O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe (Trend Micro Inc.) O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{614482C6-7F92-452A-82C1-791D345C532C}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{973D5F0A-BFF5-4882-B62C-6BF82B644C81}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\tmtb - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) SafeBootMin:64bit: AppMgmt - Service SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: AppMgmt - Service SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - Service SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: AppMgmt - Service SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1 ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.06.21 10:06:32 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe [2012.06.20 22:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.06.20 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2012.06.20 22:53:06 | 000,000,000 | ---D | C] -- C:\Users\...\Documents\Anti-Malware [2012.06.20 22:40:17 | 137,888,424 | ---- | C] (Emsisoft GmbH ) -- C:\Users\...\Desktop\EmsisoftAntiMalwareSetup.exe [2012.06.20 20:57:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.06.20 20:56:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.06.20 20:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.06.20 20:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.06.20 17:01:43 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Malwarebytes [2012.06.20 17:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.20 17:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.20 17:01:31 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.06.20 17:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.06.16 09:07:52 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A3B38392-0552-4D70-9910-3D85962F2626} [2012.06.13 14:47:54 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{FB7E3D9E-4EA2-4892-8A91-6CB98D0A685D} [2012.06.13 14:47:30 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{3D6C78F9-924F-4B89-8BAF-34838D4B8AC3} [2012.06.12 19:59:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{EAB44E5E-9418-450A-AD9C-83AC48B85064} [2012.06.12 10:25:32 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{3705DD42-A5D6-49A0-AEFE-AB1B69400F7D} [2012.06.12 10:25:08 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{1F07B979-6BFB-4A22-9005-054540B6EE14} [2012.06.12 08:15:23 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{8B3B8087-AE0C-40B7-9015-E9908638FE2F} [2012.06.12 08:15:11 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B59B7C38-E1D6-4906-A6E7-42EA09386FEB} [2012.06.12 07:17:04 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{4DF2B4B9-1643-4E14-9479-31DCEFC990B9} [2012.06.12 07:16:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A1ABFA58-323A-4282-8908-D08A05992EAC} [2012.06.08 11:38:05 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B3C90258-506F-402F-87F7-494F71659C81} [2012.06.08 11:37:39 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{57D46025-55FF-4130-8A39-AEC6751BA8F6} [2012.06.07 22:27:32 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{E77816A4-E26E-41B9-8154-D74752B279C5} [2012.06.07 22:27:08 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{65B19811-EE13-4D3F-AC90-C53781EE569D} [2012.06.06 20:02:54 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{C686887E-D3AA-425E-958B-0AB1137AA755} [2012.06.06 20:02:30 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{E1D08AB3-301E-40DB-9E79-8BE75BA7EA69} [2012.06.06 17:51:44 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A6037A2D-5CC5-4223-A34B-E73CC8D0AFBD} [2012.06.06 17:51:18 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{7E266F56-38A7-4261-9E9C-95BB723FF6E1} [2012.06.05 20:29:03 | 000,000,000 | --SD | C] -- C:\Users\...\Documents\Meine Datenquellen [2012.06.05 20:26:46 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{70944899-0B1A-452D-A416-032B67BA628F} [2012.06.05 20:26:19 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B26E6A1C-A1C7-44FC-A962-E5A96A7F8D25} [2012.06.05 08:26:19 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{7B52FB50-5948-4D0E-A4FA-8A8C86299D84} [2012.06.05 08:25:24 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{93F5350A-82B5-4410-BFE8-428EC98B44BF} [2012.06.05 07:56:25 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{870ED6CD-7E75-48F6-ADF9-57E28CD09B81} [2012.06.04 09:22:38 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{83CB33AA-2683-462D-8CB5-BD944F3DF35C} [2012.06.04 09:21:56 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{C06DF006-E21C-4D6E-9E3F-DB21201CD3E4} [2012.06.03 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{FA27F347-A6F8-4D04-BB1F-CDE91115983F} [2012.06.03 18:56:42 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{69803FED-32AC-44B8-AA64-0303B5EDBDBD} [2012.06.01 12:11:36 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{1C21036E-0E5F-4584-A4D8-7AA2BD354A18} [2012.05.27 10:25:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam ========== Files - Modified Within 30 Days ========== [2012.06.21 10:22:31 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin [2012.06.21 10:19:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.21 10:18:25 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin [2012.06.21 10:06:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe [2012.06.21 09:57:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.21 07:08:25 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.21 07:08:25 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.21 07:01:32 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.21 07:00:21 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys [2012.06.21 06:27:21 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.06.21 06:27:21 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.06.21 06:27:21 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.06.21 06:27:21 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.06.21 06:27:20 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.06.20 22:53:35 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.06.20 22:52:54 | 137,888,424 | ---- | M] (Emsisoft GmbH ) -- C:\Users\...\Desktop\EmsisoftAntiMalwareSetup.exe [2012.06.20 22:04:28 | 000,277,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.06.20 21:04:21 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.06.20 19:18:01 | 004,503,728 | ---- | M] () -- C:\ProgramData\ni_0_evas.pad [2012.06.20 17:01:33 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.20 10:28:32 | 000,001,883 | ---- | M] () -- C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2012.06.20 10:19:28 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\WebReg HP Photosmart C5100 series.job [2012.06.18 17:37:56 | 000,226,755 | ---- | M] () -- C:\Windows\hpoins18.dat [2012.06.15 09:34:40 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor....job [2012.05.26 16:53:04 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor...-LAP1$.job ========== Files Created - No Company Name ========== [2012.06.20 22:53:35 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk [2012.06.20 17:01:33 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.06.20 10:28:32 | 004,503,728 | ---- | C] () -- C:\ProgramData\ni_0_evas.pad [2012.06.20 10:28:32 | 000,001,883 | ---- | C] () -- C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2012.06.18 17:37:49 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\WebReg HP Photosmart C5100 series.job [2011.12.27 18:53:16 | 000,226,755 | ---- | C] () -- C:\Windows\hpoins18.dat [2011.12.27 18:53:16 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat [2011.12.27 17:58:21 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.08.16 09:38:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.08.16 09:25:27 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011.01.06 13:42:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini [2011.01.06 13:36:08 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2010.12.17 04:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2010.09.24 15:41:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL [2010.09.18 00:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== LOP Check ========== [2012.02.09 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoft [2012.02.09 10:41:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.27 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PictureMover [2012.06.12 23:07:25 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SoftGrid Client [2011.12.27 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Synaptics [2011.12.27 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TP [2012.01.02 23:10:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Windows Live Writer [2012.06.21 07:02:38 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ZumoDrive [2012.03.12 18:42:59 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\_MDLogs [2012.02.27 20:19:51 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2011.12.27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Adobe [2011.12.27 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ATI [2011.12.27 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\CyberLink [2012.02.09 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoft [2012.02.09 10:41:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers [2012.01.26 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Hewlett-Packard [2011.12.27 19:01:42 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\HP [2012.02.03 16:44:18 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\hpqlog [2011.12.27 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Identities [2011.12.27 17:54:09 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Macromedia [2012.06.20 17:01:43 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Malwarebytes [2011.08.16 18:19:53 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Media Center Programs [2012.06.05 20:29:03 | 000,000,000 | --SD | M] -- C:\Users\...\AppData\Roaming\Microsoft [2011.12.27 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PictureMover [2012.06.01 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Skype [2012.06.12 23:07:25 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SoftGrid Client [2011.12.27 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Synaptics [2011.12.27 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TP [2012.01.02 23:10:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Windows Live Writer [2011.12.27 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Yahoo! [2012.06.21 07:02:38 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ZumoDrive [2012.03.12 18:42:59 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\_MDLogs < %APPDATA%\*.exe /s > < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS > [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys [2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys < MD5 for: ATAPI.SYS > [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20545_none_39e1f82254380270\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys [2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll [2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll [2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll < MD5 for: IASTORV.SYS > [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys [2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys [2011.01.06 21:56:12 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys [2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys [2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys [2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys [2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys [2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys [2011.01.06 21:56:12 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys < MD5 for: NETLOGON.DLL > [2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll [2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll [2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll [2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll < MD5 for: NVSTOR.SYS > [2011.01.06 21:56:12 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys [2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys [2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys [2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys [2011.01.06 21:56:12 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys [2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys [2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys [2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys < MD5 for: SCECLI.DLL > [2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll [2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll [2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll [2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll < MD5 for: USER32.DLL > [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll [2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll [2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll [2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll [2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll < MD5 for: USERINIT.EXE > [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2011.01.06 21:43:50 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2011.01.06 21:43:50 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys [2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > < End of report > |
|
21.06.2012, 10:57
| #2 |
  | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi,
__________________sieht soweit gut aus, bitte noch das EXTRA-Log posten... Fix für OTL:
 Code:
ATTFilter
:OTL
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O4 - HKLM..\Run: [] File not found
:Commands
[emptytemp]
[Reboot]
chris
__________________ |
|
21.06.2012, 11:07
| #3 |
| | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Danke schonmal vorab für die schnelle Reaktion!
__________________ExtraLog anbei OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 21.06.2012 10:09:05 - Run 1
OTL by OldTimer - Version 3.2.50.0 Folder = C:\Users\...\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,73% Memory free
7,49 Gb Paging File | 5,13 Gb Available in Paging File | 68,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,28 Gb Total Space | 527,46 Gb Free Space | 90,74% Space Free | Partition Type: NTFS
Drive D: | 14,60 Gb Total Space | 1,80 Gb Free Space | 12,33% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: ...-LAP1 | User Name: ... | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19EE0C96-C720-4FD4-AE30-21A316CF6677}" = lport=7000 | protocol=17 | dir=in | name=udp-port für windows-easytransfer |
"{9750A451-5B8E-4BA2-8A57-B64F46F040E6}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{B90C1E47-2621-47AF-85AB-5256BD63C0A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{BC76AB8F-7AE7-4828-9135-87422E791042}" = lport=7000 | protocol=6 | dir=in | name=tcp-port für windows-easytransfer |
"{EC1D0362-A007-4F97-BA7C-E8849CFC2B3B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02563BCF-689F-4D24-91BA-7F6CBAB89B1E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{08D870C8-5950-4AE8-8EEA-50417FB16D3B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{118A94C5-1CCD-4727-951E-AFF808D91866}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{18F8BA7C-30CA-40CD-B4C8-017610B61C20}" = dir=in | app=c:\users\...\appdata\local\temp\7zs46c9\setup\hpznui40.exe |
"{1BD686DE-4DD8-4CF4-9D9C-D5D0960B3C34}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{29D44BC1-18D2-42BF-B8EF-DC9BB4F1BBC4}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{2EFD702B-64D7-46B8-9BBB-717CB36D7BFF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{332FB473-FFB7-4988-9721-2ED1178AFC24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{38FF31BF-B905-4F04-82FB-F21153B6915C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3F20CC4F-D0B4-4D88-9883-58D70E08477E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{481574A7-D685-4A41-BF1E-E9ED44B4F074}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{4FE6B739-259C-4C5D-86B2-A828DF96DFE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{554322D1-CB9B-439B-B256-E63850509AF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{71BCB91C-58F5-4460-9F98-7125A3146E23}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{765C5A44-831A-41E2-8653-C6ED06262F37}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{7ECFF03E-B0E2-4781-BCEB-BF8379764D57}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |
"{8ABEA37C-DE10-4466-BBF4-3D72C84A0975}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{8D4B33DD-F19B-4223-9963-E567D638D82F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{90B3B2C2-79ED-4157-BEED-13E8D52BD1D1}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |
"{9138FB82-1C26-47DB-8A16-2B69A35E8BA0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9F1692C1-1B84-484F-99EF-46CAC5CA384E}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A6BD59DA-A981-4141-BA37-1DACB8535787}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{AF352C6E-32DD-4312-A0E0-237CEC5E30E7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{AF4DD762-C2D2-400D-B528-282F5366B7EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{BBC834EC-5AE9-4B4F-9942-732BA35919EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{BEBC24EE-1B28-4AD2-B4C9-40E7A3989EE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{BFEECE24-D276-4569-A5C7-FE7440483A25}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{C984EFFF-89DD-4745-8734-E562457309D3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{CA023692-6603-46F5-83F8-4DA58251600F}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe |
"{CC6D256D-CCC0-44FE-AC14-35F3D7B3DF49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{CFA143DB-DC2E-4546-AD9E-A0E18ACD8262}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{DC40C287-58BC-4680-88E3-A40215FC418F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{EBDC2E1C-0A44-405C-AF36-4F5D2578911C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{F12804F5-33E9-4812-88DE-305FE1589F05}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{F674CED6-7C38-4749-9667-FF40A2D7D154}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1B6E46D9-BD48-F831-D337-64397E7EA1DB}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{3549401F-C832-4B81-8780-1E055E18B8A6}" = Validity WBF DDK
"{3623E33A-6E9A-442F-9628-570C28E01EDF}" = HP 3D DriveGuard
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{896DC183-4DDA-4AF5-9DFD-B68B97CB7989}" = AuthenTec TrueAPI
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E18E155E-73A9-0CCA-B796-05B09A1B5D97}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE87BA4F-9866-8332-0A4F-59864BE2196A}" = AMD Fuel
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A9A553D-A324-4C3C-B6E9-2464480BAE50}" = Catalyst Control Center - Branding
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F7254A8-4D75-979A-4445-EBC2EE90B6D2}" = CCC Help English
"{14D9E133-37C6-B9CB-36C5-EB76DBE80F5C}" = Catalyst Control Center Graphics Previews Common
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{431D963B-16AA-FAB8-3E72-82CDB466FDD8}" = CCC Help Swedish
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{49F633C6-1247-3052-F1F1-C3DC271A6E92}" = CCC Help Danish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54C024E2-4761-EB23-88C5-77EE8977B854}" = CCC Help Polish
"{5A018BC8-CEC4-C0E2-5EB1-4DFF3CD5E052}" = CCC Help Japanese
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FE4D5BB-0B56-DC7D-E5A4-49DB989983CC}" = CCC Help French
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{66F0F1EB-A7B1-4592-BE90-404CD9E49053}" = HP Documentation
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F388ED3-8C2B-222D-9CA6-38C44A3F4569}" = CCC Help Italian
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{70E09E33-5C83-F272-17D5-93858F2063F2}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D12AB72-6A28-A280-0637-485760AFDBDC}" = ccc-core-static
"{802C068E-0576-4F25-8137-D54B7DB0FC5E}" = HP Setup
"{81BAE41F-EF43-4902-773E-64B105245EE0}" = CCC Help Chinese Standard
"{82F6A47B-6651-0044-F871-AF99C15E4871}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98218567-28F7-0D1F-BD48-3041677E5CD4}" = CCC Help Hungarian
"{994406A3-EA5C-B7C9-B0C0-E9019ADD3521}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A671E7CA-23EA-A86E-A61F-E518143670C0}" = CCC Help Thai
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9AED85D-2194-F13C-EE99-F013DB2BD44F}" = CCC Help Russian
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB32E35A-3CBE-6747-06A9-453469EF9CD2}" = CCC Help Chinese Traditional
"{ABAF4569-6EDD-EA43-1574-EBA8911859BE}" = CCC Help Greek
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B949352B-D05B-5670-836E-430CCAAE28FA}" = CCC Help Spanish
"{BC08BEE3-1503-0173-B7A5-8765AA20C08A}" = CCC Help Portuguese
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BCB2219D-A452-80E9-5C27-F497128DE10A}" = CCC Help Norwegian
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD302920-E48F-EE44-4DBF-F58994C8BDF3}" = CCC Help Finnish
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2AC41BC-CA8B-846C-A711-42A2C8BC05BB}" = Catalyst Control Center InstallProxy
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D902BADB-499C-EF9E-B5D3-48B36566C3A6}" = Catalyst Control Center Localization All
"{DA7B4F2B-0099-EEB6-6FB8-8F794248E982}" = CCC Help Czech
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1DD6CD2-6734-4089-9EF5-441F51E083B6}" = HP SimplePass 2011
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALDI Bestellsoftware" = ALDI Bestellsoftware 4.11.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EasyBits Magic Desktop" = Magic Desktop
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PokerStars.net" = PokerStars.net
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"ZumoDrive" = HP CloudDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 31.05.2012 19:25:20 | Computer Name = ...-LAP1 | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error - 31.05.2012 19:25:22 | Computer Name = ...-LAP1 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sftlist.exe, Version: 4.6.1.10263,
Zeitstempel: 0x4c8e7cc8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0x00000000 Fehleroffset: 0x00000000 ID des fehlerhaften
Prozesses: 0xf54 Startzeit der fehlerhaften Anwendung: 0x01cd3bd910226729 Pfad der
fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Application Virtualization
Client\sftlist.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: e3a1ef7a-ab77-11e1-9ae6-68b599df7d36
Error - 31.05.2012 19:25:24 | Computer Name = ...-LAP1 | Source = Application Virtualization | ID = 257
Description = Application Virtualization hat einen unerwarteten Fehler erkannt und
es wurde ein Fehlerbericht generiert.
Error - 03.06.2012 11:48:17 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 04.06.2012 03:21:06 | Computer Name = ...-LAP1 | Source = System Restore | ID = 8193
Description =
Error - 04.06.2012 03:21:06 | Computer Name = ...-LAP1 | Source = System Restore | ID = 8211
Description =
Error - 05.06.2012 01:55:06 | Computer Name = ...-LAP1 | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error - 05.06.2012 02:42:30 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 06.06.2012 14:36:54 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 07.06.2012 10:00:10 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 08.06.2012 05:41:39 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ Hewlett-Packard Events ]
Error - 23.02.2012 14:47:21 | Computer Name = ...-LAP1 | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Message: Failed to perform update. StackTrace: bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
category) bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()
bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager InnerException.Message:
Das Objekt "/3828e79e_096d_4843_b163_a03d5a059798/+abmtey_p+p7+v33ojhjqtdr_5.rem"
wurde getrennt oder ist nicht auf dem Server vorhanden. Name: hpsa_service.exe Version:
06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
de-DE RAM: 3834 Ram Utilization: 40 TargetSite: Void UpdateDetail(System.String)
[ HP Software Framework Events ]
Error - 24.05.2012 17:21:44 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.05.24 23:21:44.737|00001A50|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 24.05.2012 17:21:47 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.05.24 23:21:47.821|00000364|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 07.06.2012 13:59:27 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 19:59:27.907|00000FA4|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
Error - 07.06.2012 13:59:28 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 19:59:28.307|00000FA4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 07.06.2012 14:01:14 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:14.691|000017B8|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
Error - 07.06.2012 14:01:15 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:15.150|000017B8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 07.06.2012 14:01:16 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:16.666|00001AC8|Error |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
Error - 07.06.2012 14:01:17 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:17.114|00001AC8|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 14.06.2012 14:00:21 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.14 20:00:21.918|00003444|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 14.06.2012 14:00:24 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.14 20:00:24.004|00003A7C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
[ HP Wireless Assistant Events ]
Error - 27.12.2011 11:42:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:43:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:44:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:45:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:46:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:47:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:48:38 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:49:46 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 27.12.2011 11:50:53 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
verfügbar. (Ausnahme von HRESULT: 0x800706BA) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObject.Initialize(Boolean
getObject) bei System.Management.ManagementBaseObject.get_Properties() bei
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName) bei
HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
Error - 07.05.2012 11:32:08 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED)) bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) bei System.Management.ManagementScope.InitializeGuts(Object
o) bei System.Management.ManagementScope.Initialize() bei System.Management.ManagementObjectSearcher.Initialize()
bei System.Management.ManagementObjectSearcher.Get() bei HPPA_Service.CurrentConfiguration.FindDevice(String
hostPath, String portName) bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
radio) bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext() bei
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext() bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()
bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
[ Media Center Events ]
Error - 05.06.2012 01:51:51 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 07:51:51 - Fehler beim Herstellen der Internetverbindung. 07:51:51
- Serververbindung konnte nicht hergestellt werden..
Error - 05.06.2012 01:52:03 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 07:51:56 - Fehler beim Herstellen der Internetverbindung. 07:51:56
- Serververbindung konnte nicht hergestellt werden..
Error - 05.06.2012 04:05:51 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 10:05:51 - Fehler beim Herstellen der Internetverbindung. 10:05:51
- Serververbindung konnte nicht hergestellt werden..
Error - 05.06.2012 04:06:01 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 10:05:56 - Fehler beim Herstellen der Internetverbindung. 10:05:56
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 08:48:34 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 14:48:34 - Fehler beim Herstellen der Internetverbindung. 14:48:34
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 08:48:44 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 14:48:39 - Fehler beim Herstellen der Internetverbindung. 14:48:39
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 11:00:26 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 17:00:26 - Fehler beim Herstellen der Internetverbindung. 17:00:26
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 11:01:01 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 17:00:38 - Fehler beim Herstellen der Internetverbindung. 17:00:38
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 12:01:28 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 18:01:28 - Fehler beim Herstellen der Internetverbindung. 18:01:28
- Serververbindung konnte nicht hergestellt werden..
Error - 20.06.2012 12:02:08 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 18:01:34 - Fehler beim Herstellen der Internetverbindung. 18:01:34
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 20.06.2012 15:44:14 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10010
Description =
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2656410)
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2656372)
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2604114)
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2686830)
Error - 20.06.2012 19:37:56 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description =
Error - 21.06.2012 00:33:29 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description =
Error - 21.06.2012 00:34:51 | Computer Name = ...-LAP1 | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 21.06.2012 03:57:26 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description =
Error - 21.06.2012 04:51:16 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description =
< End of report >
|
|
21.06.2012, 13:02
| #4 |
| | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi, okay.... Läuft der Rechner normal? chris
__________________  Don't bring me downVor dem posten beachten! Spenden (Wer spenden will, kann sich gerne melden  ) |
|
21.06.2012, 14:11
| #5 |
| | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi Chris, soweit läuft der Rechner schon, ab und zu hab ich noch Verbindungsprobleme mit dem Internet z.B. Heute Morgen ob das mit dem Tojaner zusammenhängt, kann ich leider nicht beurteilen (hat man glaube ich auch in den Extende OTL Report gesehen) Was mich interessieren würde ist, ob das Teil passiv verankert bleibt und etwaige Kommunikation / Daten liest und weiterverwendet? Da ich Leihe bin, habe ich da natürlich etwas Sorge. Gruß und Danke nochmals für die schnelle Reaktion und Antwort VG Sascha |
|
21.06.2012, 14:21
| #6 |
| | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi, wir prüfen noch auf Rootkit... Nein, das Teil erpresst den Nutzer indem es die Daten verschlüsselt. Gegen bares gibt es dann (vielleicht) ein Entschlüsselungsprogramm... TDSS-Killer Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)! Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe. Stelle den Killer wir folgt ein:  Dann den Scan starten durch (Start Scan). Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten... chris
__________________ --> GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! |
|
21.06.2012, 15:42
| #7 |
| | GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! Hi Chris, meinst du den Log anbei? Code:
ATTFilter 16:16:24.0161 7256 TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
16:16:26.0174 7256 ============================================================
16:16:26.0174 7256 Current date / time: 2012/06/21 16:16:26.0174
16:16:26.0174 7256 SystemInfo:
16:16:26.0174 7256
16:16:26.0174 7256 OS Version: 6.1.7601 ServicePack: 1.0
16:16:26.0174 7256 Product type: Workstation
16:16:26.0174 7256 ComputerName: ...-LAP1
16:16:26.0174 7256 UserName: ...
16:16:26.0174 7256 Windows directory: C:\Windows
16:16:26.0174 7256 System windows directory: C:\Windows
16:16:26.0174 7256 Running under WOW64
16:16:26.0174 7256 Processor architecture: Intel x64
16:16:26.0174 7256 Number of processors: 4
16:16:26.0174 7256 Page size: 0x1000
16:16:26.0174 7256 Boot type: Normal boot
16:16:26.0174 7256 ============================================================
16:16:44.0691 7256 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:16:44.0707 7256 ============================================================
16:16:44.0707 7256 \Device\Harddisk0\DR0:
16:16:44.0707 7256 MBR partitions:
16:16:44.0707 7256 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:16:44.0707 7256 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A8E000
16:16:44.0707 7256 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48AF2000, BlocksNum 0x1D32000
16:16:44.0707 7256 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
16:16:44.0707 7256 ============================================================
16:16:44.0722 7256 C: <-> \Device\Harddisk0\DR0\Partition1
16:16:44.0769 7256 D: <-> \Device\Harddisk0\DR0\Partition2
16:16:44.0785 7256 ============================================================
16:16:44.0785 7256 Initialize success
16:16:44.0785 7256 ============================================================
16:17:35.0313 6576 ============================================================
16:17:35.0313 6576 Scan started
16:17:35.0313 6576 Mode: Manual; SigCheck; TDLFS;
16:17:35.0313 6576 ============================================================
16:17:37.0263 6576 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:17:37.0404 6576 1394ohci - ok
16:17:37.0513 6576 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:17:37.0575 6576 a2acc - ok
16:17:38.0043 6576 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:17:38.0168 6576 a2AntiMalware - ok
16:17:38.0262 6576 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:17:38.0308 6576 A2DDA - ok
16:17:38.0340 6576 a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:17:38.0371 6576 a2injectiondriver - ok
16:17:38.0386 6576 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:17:38.0402 6576 a2util - ok
16:17:38.0652 6576 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:17:38.0683 6576 Accelerometer - ok
16:17:38.0776 6576 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:17:38.0808 6576 ACPI - ok
16:17:38.0839 6576 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:17:38.0932 6576 AcpiPmi - ok
16:17:38.0995 6576 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:17:39.0042 6576 adp94xx - ok
16:17:39.0088 6576 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:17:39.0135 6576 adpahci - ok
16:17:39.0198 6576 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:17:39.0260 6576 adpu320 - ok
16:17:39.0307 6576 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:17:39.0447 6576 AeLookupSvc - ok
16:17:39.0556 6576 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
16:17:39.0650 6576 AESTFilters - ok
16:17:39.0759 6576 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:17:39.0822 6576 AFD - ok
16:17:39.0868 6576 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:17:39.0900 6576 agp440 - ok
16:17:39.0915 6576 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:17:40.0009 6576 ALG - ok
16:17:40.0040 6576 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:17:40.0056 6576 aliide - ok
16:17:40.0102 6576 AMD External Events Utility (c6eea8769226dacb1585fe23beb4af23) C:\Windows\system32\atiesrxx.exe
16:17:40.0180 6576 AMD External Events Utility - ok
16:17:40.0196 6576 AMD FUEL Service - ok
16:17:40.0227 6576 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
16:17:40.0258 6576 AMD Reservation Manager - ok
16:17:40.0274 6576 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:17:40.0305 6576 amdide - ok
16:17:40.0336 6576 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:17:40.0368 6576 amdiox64 - ok
16:17:40.0383 6576 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:17:40.0461 6576 AmdK8 - ok
16:17:41.0226 6576 amdkmdag (98e20c5a39fea1920031d3850004b334) C:\Windows\system32\DRIVERS\atikmdag.sys
16:17:41.0662 6576 amdkmdag - ok
16:17:41.0881 6576 amdkmdap (8624dc7b8d22daf28f5438735095f6c4) C:\Windows\system32\DRIVERS\atikmpag.sys
16:17:41.0959 6576 amdkmdap - ok
16:17:41.0990 6576 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:17:42.0068 6576 AmdPPM - ok
16:17:42.0162 6576 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:17:42.0177 6576 amdsata - ok
16:17:42.0224 6576 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:17:42.0255 6576 amdsbs - ok
16:17:42.0286 6576 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:17:42.0302 6576 amdxata - ok
16:17:42.0318 6576 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:17:42.0474 6576 AppID - ok
16:17:42.0536 6576 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:17:42.0598 6576 AppIDSvc - ok
16:17:42.0645 6576 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:17:42.0739 6576 Appinfo - ok
16:17:43.0082 6576 AR5416 (3ab3dac7d89283c1aaaabe75380a35ec) C:\Windows\system32\DRIVERS\athwx.sys
16:17:43.0191 6576 AR5416 - ok
16:17:43.0332 6576 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:17:43.0394 6576 arc - ok
16:17:43.0394 6576 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:17:43.0425 6576 arcsas - ok
16:17:43.0441 6576 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:17:43.0534 6576 AsyncMac - ok
16:17:43.0566 6576 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:17:43.0581 6576 atapi - ok
16:17:43.0784 6576 athr (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
16:17:43.0893 6576 athr - ok
16:17:44.0080 6576 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
16:17:44.0112 6576 AtiHdmiService - ok
16:17:44.0158 6576 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
16:17:44.0174 6576 AtiPcie - ok
16:17:44.0252 6576 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:17:44.0330 6576 AudioEndpointBuilder - ok
16:17:44.0330 6576 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:17:44.0392 6576 AudioSrv - ok
16:17:44.0424 6576 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:17:44.0642 6576 AxInstSV - ok
16:17:44.0704 6576 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:17:44.0767 6576 b06bdrv - ok
16:17:44.0814 6576 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:17:44.0860 6576 b57nd60a - ok
16:17:45.0063 6576 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:17:45.0141 6576 BBSvc - ok
16:17:45.0250 6576 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:17:45.0360 6576 BBUpdate - ok
16:17:45.0391 6576 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:17:45.0438 6576 BDESVC - ok
16:17:45.0484 6576 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:17:45.0594 6576 Beep - ok
16:17:45.0687 6576 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:17:45.0781 6576 BFE - ok
16:17:45.0874 6576 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:17:45.0984 6576 BITS - ok
16:17:46.0046 6576 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:17:46.0108 6576 blbdrive - ok
16:17:46.0171 6576 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:17:46.0218 6576 bowser - ok
16:17:46.0249 6576 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:17:46.0327 6576 BrFiltLo - ok
16:17:46.0342 6576 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:17:46.0374 6576 BrFiltUp - ok
16:17:46.0405 6576 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:17:46.0467 6576 Browser - ok
16:17:46.0514 6576 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:17:46.0576 6576 Brserid - ok
16:17:46.0608 6576 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:17:46.0654 6576 BrSerWdm - ok
16:17:46.0670 6576 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:17:46.0717 6576 BrUsbMdm - ok
16:17:46.0732 6576 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:17:46.0764 6576 BrUsbSer - ok
16:17:46.0779 6576 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:17:46.0826 6576 BTHMODEM - ok
16:17:46.0857 6576 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:17:46.0935 6576 bthserv - ok
16:17:46.0966 6576 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:17:47.0029 6576 cdfs - ok
16:17:47.0076 6576 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:17:47.0138 6576 cdrom - ok
16:17:47.0169 6576 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:17:47.0278 6576 CertPropSvc - ok
16:17:47.0310 6576 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:17:47.0356 6576 circlass - ok
16:17:47.0434 6576 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:17:47.0481 6576 CLFS - ok
16:17:47.0528 6576 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:17:47.0559 6576 clr_optimization_v2.0.50727_32 - ok
16:17:47.0606 6576 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:17:47.0637 6576 clr_optimization_v2.0.50727_64 - ok
16:17:47.0700 6576 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:17:47.0731 6576 clr_optimization_v4.0.30319_32 - ok
16:17:47.0778 6576 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:17:47.0809 6576 clr_optimization_v4.0.30319_64 - ok
16:17:47.0856 6576 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:17:47.0887 6576 clwvd - ok
16:17:47.0918 6576 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:17:47.0965 6576 CmBatt - ok
16:17:47.0980 6576 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:17:48.0090 6576 cmdide - ok
16:17:48.0230 6576 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:17:48.0292 6576 CNG - ok
16:17:48.0324 6576 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:17:48.0339 6576 Compbatt - ok
16:17:48.0370 6576 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:17:48.0417 6576 CompositeBus - ok
16:17:48.0417 6576 COMSysApp - ok
16:17:48.0448 6576 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:17:48.0464 6576 crcdisk - ok
16:17:48.0511 6576 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:17:48.0589 6576 CryptSvc - ok
16:17:48.0760 6576 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:17:48.0854 6576 cvhsvc - ok
16:17:48.0885 6576 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
16:17:48.0948 6576 dc3d - ok
16:17:49.0010 6576 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:17:49.0088 6576 DcomLaunch - ok
16:17:49.0119 6576 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:17:49.0182 6576 defragsvc - ok
16:17:49.0228 6576 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:17:49.0291 6576 DfsC - ok
16:17:49.0338 6576 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:17:49.0416 6576 Dhcp - ok
16:17:49.0447 6576 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:17:49.0509 6576 discache - ok
16:17:49.0540 6576 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:17:49.0556 6576 Disk - ok
16:17:49.0587 6576 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:17:49.0681 6576 Dnscache - ok
16:17:49.0728 6576 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:17:49.0806 6576 dot3svc - ok
16:17:49.0868 6576 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:17:49.0930 6576 Dot4 - ok
16:17:49.0977 6576 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:17:50.0024 6576 Dot4Print - ok
16:17:50.0040 6576 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:17:50.0071 6576 dot4usb - ok
16:17:50.0118 6576 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:17:50.0180 6576 DPS - ok
16:17:50.0196 6576 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:17:50.0242 6576 drmkaud - ok
16:17:50.0336 6576 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:17:50.0398 6576 DXGKrnl - ok
16:17:50.0430 6576 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:17:50.0508 6576 EapHost - ok
16:17:50.0773 6576 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:17:51.0054 6576 ebdrv - ok
16:17:51.0194 6576 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:17:51.0288 6576 EFS - ok
16:17:51.0412 6576 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:17:51.0490 6576 ehRecvr - ok
16:17:51.0537 6576 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:17:51.0600 6576 ehSched - ok
16:17:51.0678 6576 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:17:51.0724 6576 elxstor - ok
16:17:51.0740 6576 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:17:51.0787 6576 ErrDev - ok
16:17:51.0880 6576 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:17:51.0943 6576 EventSystem - ok
16:17:51.0990 6576 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:17:52.0068 6576 exfat - ok
16:17:52.0114 6576 ezSharedSvc - ok
16:17:52.0146 6576 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:17:52.0224 6576 fastfat - ok
16:17:52.0317 6576 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:17:52.0411 6576 Fax - ok
16:17:52.0458 6576 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:17:52.0504 6576 fdc - ok
16:17:52.0520 6576 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:17:52.0598 6576 fdPHost - ok
16:17:52.0629 6576 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:17:52.0707 6576 FDResPub - ok
16:17:52.0754 6576 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:17:52.0770 6576 FileInfo - ok
16:17:52.0785 6576 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:17:52.0848 6576 Filetrace - ok
16:17:52.0910 6576 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:17:52.0941 6576 flpydisk - ok
16:17:52.0972 6576 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:17:53.0004 6576 FltMgr - ok
16:17:53.0113 6576 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:17:53.0175 6576 FontCache - ok
16:17:53.0253 6576 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:17:53.0316 6576 FontCache3.0.0.0 - ok
16:17:53.0425 6576 FPLService (0dcef328bccd4e1622ea613f84bd3e54) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:17:53.0503 6576 FPLService - ok
16:17:53.0628 6576 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:17:53.0643 6576 FsDepends - ok
16:17:53.0674 6576 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:17:53.0690 6576 Fs_Rec - ok
16:17:53.0737 6576 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:17:53.0768 6576 fvevol - ok
16:17:53.0799 6576 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:17:53.0830 6576 gagp30kx - ok
16:17:53.0924 6576 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:17:54.0018 6576 gpsvc - ok
16:17:54.0127 6576 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:17:54.0174 6576 gupdate - ok
16:17:54.0205 6576 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:17:54.0220 6576 gupdatem - ok
16:17:54.0252 6576 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:17:54.0330 6576 hcw85cir - ok
16:17:54.0376 6576 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:17:54.0423 6576 HdAudAddService - ok
16:17:54.0454 6576 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:17:54.0517 6576 HDAudBus - ok
16:17:54.0548 6576 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:17:54.0579 6576 HidBatt - ok
16:17:54.0626 6576 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:17:54.0673 6576 HidBth - ok
16:17:54.0704 6576 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:17:54.0751 6576 HidIr - ok
16:17:54.0782 6576 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:17:54.0844 6576 hidserv - ok
16:17:54.0860 6576 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:17:54.0891 6576 HidUsb - ok
16:17:54.0922 6576 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:17:54.0985 6576 hkmsvc - ok
16:17:55.0032 6576 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:17:55.0094 6576 HomeGroupListener - ok
16:17:55.0125 6576 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:17:55.0172 6576 HomeGroupProvider - ok
16:17:55.0281 6576 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:17:55.0312 6576 HP Support Assistant Service - ok
16:17:55.0390 6576 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:17:55.0422 6576 HP Wireless Assistant Service - ok
16:17:55.0484 6576 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:17:55.0515 6576 HPClientSvc - ok
16:17:55.0562 6576 HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:17:55.0609 6576 HPDrvMntSvc.exe - ok
16:17:55.0671 6576 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:17:55.0702 6576 hpdskflt - ok
16:17:55.0812 6576 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:17:55.0858 6576 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:17:55.0858 6576 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:17:55.0890 6576 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:17:55.0921 6576 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:17:55.0921 6576 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:17:56.0046 6576 hpqwmiex (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:17:56.0139 6576 hpqwmiex - ok
16:17:56.0295 6576 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:17:56.0358 6576 HpSAMD - ok
16:17:56.0545 6576 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:17:56.0576 6576 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:17:56.0576 6576 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:17:56.0607 6576 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
16:17:56.0654 6576 hpsrv - ok
16:17:56.0716 6576 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:17:56.0748 6576 HPWMISVC - ok
16:17:56.0826 6576 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:17:56.0904 6576 HTTP - ok
16:17:56.0935 6576 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:17:56.0950 6576 hwpolicy - ok
16:17:56.0966 6576 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:17:57.0013 6576 i8042prt - ok
16:17:57.0060 6576 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:17:57.0106 6576 iaStorV - ok
16:17:57.0325 6576 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:17:57.0387 6576 idsvc - ok
16:17:57.0886 6576 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:17:58.0183 6576 igfx - ok
16:17:58.0339 6576 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:17:58.0386 6576 iirsp - ok
16:17:58.0479 6576 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:17:58.0557 6576 IKEEXT - ok
16:17:58.0588 6576 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:17:58.0620 6576 intelide - ok
16:17:58.0635 6576 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:17:58.0682 6576 intelppm - ok
16:17:58.0698 6576 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:17:58.0776 6576 IPBusEnum - ok
16:17:58.0807 6576 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:17:58.0869 6576 IpFilterDriver - ok
16:17:58.0947 6576 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:17:59.0025 6576 iphlpsvc - ok
16:17:59.0041 6576 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:17:59.0088 6576 IPMIDRV - ok
16:17:59.0119 6576 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:17:59.0197 6576 IPNAT - ok
16:17:59.0228 6576 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:17:59.0259 6576 IRENUM - ok
16:17:59.0290 6576 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:17:59.0322 6576 isapnp - ok
16:17:59.0353 6576 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:17:59.0400 6576 iScsiPrt - ok
16:17:59.0446 6576 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:17:59.0478 6576 kbdclass - ok
16:17:59.0524 6576 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:17:59.0571 6576 kbdhid - ok
16:17:59.0587 6576 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:17:59.0618 6576 KeyIso - ok
16:17:59.0665 6576 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:17:59.0680 6576 KSecDD - ok
16:17:59.0696 6576 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:17:59.0727 6576 KSecPkg - ok
16:17:59.0758 6576 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:17:59.0852 6576 ksthunk - ok
16:17:59.0899 6576 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:17:59.0977 6576 KtmRm - ok
16:18:00.0055 6576 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:18:00.0148 6576 LanmanServer - ok
16:18:00.0180 6576 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:18:00.0242 6576 LanmanWorkstation - ok
16:18:00.0336 6576 LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:18:00.0414 6576 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:18:00.0414 6576 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:18:00.0445 6576 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:18:00.0538 6576 lltdio - ok
16:18:00.0601 6576 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:18:00.0694 6576 lltdsvc - ok
16:18:00.0710 6576 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:18:00.0772 6576 lmhosts - ok
16:18:00.0804 6576 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:18:00.0835 6576 LSI_FC - ok
16:18:00.0866 6576 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:18:00.0897 6576 LSI_SAS - ok
16:18:00.0913 6576 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:18:00.0944 6576 LSI_SAS2 - ok
16:18:00.0975 6576 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:18:01.0006 6576 LSI_SCSI - ok
16:18:01.0022 6576 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:18:01.0100 6576 luafv - ok
16:18:01.0178 6576 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:18:01.0209 6576 MBAMProtector - ok
16:18:01.0303 6576 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:18:01.0334 6576 MBAMService - ok
16:18:01.0381 6576 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:18:01.0443 6576 Mcx2Svc - ok
16:18:01.0459 6576 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:18:01.0490 6576 megasas - ok
16:18:01.0537 6576 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:18:01.0568 6576 MegaSR - ok
16:18:01.0599 6576 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:18:01.0662 6576 MMCSS - ok
16:18:01.0677 6576 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:18:01.0755 6576 Modem - ok
16:18:01.0786 6576 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:18:01.0833 6576 monitor - ok
16:18:01.0864 6576 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:18:01.0896 6576 mouclass - ok
16:18:01.0927 6576 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:18:01.0974 6576 mouhid - ok
16:18:02.0005 6576 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:18:02.0020 6576 mountmgr - ok
16:18:02.0067 6576 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:18:02.0098 6576 mpio - ok
16:18:02.0130 6576 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:18:02.0208 6576 mpsdrv - ok
16:18:02.0301 6576 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:18:02.0364 6576 MpsSvc - ok
16:18:02.0410 6576 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:18:02.0457 6576 MRxDAV - ok
16:18:02.0520 6576 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:02.0566 6576 mrxsmb - ok
16:18:02.0629 6576 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:02.0691 6576 mrxsmb10 - ok
16:18:02.0738 6576 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:02.0769 6576 mrxsmb20 - ok
16:18:02.0785 6576 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:18:02.0800 6576 msahci - ok
16:18:02.0847 6576 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:18:02.0878 6576 msdsm - ok
16:18:02.0925 6576 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:18:02.0988 6576 MSDTC - ok
16:18:03.0081 6576 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:18:03.0128 6576 Msfs - ok
16:18:03.0144 6576 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:18:03.0190 6576 mshidkmdf - ok
16:18:03.0222 6576 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:18:03.0237 6576 msisadrv - ok
16:18:03.0284 6576 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:18:03.0346 6576 MSiSCSI - ok
16:18:03.0362 6576 msiserver - ok
16:18:03.0393 6576 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:18:03.0456 6576 MSKSSRV - ok
16:18:03.0456 6576 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:03.0534 6576 MSPCLOCK - ok
16:18:03.0549 6576 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:18:03.0612 6576 MSPQM - ok
16:18:03.0658 6576 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:18:03.0690 6576 MsRPC - ok
16:18:03.0721 6576 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:18:03.0752 6576 mssmbios - ok
16:18:03.0768 6576 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:18:03.0830 6576 MSTEE - ok
16:18:03.0846 6576 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:18:03.0877 6576 MTConfig - ok
16:18:03.0908 6576 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:18:03.0924 6576 Mup - ok
16:18:03.0986 6576 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:18:04.0064 6576 napagent - ok
16:18:04.0111 6576 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:18:04.0173 6576 NativeWifiP - ok
16:18:04.0251 6576 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:18:04.0298 6576 NDIS - ok
16:18:04.0314 6576 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:18:04.0392 6576 NdisCap - ok
16:18:04.0407 6576 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:04.0470 6576 NdisTapi - ok
16:18:04.0548 6576 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:04.0626 6576 Ndisuio - ok
16:18:04.0657 6576 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:04.0735 6576 NdisWan - ok
16:18:04.0782 6576 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:18:04.0860 6576 NDProxy - ok
16:18:04.0891 6576 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
16:18:04.0922 6576 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:04.0922 6576 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:04.0969 6576 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:18:05.0062 6576 NetBIOS - ok
16:18:05.0109 6576 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:18:05.0156 6576 NetBT - ok
16:18:05.0187 6576 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:05.0203 6576 Netlogon - ok
16:18:05.0250 6576 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:18:05.0328 6576 Netman - ok
16:18:05.0374 6576 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:18:05.0437 6576 netprofm - ok
16:18:05.0499 6576 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:18:05.0546 6576 NetTcpPortSharing - ok
16:18:05.0967 6576 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
16:18:06.0264 6576 netw5v64 - ok
16:18:06.0420 6576 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:18:06.0466 6576 nfrd960 - ok
16:18:06.0529 6576 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:18:06.0607 6576 NlaSvc - ok
16:18:06.0638 6576 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:18:06.0685 6576 Npfs - ok
16:18:06.0700 6576 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:18:06.0778 6576 nsi - ok
16:18:06.0794 6576 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:18:06.0856 6576 nsiproxy - ok
16:18:07.0012 6576 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:18:07.0059 6576 Ntfs - ok
16:18:07.0200 6576 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:18:07.0293 6576 Null - ok
16:18:07.0324 6576 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:18:07.0387 6576 nusb3hub - ok
16:18:07.0418 6576 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:18:07.0465 6576 nusb3xhc - ok
16:18:07.0496 6576 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:18:07.0558 6576 nvraid - ok
16:18:07.0590 6576 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:18:07.0621 6576 nvstor - ok
16:18:07.0636 6576 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:18:07.0668 6576 nv_agp - ok
16:18:07.0714 6576 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:18:07.0761 6576 ohci1394 - ok
16:18:08.0042 6576 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:18:08.0089 6576 ose - ok
16:18:08.0588 6576 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:18:08.0869 6576 osppsvc - ok
16:18:09.0040 6576 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:18:09.0118 6576 p2pimsvc - ok
16:18:09.0181 6576 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:18:09.0212 6576 p2psvc - ok
16:18:09.0290 6576 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:18:09.0337 6576 Parport - ok
16:18:09.0368 6576 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:18:09.0399 6576 partmgr - ok
16:18:09.0446 6576 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:18:09.0493 6576 PcaSvc - ok
16:18:09.0524 6576 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:18:09.0555 6576 pci - ok
16:18:09.0571 6576 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:18:09.0586 6576 pciide - ok
16:18:09.0633 6576 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:18:09.0664 6576 pcmcia - ok
16:18:09.0696 6576 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:18:09.0711 6576 pcw - ok
16:18:09.0805 6576 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:18:09.0914 6576 PEAUTH - ok
16:18:10.0008 6576 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:18:10.0086 6576 PerfHost - ok
16:18:10.0226 6576 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:18:10.0304 6576 pla - ok
16:18:10.0366 6576 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:18:10.0413 6576 PlugPlay - ok
16:18:10.0444 6576 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
16:18:10.0491 6576 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:10.0491 6576 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:10.0507 6576 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:18:10.0538 6576 PNRPAutoReg - ok
16:18:10.0585 6576 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:18:10.0616 6576 PNRPsvc - ok
16:18:10.0663 6576 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
16:18:10.0694 6576 Point64 - ok
16:18:10.0756 6576 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:18:10.0850 6576 PolicyAgent - ok
16:18:10.0881 6576 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:18:10.0959 6576 Power - ok
16:18:10.0990 6576 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:18:11.0068 6576 PptpMiniport - ok
16:18:11.0100 6576 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:18:11.0131 6576 Processor - ok
16:18:11.0178 6576 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:18:11.0256 6576 ProfSvc - ok
16:18:11.0287 6576 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:11.0318 6576 ProtectedStorage - ok
16:18:11.0365 6576 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:18:11.0427 6576 Psched - ok
16:18:11.0568 6576 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:18:11.0646 6576 ql2300 - ok
16:18:11.0802 6576 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:18:11.0864 6576 ql40xx - ok
16:18:11.0895 6576 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:18:11.0942 6576 QWAVE - ok
16:18:11.0958 6576 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:18:12.0020 6576 QWAVEdrv - ok
16:18:12.0036 6576 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:18:12.0098 6576 RasAcd - ok
16:18:12.0238 6576 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:18:12.0332 6576 RasAgileVpn - ok
16:18:12.0348 6576 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:18:12.0426 6576 RasAuto - ok
16:18:12.0457 6576 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:18:12.0535 6576 Rasl2tp - ok
16:18:12.0582 6576 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:18:12.0691 6576 RasMan - ok
16:18:12.0722 6576 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:18:12.0816 6576 RasPppoe - ok
16:18:12.0816 6576 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:18:12.0894 6576 RasSstp - ok
16:18:12.0925 6576 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:18:12.0987 6576 rdbss - ok
16:18:13.0018 6576 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:18:13.0065 6576 rdpbus - ok
16:18:13.0081 6576 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:18:13.0143 6576 RDPCDD - ok
16:18:13.0159 6576 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:18:13.0221 6576 RDPENCDD - ok
16:18:13.0252 6576 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:18:13.0315 6576 RDPREFMP - ok
16:18:13.0346 6576 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:18:13.0424 6576 RDPWD - ok
16:18:13.0471 6576 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:18:13.0486 6576 rdyboost - ok
16:18:13.0533 6576 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:18:13.0611 6576 RemoteAccess - ok
16:18:13.0658 6576 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:18:13.0720 6576 RemoteRegistry - ok
16:18:13.0736 6576 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:18:13.0798 6576 RpcEptMapper - ok
16:18:13.0814 6576 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:18:13.0861 6576 RpcLocator - ok
16:18:13.0923 6576 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:18:13.0986 6576 RpcSs - ok
16:18:14.0032 6576 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:18:14.0064 6576 RSPCIESTOR - ok
16:18:14.0095 6576 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:18:14.0157 6576 rspndr - ok
16:18:14.0235 6576 RTL8167 (5d6a444bd37b52ff846387c87dcdf98a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:18:14.0266 6576 RTL8167 - ok
16:18:14.0298 6576 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:14.0313 6576 SamSs - ok
16:18:14.0360 6576 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:18:14.0391 6576 sbp2port - ok
16:18:14.0422 6576 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:18:14.0485 6576 SCardSvr - ok
16:18:14.0516 6576 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:18:14.0578 6576 scfilter - ok
16:18:14.0688 6576 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:18:14.0766 6576 Schedule - ok
16:18:14.0812 6576 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:18:14.0859 6576 SCPolicySvc - ok
16:18:14.0890 6576 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:18:14.0953 6576 sdbus - ok
16:18:14.0984 6576 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:18:15.0062 6576 SDRSVC - ok
16:18:15.0093 6576 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:18:15.0156 6576 secdrv - ok
16:18:15.0187 6576 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:18:15.0249 6576 seclogon - ok
16:18:15.0280 6576 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:18:15.0343 6576 SENS - ok
16:18:15.0390 6576 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:18:15.0436 6576 SensrSvc - ok
16:18:15.0468 6576 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:18:15.0530 6576 Serenum - ok
16:18:15.0561 6576 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:18:15.0608 6576 Serial - ok
16:18:15.0639 6576 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:18:15.0686 6576 sermouse - ok
16:18:15.0733 6576 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:18:15.0842 6576 SessionEnv - ok
16:18:15.0967 6576 SfCtlCom (52c525bf4d78125a5064d0d1705f04b6) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
16:18:16.0014 6576 SfCtlCom - ok
16:18:16.0045 6576 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:18:16.0092 6576 sffdisk - ok
16:18:16.0107 6576 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:18:16.0154 6576 sffp_mmc - ok
16:18:16.0170 6576 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:18:16.0216 6576 sffp_sd - ok
16:18:16.0232 6576 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:18:16.0263 6576 sfloppy - ok
16:18:16.0372 6576 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:18:16.0435 6576 Sftfs - ok
16:18:16.0560 6576 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:18:16.0669 6576 sftlist - ok
16:18:16.0716 6576 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:18:16.0747 6576 Sftplay - ok
16:18:16.0778 6576 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:18:16.0794 6576 Sftredir - ok
16:18:16.0825 6576 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:18:16.0840 6576 Sftvol - ok
16:18:16.0887 6576 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:18:16.0950 6576 sftvsa - ok
16:18:17.0028 6576 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:18:17.0106 6576 SharedAccess - ok
16:18:17.0199 6576 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:18:17.0293 6576 ShellHWDetection - ok
16:18:17.0308 6576 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:18:17.0340 6576 SiSRaid2 - ok
16:18:17.0355 6576 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:18:17.0386 6576 SiSRaid4 - ok
16:18:17.0418 6576 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:18:17.0480 6576 Smb - ok
16:18:17.0496 6576 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:18:17.0542 6576 SNMPTRAP - ok
16:18:17.0574 6576 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:18:17.0589 6576 spldr - ok
16:18:17.0652 6576 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:18:17.0730 6576 Spooler - ok
16:18:18.0026 6576 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:18:18.0135 6576 sppsvc - ok
16:18:18.0260 6576 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:18:18.0354 6576 sppuinotify - ok
16:18:18.0447 6576 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:18:18.0525 6576 srv - ok
16:18:18.0603 6576 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:18:18.0650 6576 srv2 - ok
16:18:18.0697 6576 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:18:18.0744 6576 SrvHsfHDA - ok
16:18:18.0868 6576 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:18:18.0946 6576 SrvHsfV92 - ok
16:18:19.0149 6576 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:18:19.0227 6576 SrvHsfWinac - ok
16:18:19.0274 6576 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:18:19.0305 6576 srvnet - ok
16:18:19.0336 6576 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:18:19.0446 6576 SSDPSRV - ok
16:18:19.0477 6576 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:18:19.0524 6576 SstpSvc - ok
16:18:19.0648 6576 STacSV (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe
16:18:19.0726 6576 STacSV - ok
16:18:19.0758 6576 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:18:19.0773 6576 stexstor - ok
16:18:19.0836 6576 STHDA (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
16:18:19.0898 6576 STHDA - ok
16:18:19.0945 6576 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
16:18:19.0992 6576 StillCam - ok
16:18:20.0070 6576 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:18:20.0132 6576 stisvc - ok
16:18:20.0148 6576 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:18:20.0179 6576 swenum - ok
16:18:20.0257 6576 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:18:20.0350 6576 swprv - ok
16:18:20.0475 6576 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
16:18:20.0538 6576 SynTP - ok
16:18:20.0834 6576 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:18:20.0896 6576 SysMain - ok
16:18:21.0037 6576 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:18:21.0130 6576 TabletInputService - ok
16:18:21.0162 6576 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:18:21.0271 6576 TapiSrv - ok
16:18:21.0302 6576 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:18:21.0380 6576 TBS - ok
16:18:21.0598 6576 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:18:21.0661 6576 Tcpip - ok
16:18:21.0988 6576 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:18:22.0051 6576 TCPIP6 - ok
16:18:22.0222 6576 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:18:22.0316 6576 tcpipreg - ok
16:18:22.0332 6576 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:18:22.0394 6576 TDPIPE - ok
16:18:22.0425 6576 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:18:22.0472 6576 TDTCP - ok
16:18:22.0519 6576 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:18:22.0581 6576 tdx - ok
16:18:22.0612 6576 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:18:22.0644 6576 TermDD - ok
16:18:22.0706 6576 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:18:22.0784 6576 TermService - ok
16:18:22.0800 6576 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:18:22.0846 6576 Themes - ok
16:18:22.0878 6576 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:18:22.0924 6576 THREADORDER - ok
16:18:23.0034 6576 TMBMServer (963c903e5176c5cdcae321d48635b21f) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
16:18:23.0096 6576 TMBMServer - ok
16:18:23.0174 6576 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\Windows\system32\DRIVERS\tmlwf.sys
16:18:23.0236 6576 tmlwf - ok
16:18:23.0346 6576 TmPfw (c52867f238ef1aafcd35f8d134b8ab10) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
16:18:23.0408 6576 TmPfw - ok
16:18:23.0455 6576 tmpreflt (1889f49a828b1cf0e2866cdd325875b0) C:\Windows\system32\DRIVERS\tmpreflt.sys
16:18:23.0470 6576 tmpreflt - ok
16:18:23.0595 6576 TmProxy (3ae913b4fbf06ee49831ff9db2330830) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
16:18:23.0642 6576 TmProxy - ok
16:18:23.0673 6576 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
16:18:23.0704 6576 tmtdi - ok
16:18:23.0767 6576 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\Windows\system32\DRIVERS\tmwfp.sys
16:18:23.0798 6576 tmwfp - ok
16:18:23.0860 6576 tmxpflt (8b97ba7e28bd39a2bc4a2bb66a83fec0) C:\Windows\system32\DRIVERS\tmxpflt.sys
16:18:23.0907 6576 tmxpflt - ok
16:18:23.0923 6576 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:18:24.0001 6576 TrkWks - ok
16:18:24.0063 6576 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:18:24.0172 6576 TrustedInstaller - ok
16:18:24.0204 6576 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:18:24.0266 6576 tssecsrv - ok
16:18:24.0313 6576 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:18:24.0375 6576 TsUsbFlt - ok
16:18:24.0406 6576 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:18:24.0469 6576 tunnel - ok
16:18:24.0516 6576 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:18:24.0547 6576 uagp35 - ok
16:18:24.0594 6576 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:18:24.0656 6576 udfs - ok
16:18:24.0703 6576 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:18:24.0750 6576 UI0Detect - ok
16:18:24.0781 6576 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:18:24.0812 6576 uliagpkx - ok
16:18:24.0828 6576 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:18:24.0859 6576 umbus - ok
16:18:24.0890 6576 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:18:24.0921 6576 UmPass - ok
16:18:24.0984 6576 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:18:25.0077 6576 upnphost - ok
16:18:25.0108 6576 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:18:25.0171 6576 usbccgp - ok
16:18:25.0202 6576 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:18:25.0233 6576 usbcir - ok
16:18:25.0264 6576 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:18:25.0296 6576 usbehci - ok
16:18:25.0342 6576 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
16:18:25.0389 6576 usbfilter - ok
16:18:25.0467 6576 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:18:25.0545 6576 usbhub - ok
16:18:25.0576 6576 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:18:25.0608 6576 usbohci - ok
16:18:25.0639 6576 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:18:25.0686 6576 usbprint - ok
16:18:25.0748 6576 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:18:25.0795 6576 usbscan - ok
16:18:25.0826 6576 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:18:25.0888 6576 USBSTOR - ok
16:18:25.0920 6576 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:18:25.0951 6576 usbuhci - ok
16:18:25.0998 6576 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:18:26.0060 6576 usbvideo - ok
16:18:26.0091 6576 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:18:26.0154 6576 UxSms - ok
16:18:26.0169 6576 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:26.0200 6576 VaultSvc - ok
16:18:26.0216 6576 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:18:26.0232 6576 vdrvroot - ok
16:18:26.0294 6576 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:18:26.0388 6576 vds - ok
16:18:26.0403 6576 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:18:26.0434 6576 vga - ok
16:18:26.0466 6576 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:18:26.0528 6576 VgaSave - ok
16:18:26.0575 6576 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:18:26.0622 6576 vhdmp - ok
16:18:26.0637 6576 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:18:26.0668 6576 viaide - ok
16:18:26.0684 6576 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:18:26.0700 6576 volmgr - ok
16:18:26.0778 6576 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:18:26.0793 6576 volmgrx - ok
16:18:26.0840 6576 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:18:26.0871 6576 volsnap - ok
16:18:27.0043 6576 vsapint (3a5862d9a4fe4bbb2ffa1700e2b21b9b) C:\Windows\system32\DRIVERS\vsapint.sys
16:18:27.0136 6576 vsapint - ok
16:18:27.0464 6576 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:18:27.0526 6576 vsmraid - ok
16:18:27.0667 6576 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:18:27.0760 6576 VSS - ok
16:18:27.0901 6576 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:18:27.0979 6576 vwifibus - ok
16:18:28.0026 6576 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:18:28.0119 6576 vwififlt - ok
16:18:28.0150 6576 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:18:28.0197 6576 vwifimp - ok
16:18:28.0244 6576 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:18:28.0322 6576 W32Time - ok
16:18:28.0338 6576 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:18:28.0384 6576 WacomPen - ok
16:18:28.0416 6576 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:28.0494 6576 WANARP - ok
16:18:28.0509 6576 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:28.0556 6576 Wanarpv6 - ok
16:18:28.0712 6576 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:18:28.0774 6576 wbengine - ok
16:18:28.0946 6576 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:18:29.0008 6576 WbioSrvc - ok
16:18:29.0071 6576 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:18:29.0102 6576 wcncsvc - ok
16:18:29.0133 6576 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:18:29.0180 6576 WcsPlugInService - ok
16:18:29.0227 6576 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:18:29.0274 6576 Wd - ok
16:18:29.0352 6576 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:18:29.0383 6576 Wdf01000 - ok
16:18:29.0414 6576 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:18:29.0523 6576 WdiServiceHost - ok
16:18:29.0523 6576 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:18:29.0554 6576 WdiSystemHost - ok
16:18:29.0601 6576 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:18:29.0648 6576 WebClient - ok
16:18:29.0679 6576 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:18:29.0742 6576 Wecsvc - ok
16:18:29.0773 6576 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:18:29.0851 6576 wercplsupport - ok
16:18:29.0866 6576 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:18:29.0944 6576 WerSvc - ok
16:18:29.0976 6576 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:18:30.0038 6576 WfpLwf - ok
16:18:30.0038 6576 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:18:30.0069 6576 WIMMount - ok
16:18:30.0116 6576 WinDefend - ok
16:18:30.0116 6576 WinHttpAutoProxySvc - ok
16:18:30.0178 6576 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:18:30.0272 6576 Winmgmt - ok
16:18:30.0459 6576 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:18:30.0553 6576 WinRM - ok
16:18:30.0771 6576 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:18:30.0818 6576 WinUsb - ok
16:18:30.0927 6576 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:18:30.0958 6576 Wlansvc - ok
16:18:31.0068 6576 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:18:31.0099 6576 wlcrasvc - ok
16:18:31.0333 6576 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:18:31.0426 6576 wlidsvc - ok
16:18:31.0582 6576 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:18:31.0645 6576 WmiAcpi - ok
16:18:31.0707 6576 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:18:31.0785 6576 wmiApSrv - ok
16:18:31.0832 6576 WMPNetworkSvc - ok
16:18:31.0879 6576 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:18:31.0941 6576 WPCSvc - ok
16:18:31.0988 6576 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:18:32.0066 6576 WPDBusEnum - ok
16:18:32.0097 6576 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:18:32.0160 6576 ws2ifsl - ok
16:18:32.0191 6576 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:18:32.0253 6576 wscsvc - ok
16:18:32.0253 6576 WSearch - ok
16:18:32.0456 6576 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:18:32.0534 6576 wuauserv - ok
16:18:32.0690 6576 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:18:32.0784 6576 WudfPf - ok
16:18:32.0815 6576 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:18:32.0877 6576 WUDFRd - ok
16:18:32.0908 6576 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:18:32.0971 6576 wudfsvc - ok
16:18:33.0033 6576 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:18:33.0096 6576 WwanSvc - ok
16:18:33.0158 6576 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
16:18:33.0220 6576 yukonw7 - ok
16:18:33.0252 6576 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:18:33.0688 6576 \Device\Harddisk0\DR0 - ok
16:18:33.0704 6576 Boot (0x1200) (6c4ac01224932aa3e7b28942214e7aa3) \Device\Harddisk0\DR0\Partition0
16:18:33.0704 6576 \Device\Harddisk0\DR0\Partition0 - ok
16:18:33.0720 6576 Boot (0x1200) (a658c0bbed514bdc8e7a9203f55f0706) \Device\Harddisk0\DR0\Partition1
16:18:33.0720 6576 \Device\Harddisk0\DR0\Partition1 - ok
16:18:33.0751 6576 Boot (0x1200) (d46a3289f794abb084f50b752566b7a3) \Device\Harddisk0\DR0\Partition2
16:18:33.0751 6576 \Device\Harddisk0\DR0\Partition2 - ok
16:18:33.0813 6576 Boot (0x1200) (5007b345a485cc457e429edf1bd7d4b1) \Device\Harddisk0\DR0\Partition3
16:18:33.0813 6576 \Device\Harddisk0\DR0\Partition3 - ok
16:18:33.0813 6576 ============================================================
16:18:33.0813 6576 Scan finished
16:18:33.0813 6576 ============================================================
16:18:33.0829 7412 Detected object count: 6
16:18:33.0829 7412 Actual detected object count: 6
16:19:36.0494 7412 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:19:36.0494 7412 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:19:36.0494 7412 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:19:36.0510 7412 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:19:36.0510 7412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:19:36.0510 7412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:20:28.0111 8176 ============================================================
16:20:28.0111 8176 Scan started
16:20:28.0111 8176 Mode: Manual; SigCheck; TDLFS;
16:20:28.0111 8176 ============================================================
16:20:28.0547 8176 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:20:28.0579 8176 1394ohci - ok
16:20:28.0672 8176 a2acc (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:20:28.0719 8176 a2acc - ok
16:20:28.0953 8176 a2AntiMalware (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:20:29.0031 8176 a2AntiMalware - ok
16:20:29.0109 8176 A2DDA (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:20:29.0140 8176 A2DDA - ok
16:20:29.0156 8176 a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:20:29.0171 8176 a2injectiondriver - ok
16:20:29.0203 8176 a2util (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:20:29.0218 8176 a2util - ok
16:20:29.0374 8176 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:20:29.0405 8176 Accelerometer - ok
16:20:29.0452 8176 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:20:29.0468 8176 ACPI - ok
16:20:29.0483 8176 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:20:29.0515 8176 AcpiPmi - ok
16:20:29.0577 8176 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:20:29.0624 8176 adp94xx - ok
16:20:29.0671 8176 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:20:29.0702 8176 adpahci - ok
16:20:29.0733 8176 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:20:29.0749 8176 adpu320 - ok
16:20:29.0780 8176 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:20:29.0827 8176 AeLookupSvc - ok
16:20:29.0920 8176 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
16:20:29.0951 8176 AESTFilters - ok
16:20:30.0029 8176 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:20:30.0061 8176 AFD - ok
16:20:30.0092 8176 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:20:30.0107 8176 agp440 - ok
16:20:30.0139 8176 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:20:30.0170 8176 ALG - ok
16:20:30.0185 8176 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:20:30.0201 8176 aliide - ok
16:20:30.0248 8176 AMD External Events Utility (c6eea8769226dacb1585fe23beb4af23) C:\Windows\system32\atiesrxx.exe
16:20:30.0263 8176 AMD External Events Utility - ok
16:20:30.0279 8176 AMD FUEL Service - ok
16:20:30.0310 8176 AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
16:20:30.0326 8176 AMD Reservation Manager - ok
16:20:30.0357 8176 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:20:30.0373 8176 amdide - ok
16:20:30.0388 8176 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:20:30.0388 8176 amdiox64 - ok
16:20:30.0419 8176 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:20:30.0435 8176 AmdK8 - ok
16:20:31.0075 8176 amdkmdag (98e20c5a39fea1920031d3850004b334) C:\Windows\system32\DRIVERS\atikmdag.sys
16:20:31.0215 8176 amdkmdag - ok
16:20:31.0387 8176 amdkmdap (8624dc7b8d22daf28f5438735095f6c4) C:\Windows\system32\DRIVERS\atikmpag.sys
16:20:31.0402 8176 amdkmdap - ok
16:20:31.0433 8176 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:20:31.0465 8176 AmdPPM - ok
16:20:31.0496 8176 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:20:31.0511 8176 amdsata - ok
16:20:31.0543 8176 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:20:31.0558 8176 amdsbs - ok
16:20:31.0605 8176 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:20:31.0621 8176 amdxata - ok
16:20:31.0636 8176 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:20:31.0683 8176 AppID - ok
16:20:31.0714 8176 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:20:31.0761 8176 AppIDSvc - ok
16:20:31.0792 8176 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:20:31.0839 8176 Appinfo - ok
16:20:32.0057 8176 AR5416 (3ab3dac7d89283c1aaaabe75380a35ec) C:\Windows\system32\DRIVERS\athwx.sys
16:20:32.0135 8176 AR5416 - ok
16:20:32.0291 8176 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:20:32.0323 8176 arc - ok
16:20:32.0338 8176 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:20:32.0369 8176 arcsas - ok
16:20:32.0369 8176 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:20:32.0416 8176 AsyncMac - ok
16:20:32.0447 8176 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:20:32.0463 8176 atapi - ok
16:20:32.0666 8176 athr (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
16:20:32.0744 8176 athr - ok
16:20:32.0900 8176 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
16:20:32.0915 8176 AtiHdmiService - ok
16:20:32.0931 8176 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
16:20:32.0947 8176 AtiPcie - ok
16:20:33.0025 8176 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:20:33.0071 8176 AudioEndpointBuilder - ok
16:20:33.0087 8176 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:20:33.0149 8176 AudioSrv - ok
16:20:33.0181 8176 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:20:33.0227 8176 AxInstSV - ok
16:20:33.0290 8176 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:20:33.0337 8176 b06bdrv - ok
16:20:33.0383 8176 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:20:33.0399 8176 b57nd60a - ok
16:20:33.0539 8176 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:20:33.0571 8176 BBSvc - ok
16:20:33.0664 8176 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:20:33.0742 8176 BBUpdate - ok
16:20:33.0789 8176 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:20:33.0805 8176 BDESVC - ok
16:20:33.0836 8176 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:20:33.0883 8176 Beep - ok
16:20:33.0961 8176 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:20:34.0023 8176 BFE - ok
16:20:34.0132 8176 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:20:34.0195 8176 BITS - ok
16:20:34.0226 8176 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:20:34.0241 8176 blbdrive - ok
16:20:34.0273 8176 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:20:34.0304 8176 bowser - ok
16:20:34.0319 8176 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:20:34.0351 8176 BrFiltLo - ok
16:20:34.0351 8176 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:20:34.0366 8176 BrFiltUp - ok
16:20:34.0397 8176 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:20:34.0444 8176 Browser - ok
16:20:34.0491 8176 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:20:34.0522 8176 Brserid - ok
16:20:34.0538 8176 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:20:34.0553 8176 BrSerWdm - ok
16:20:34.0569 8176 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:20:34.0600 8176 BrUsbMdm - ok
16:20:34.0616 8176 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:20:34.0631 8176 BrUsbSer - ok
16:20:34.0647 8176 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:20:34.0678 8176 BTHMODEM - ok
16:20:34.0709 8176 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:20:34.0756 8176 bthserv - ok
16:20:34.0787 8176 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:20:34.0834 8176 cdfs - ok
16:20:34.0881 8176 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:20:34.0897 8176 cdrom - ok
16:20:34.0928 8176 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:20:34.0975 8176 CertPropSvc - ok
16:20:34.0990 8176 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:20:35.0021 8176 circlass - ok
16:20:35.0068 8176 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:20:35.0084 8176 CLFS - ok
16:20:35.0131 8176 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:20:35.0146 8176 clr_optimization_v2.0.50727_32 - ok
16:20:35.0193 8176 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:20:35.0209 8176 clr_optimization_v2.0.50727_64 - ok
16:20:35.0271 8176 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:20:35.0302 8176 clr_optimization_v4.0.30319_32 - ok
16:20:35.0349 8176 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:20:35.0365 8176 clr_optimization_v4.0.30319_64 - ok
16:20:35.0396 8176 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:20:35.0396 8176 clwvd - ok
16:20:35.0427 8176 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:20:35.0443 8176 CmBatt - ok
16:20:35.0458 8176 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:20:35.0474 8176 cmdide - ok
16:20:35.0536 8176 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:20:35.0567 8176 CNG - ok
16:20:35.0614 8176 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:20:35.0630 8176 Compbatt - ok
16:20:35.0645 8176 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:20:35.0677 8176 CompositeBus - ok
16:20:35.0677 8176 COMSysApp - ok
16:20:35.0708 8176 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:20:35.0723 8176 crcdisk - ok
16:20:35.0770 8176 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:20:35.0833 8176 CryptSvc - ok
16:20:36.0004 8176 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:20:36.0035 8176 cvhsvc - ok
16:20:36.0051 8176 dc3d (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
16:20:36.0082 8176 dc3d - ok
16:20:36.0145 8176 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:20:36.0191 8176 DcomLaunch - ok
16:20:36.0238 8176 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:20:36.0285 8176 defragsvc - ok
16:20:36.0316 8176 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:20:36.0363 8176 DfsC - ok
16:20:36.0441 8176 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:20:36.0503 8176 Dhcp - ok
16:20:36.0535 8176 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:20:36.0581 8176 discache - ok
16:20:36.0613 8176 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:20:36.0628 8176 Disk - ok
16:20:36.0659 8176 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:20:36.0691 8176 Dnscache - ok
16:20:36.0737 8176 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:20:36.0784 8176 dot3svc - ok
16:20:36.0815 8176 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:20:36.0831 8176 Dot4 - ok
16:20:36.0862 8176 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:20:36.0878 8176 Dot4Print - ok
16:20:36.0909 8176 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:20:36.0925 8176 dot4usb - ok
16:20:36.0956 8176 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:20:37.0003 8176 DPS - ok
16:20:37.0034 8176 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:20:37.0049 8176 drmkaud - ok
16:20:37.0159 8176 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:20:37.0190 8176 DXGKrnl - ok
16:20:37.0221 8176 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:20:37.0268 8176 EapHost - ok
16:20:37.0533 8176 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:20:37.0611 8176 ebdrv - ok
16:20:37.0736 8176 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:20:37.0783 8176 EFS - ok
16:20:37.0892 8176 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:20:37.0954 8176 ehRecvr - ok
16:20:38.0095 8176 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:20:38.0141 8176 ehSched - ok
16:20:38.0219 8176 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:20:38.0251 8176 elxstor - ok
16:20:38.0266 8176 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:20:38.0282 8176 ErrDev - ok
16:20:38.0344 8176 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:20:38.0407 8176 EventSystem - ok
16:20:38.0438 8176 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:20:38.0500 8176 exfat - ok
16:20:38.0500 8176 ezSharedSvc - ok
16:20:38.0547 8176 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:20:38.0594 8176 fastfat - ok
16:20:38.0672 8176 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:20:38.0719 8176 Fax - ok
16:20:38.0750 8176 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:20:38.0765 8176 fdc - ok
16:20:38.0797 8176 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:20:38.0843 8176 fdPHost - ok
16:20:38.0859 8176 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:20:38.0906 8176 FDResPub - ok
16:20:38.0937 8176 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:20:38.0953 8176 FileInfo - ok
16:20:38.0968 8176 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:20:39.0015 8176 Filetrace - ok
16:20:39.0031 8176 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:20:39.0062 8176 flpydisk - ok
16:20:39.0093 8176 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:20:39.0109 8176 FltMgr - ok
16:20:39.0218 8176 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:20:39.0265 8176 FontCache - ok
16:20:39.0311 8176 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:39.0343 8176 FontCache3.0.0.0 - ok
16:20:39.0436 8176 FPLService (0dcef328bccd4e1622ea613f84bd3e54) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:20:39.0467 8176 FPLService - ok
16:20:39.0577 8176 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:20:39.0608 8176 FsDepends - ok
16:20:39.0623 8176 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:20:39.0639 8176 Fs_Rec - ok
16:20:39.0686 8176 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:20:39.0717 8176 fvevol - ok
16:20:39.0748 8176 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:20:39.0764 8176 gagp30kx - ok
16:20:39.0842 8176 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:20:39.0904 8176 gpsvc - ok
16:20:39.0982 8176 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:20:40.0013 8176 gupdate - ok
16:20:40.0029 8176 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:20:40.0045 8176 gupdatem - ok
16:20:40.0076 8176 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:20:40.0091 8176 hcw85cir - ok
16:20:40.0138 8176 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:20:40.0169 8176 HdAudAddService - ok
16:20:40.0216 8176 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:20:40.0232 8176 HDAudBus - ok
16:20:40.0263 8176 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:20:40.0279 8176 HidBatt - ok
16:20:40.0310 8176 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:20:40.0341 8176 HidBth - ok
16:20:40.0372 8176 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:20:40.0388 8176 HidIr - ok
16:20:40.0403 8176 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:20:40.0466 8176 hidserv - ok
16:20:40.0481 8176 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:20:40.0497 8176 HidUsb - ok
16:20:40.0528 8176 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:20:40.0575 8176 hkmsvc - ok
16:20:40.0637 8176 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:20:40.0684 8176 HomeGroupListener - ok
16:20:40.0715 8176 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:20:40.0747 8176 HomeGroupProvider - ok
16:20:40.0856 8176 HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:20:40.0871 8176 HP Support Assistant Service - ok
16:20:40.0949 8176 HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:20:40.0965 8176 HP Wireless Assistant Service - ok
16:20:41.0012 8176 HPClientSvc (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:20:41.0027 8176 HPClientSvc - ok
16:20:41.0074 8176 HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:20:41.0105 8176 HPDrvMntSvc.exe - ok
16:20:41.0168 8176 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:20:41.0199 8176 hpdskflt - ok
16:20:41.0293 8176 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:20:41.0324 8176 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0324 8176 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:20:41.0339 8176 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:20:41.0355 8176 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0355 8176 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:20:41.0464 8176 hpqwmiex (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:20:41.0495 8176 hpqwmiex - ok
16:20:41.0651 8176 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:20:41.0698 8176 HpSAMD - ok
16:20:41.0854 8176 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:20:41.0885 8176 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0885 8176 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:20:41.0917 8176 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
16:20:41.0932 8176 hpsrv - ok
16:20:41.0979 8176 HPWMISVC (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:20:41.0995 8176 HPWMISVC - ok
16:20:42.0073 8176 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:20:42.0119 8176 HTTP - ok
16:20:42.0151 8176 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:20:42.0166 8176 hwpolicy - ok
16:20:42.0197 8176 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:20:42.0213 8176 i8042prt - ok
16:20:42.0275 8176 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:20:42.0307 8176 iaStorV - ok
16:20:42.0525 8176 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:20:42.0572 8176 idsvc - ok
16:20:43.0055 8176 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:20:43.0258 8176 igfx - ok
16:20:43.0414 8176 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:20:43.0430 8176 iirsp - ok
16:20:43.0523 8176 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:20:43.0586 8176 IKEEXT - ok
16:20:43.0617 8176 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:20:43.0633 8176 intelide - ok
16:20:43.0648 8176 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:20:43.0664 8176 intelppm - ok
16:20:43.0711 8176 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:20:43.0757 8176 IPBusEnum - ok
16:20:43.0773 8176 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:43.0820 8176 IpFilterDriver - ok
16:20:43.0898 8176 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:20:43.0960 8176 iphlpsvc - ok
16:20:43.0976 8176 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:20:44.0007 8176 IPMIDRV - ok
16:20:44.0038 8176 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:20:44.0085 8176 IPNAT - ok
16:20:44.0101 8176 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:20:44.0132 8176 IRENUM - ok
16:20:44.0163 8176 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:20:44.0179 8176 isapnp - ok
16:20:44.0225 8176 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:20:44.0241 8176 iScsiPrt - ok
16:20:44.0272 8176 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:20:44.0288 8176 kbdclass - ok
16:20:44.0319 8176 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:20:44.0397 8176 kbdhid - ok
16:20:44.0413 8176 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:44.0444 8176 KeyIso - ok
16:20:44.0459 8176 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:20:44.0475 8176 KSecDD - ok
16:20:44.0506 8176 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:20:44.0537 8176 KSecPkg - ok
16:20:44.0569 8176 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:20:44.0615 8176 ksthunk - ok
16:20:44.0662 8176 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:20:44.0725 8176 KtmRm - ok
16:20:44.0771 8176 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:20:44.0834 8176 LanmanServer - ok
16:20:44.0881 8176 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:20:44.0927 8176 LanmanWorkstation - ok
16:20:45.0005 8176 LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:20:45.0021 8176 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:20:45.0021 8176 LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:20:45.0052 8176 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:20:45.0115 8176 lltdio - ok
16:20:45.0162 8176 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:20:45.0224 8176 lltdsvc - ok
16:20:45.0240 8176 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:20:45.0286 8176 lmhosts - ok
16:20:45.0318 8176 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:20:45.0349 8176 LSI_FC - ok
16:20:45.0380 8176 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:20:45.0396 8176 LSI_SAS - ok
16:20:45.0411 8176 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:20:45.0427 8176 LSI_SAS2 - ok
16:20:45.0474 8176 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:20:45.0489 8176 LSI_SCSI - ok
16:20:45.0505 8176 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:20:45.0567 8176 luafv - ok
16:20:45.0598 8176 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:20:45.0614 8176 MBAMProtector - ok
16:20:45.0723 8176 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:20:45.0754 8176 MBAMService - ok
16:20:45.0786 8176 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:20:45.0817 8176 Mcx2Svc - ok
16:20:45.0832 8176 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:20:45.0848 8176 megasas - ok
16:20:45.0910 8176 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:20:45.0926 8176 MegaSR - ok
16:20:45.0957 8176 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:20:46.0004 8176 MMCSS - ok
16:20:46.0020 8176 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:20:46.0082 8176 Modem - ok
16:20:46.0098 8176 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:20:46.0113 8176 monitor - ok
16:20:46.0144 8176 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:20:46.0160 8176 mouclass - ok
16:20:46.0191 8176 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:20:46.0207 8176 mouhid - ok
16:20:46.0238 8176 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:20:46.0254 8176 mountmgr - ok
16:20:46.0300 8176 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:20:46.0332 8176 mpio - ok
16:20:46.0363 8176 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:20:46.0425 8176 mpsdrv - ok
16:20:46.0519 8176 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:20:46.0581 8176 MpsSvc - ok
16:20:46.0612 8176 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:20:46.0644 8176 MRxDAV - ok
16:20:46.0690 8176 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:46.0722 8176 mrxsmb - ok
16:20:46.0753 8176 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:46.0784 8176 mrxsmb10 - ok
16:20:46.0815 8176 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:46.0831 8176 mrxsmb20 - ok
16:20:46.0862 8176 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:20:46.0878 8176 msahci - ok
16:20:46.0909 8176 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:20:46.0924 8176 msdsm - ok
16:20:46.0971 8176 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:20:46.0987 8176 MSDTC - ok
16:20:47.0018 8176 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:20:47.0065 8176 Msfs - ok
16:20:47.0080 8176 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:20:47.0127 8176 mshidkmdf - ok
16:20:47.0143 8176 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:20:47.0158 8176 msisadrv - ok
16:20:47.0205 8176 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:20:47.0252 8176 MSiSCSI - ok
16:20:47.0252 8176 msiserver - ok
16:20:47.0283 8176 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:20:47.0330 8176 MSKSSRV - ok
16:20:47.0346 8176 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:47.0392 8176 MSPCLOCK - ok
16:20:47.0408 8176 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:20:47.0455 8176 MSPQM - ok
16:20:47.0502 8176 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:20:47.0533 8176 MsRPC - ok
16:20:47.0548 8176 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:20:47.0564 8176 mssmbios - ok
16:20:47.0595 8176 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:20:47.0642 8176 MSTEE - ok
16:20:47.0658 8176 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:20:47.0673 8176 MTConfig - ok
16:20:47.0689 8176 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:20:47.0704 8176 Mup - ok
16:20:47.0751 8176 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:20:47.0814 8176 napagent - ok
16:20:47.0860 8176 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:20:47.0892 8176 NativeWifiP - ok
16:20:47.0985 8176 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:20:48.0032 8176 NDIS - ok
16:20:48.0048 8176 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:20:48.0110 8176 NdisCap - ok
16:20:48.0126 8176 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:48.0172 8176 NdisTapi - ok
16:20:48.0188 8176 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:48.0235 8176 Ndisuio - ok
16:20:48.0282 8176 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:48.0328 8176 NdisWan - ok
16:20:48.0360 8176 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:20:48.0406 8176 NDProxy - ok
16:20:48.0438 8176 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
16:20:48.0453 8176 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:20:48.0453 8176 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:20:48.0484 8176 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:20:48.0531 8176 NetBIOS - ok
16:20:48.0578 8176 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:20:48.0656 8176 NetBT - ok
16:20:48.0672 8176 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:48.0687 8176 Netlogon - ok
16:20:48.0750 8176 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:20:48.0828 8176 Netman - ok
16:20:48.0859 8176 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:20:48.0921 8176 netprofm - ok
16:20:48.0968 8176 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:20:48.0999 8176 NetTcpPortSharing - ok
16:20:49.0498 8176 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
16:20:49.0670 8176 netw5v64 - ok
16:20:49.0842 8176 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:20:49.0873 8176 nfrd960 - ok
16:20:49.0920 8176 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:20:49.0966 8176 NlaSvc - ok
16:20:49.0998 8176 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:20:50.0060 8176 Npfs - ok
16:20:50.0076 8176 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:20:50.0122 8176 nsi - ok
16:20:50.0138 8176 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:20:50.0185 8176 nsiproxy - ok
16:20:50.0341 8176 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:20:50.0403 8176 Ntfs - ok
16:20:50.0544 8176 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:20:50.0606 8176 Null - ok
16:20:50.0637 8176 nusb3hub (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:20:50.0653 8176 nusb3hub - ok
16:20:50.0700 8176 nusb3xhc (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:20:50.0731 8176 nusb3xhc - ok
16:20:50.0778 8176 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:20:50.0809 8176 nvraid - ok
16:20:50.0824 8176 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:20:50.0840 8176 nvstor - ok
16:20:50.0871 8176 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:20:50.0887 8176 nv_agp - ok
16:20:50.0918 8176 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:20:50.0949 8176 ohci1394 - ok
16:20:51.0043 8176 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:51.0058 8176 ose - ok
16:20:51.0558 8176 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:51.0745 8176 osppsvc - ok
16:20:51.0916 8176 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:20:51.0963 8176 p2pimsvc - ok
16:20:52.0026 8176 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:20:52.0041 8176 p2psvc - ok
16:20:52.0135 8176 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:20:52.0166 8176 Parport - ok
16:20:52.0197 8176 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:20:52.0213 8176 partmgr - ok
16:20:52.0260 8176 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:20:52.0291 8176 PcaSvc - ok
16:20:52.0338 8176 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:20:52.0353 8176 pci - ok
16:20:52.0369 8176 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:20:52.0384 8176 pciide - ok
16:20:52.0431 8176 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:20:52.0447 8176 pcmcia - ok
16:20:52.0478 8176 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:20:52.0494 8176 pcw - ok
16:20:52.0540 8176 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:20:52.0603 8176 PEAUTH - ok
16:20:52.0696 8176 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:20:52.0712 8176 PerfHost - ok
16:20:52.0852 8176 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:20:52.0915 8176 pla - ok
16:20:52.0993 8176 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:20:53.0040 8176 PlugPlay - ok
16:20:53.0071 8176 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
16:20:53.0086 8176 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:20:53.0086 8176 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:20:53.0102 8176 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:20:53.0133 8176 PNRPAutoReg - ok
16:20:53.0164 8176 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:20:53.0196 8176 PNRPsvc - ok
16:20:53.0258 8176 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
16:20:53.0274 8176 Point64 - ok
16:20:53.0352 8176 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:20:53.0414 8176 PolicyAgent - ok
16:20:53.0445 8176 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:20:53.0508 8176 Power - ok
16:20:53.0539 8176 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:20:53.0586 8176 PptpMiniport - ok
16:20:53.0601 8176 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:20:53.0632 8176 Processor - ok
16:20:53.0664 8176 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:20:53.0695 8176 ProfSvc - ok
16:20:53.0710 8176 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:53.0726 8176 ProtectedStorage - ok
16:20:53.0757 8176 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:20:53.0804 8176 Psched - ok
16:20:53.0944 8176 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:20:53.0991 8176 ql2300 - ok
16:20:54.0147 8176 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:20:54.0178 8176 ql40xx - ok
16:20:54.0225 8176 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:20:54.0256 8176 QWAVE - ok
16:20:54.0272 8176 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:20:54.0303 8176 QWAVEdrv - ok
16:20:54.0319 8176 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:20:54.0412 8176 RasAcd - ok
16:20:54.0444 8176 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:20:54.0490 8176 RasAgileVpn - ok
16:20:54.0537 8176 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:20:54.0584 8176 RasAuto - ok
16:20:54.0615 8176 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:54.0662 8176 Rasl2tp - ok
16:20:54.0709 8176 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:20:54.0756 8176 RasMan - ok
16:20:54.0802 8176 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:54.0849 8176 RasPppoe - ok
16:20:54.0849 8176 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:20:54.0912 8176 RasSstp - ok
16:20:54.0958 8176 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:20:55.0005 8176 rdbss - ok
16:20:55.0036 8176 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:20:55.0052 8176 rdpbus - ok
16:20:55.0068 8176 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:55.0114 8176 RDPCDD - ok
16:20:55.0130 8176 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:20:55.0177 8176 RDPENCDD - ok
16:20:55.0208 8176 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:20:55.0255 8176 RDPREFMP - ok
16:20:55.0302 8176 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:20:55.0348 8176 RDPWD - ok
16:20:55.0395 8176 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:20:55.0442 8176 rdyboost - ok
16:20:55.0473 8176 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:20:55.0551 8176 RemoteAccess - ok
16:20:55.0582 8176 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:20:55.0645 8176 RemoteRegistry - ok
16:20:55.0660 8176 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:20:55.0707 8176 RpcEptMapper - ok
16:20:55.0738 8176 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:20:55.0754 8176 RpcLocator - ok
16:20:55.0816 8176 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:20:55.0879 8176 RpcSs - ok
16:20:55.0926 8176 RSPCIESTOR (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:20:55.0941 8176 RSPCIESTOR - ok
16:20:55.0972 8176 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:20:56.0035 8176 rspndr - ok
16:20:56.0113 8176 RTL8167 (5d6a444bd37b52ff846387c87dcdf98a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:20:56.0128 8176 RTL8167 - ok
16:20:56.0144 8176 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:56.0175 8176 SamSs - ok
16:20:56.0206 8176 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:20:56.0222 8176 sbp2port - ok
16:20:56.0269 8176 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:20:56.0316 8176 SCardSvr - ok
16:20:56.0347 8176 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:20:56.0394 8176 scfilter - ok
16:20:56.0487 8176 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:20:56.0565 8176 Schedule - ok
16:20:56.0596 8176 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:20:56.0643 8176 SCPolicySvc - ok
16:20:56.0674 8176 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:20:56.0706 8176 sdbus - ok
16:20:56.0737 8176 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:20:56.0784 8176 SDRSVC - ok
16:20:56.0815 8176 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:20:56.0862 8176 secdrv - ok
16:20:56.0893 8176 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:20:56.0940 8176 seclogon - ok
16:20:56.0955 8176 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:20:57.0002 8176 SENS - ok
16:20:57.0033 8176 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:20:57.0049 8176 SensrSvc - ok
16:20:57.0080 8176 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:20:57.0111 8176 Serenum - ok
16:20:57.0127 8176 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:20:57.0142 8176 Serial - ok
16:20:57.0174 8176 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:20:57.0189 8176 sermouse - ok
16:20:57.0236 8176 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:20:57.0283 8176 SessionEnv - ok
16:20:57.0423 8176 SfCtlCom (52c525bf4d78125a5064d0d1705f04b6) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
16:20:57.0454 8176 SfCtlCom - ok
16:20:57.0517 8176 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:20:57.0564 8176 sffdisk - ok
16:20:57.0595 8176 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:20:57.0610 8176 sffp_mmc - ok
16:20:57.0610 8176 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:20:57.0642 8176 sffp_sd - ok
16:20:57.0657 8176 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:20:57.0673 8176 sfloppy - ok
16:20:57.0751 8176 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:20:57.0782 8176 Sftfs - ok
16:20:57.0907 8176 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:20:57.0938 8176 sftlist - ok
16:20:57.0985 8176 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:20:58.0016 8176 Sftplay - ok
16:20:58.0032 8176 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:20:58.0047 8176 Sftredir - ok
16:20:58.0063 8176 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:20:58.0078 8176 Sftvol - ok
16:20:58.0125 8176 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:20:58.0141 8176 sftvsa - ok
16:20:58.0188 8176 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:20:58.0234 8176 SharedAccess - ok
16:20:58.0297 8176 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:20:58.0359 8176 ShellHWDetection - ok
16:20:58.0375 8176 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:20:58.0390 8176 SiSRaid2 - ok
16:20:58.0422 8176 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:20:58.0437 8176 SiSRaid4 - ok
16:20:58.0468 8176 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:20:58.0515 8176 Smb - ok
16:20:58.0531 8176 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:20:58.0562 8176 SNMPTRAP - ok
16:20:58.0578 8176 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:20:58.0593 8176 spldr - ok
16:20:58.0671 8176 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:20:58.0718 8176 Spooler - ok
16:20:59.0264 8176 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:20:59.0436 8176 sppsvc - ok
16:20:59.0545 8176 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:20:59.0623 8176 sppuinotify - ok
16:20:59.0716 8176 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:20:59.0763 8176 srv - ok
16:20:59.0810 8176 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:20:59.0841 8176 srv2 - ok
16:20:59.0888 8176 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:20:59.0904 8176 SrvHsfHDA - ok
16:21:00.0044 8176 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:21:00.0091 8176 SrvHsfV92 - ok
16:21:00.0294 8176 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:21:00.0340 8176 SrvHsfWinac - ok
16:21:00.0372 8176 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:21:00.0387 8176 srvnet - ok
16:21:00.0434 8176 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:21:00.0496 8176 SSDPSRV - ok
16:21:00.0512 8176 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:21:00.0574 8176 SstpSvc - ok
16:21:00.0684 8176 STacSV (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe
16:21:00.0730 8176 STacSV - ok
16:21:00.0746 8176 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:21:00.0762 8176 stexstor - ok
16:21:00.0824 8176 STHDA (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
16:21:00.0855 8176 STHDA - ok
16:21:00.0886 8176 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
16:21:00.0902 8176 StillCam - ok
16:21:00.0996 8176 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:21:01.0042 8176 stisvc - ok
16:21:01.0058 8176 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:21:01.0074 8176 swenum - ok
16:21:01.0152 8176 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:21:01.0198 8176 swprv - ok
16:21:01.0339 8176 SynTP (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
16:21:01.0386 8176 SynTP - ok
16:21:01.0682 8176 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:21:01.0744 8176 SysMain - ok
16:21:01.0869 8176 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:21:01.0932 8176 TabletInputService - ok
16:21:01.0978 8176 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:21:02.0025 8176 TapiSrv - ok
16:21:02.0072 8176 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:21:02.0119 8176 TBS - ok
16:21:02.0353 8176 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:21:02.0415 8176 Tcpip - ok
16:21:02.0727 8176 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:21:02.0790 8176 TCPIP6 - ok
16:21:02.0946 8176 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:21:02.0992 8176 tcpipreg - ok
16:21:03.0024 8176 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:21:03.0039 8176 TDPIPE - ok
16:21:03.0070 8176 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:21:03.0086 8176 TDTCP - ok
16:21:03.0117 8176 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:21:03.0164 8176 tdx - ok
16:21:03.0195 8176 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:21:03.0211 8176 TermDD - ok
16:21:03.0289 8176 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:21:03.0351 8176 TermService - ok
16:21:03.0367 8176 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:21:03.0398 8176 Themes - ok
16:21:03.0429 8176 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:21:03.0476 8176 THREADORDER - ok
16:21:03.0570 8176 TMBMServer (963c903e5176c5cdcae321d48635b21f) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
16:21:03.0601 8176 TMBMServer - ok
16:21:03.0663 8176 tmlwf (35a6aeb61c7cf21b10cc05bda47339b5) C:\Windows\system32\DRIVERS\tmlwf.sys
16:21:03.0694 8176 tmlwf - ok
16:21:03.0772 8176 TmPfw (c52867f238ef1aafcd35f8d134b8ab10) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
16:21:03.0788 8176 TmPfw - ok
16:21:03.0819 8176 tmpreflt (1889f49a828b1cf0e2866cdd325875b0) C:\Windows\system32\DRIVERS\tmpreflt.sys
16:21:03.0835 8176 tmpreflt - ok
16:21:03.0944 8176 TmProxy (3ae913b4fbf06ee49831ff9db2330830) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
16:21:03.0991 8176 TmProxy - ok
16:21:04.0022 8176 tmtdi (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
16:21:04.0038 8176 tmtdi - ok
16:21:04.0272 8176 tmwfp (a4670e50c15d7bce7226e4b62700df09) C:\Windows\system32\DRIVERS\tmwfp.sys
16:21:04.0318 8176 tmwfp - ok
16:21:04.0365 8176 tmxpflt (8b97ba7e28bd39a2bc4a2bb66a83fec0) C:\Windows\system32\DRIVERS\tmxpflt.sys
16:21:04.0381 8176 tmxpflt - ok
16:21:04.0412 8176 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:21:04.0474 8176 TrkWks - ok
16:21:04.0552 8176 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:21:04.0630 8176 TrustedInstaller - ok
16:21:04.0662 8176 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:04.0708 8176 tssecsrv - ok
16:21:04.0740 8176 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:21:04.0771 8176 TsUsbFlt - ok
16:21:04.0802 8176 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:21:04.0849 8176 tunnel - ok
16:21:04.0880 8176 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:21:04.0896 8176 uagp35 - ok
16:21:04.0942 8176 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:21:04.0989 8176 udfs - ok
16:21:05.0036 8176 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:21:05.0052 8176 UI0Detect - ok
16:21:05.0083 8176 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:21:05.0098 8176 uliagpkx - ok
16:21:05.0130 8176 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:21:05.0145 8176 umbus - ok
16:21:05.0176 8176 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:21:05.0192 8176 UmPass - ok
16:21:05.0254 8176 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:21:05.0301 8176 upnphost - ok
16:21:05.0348 8176 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:05.0364 8176 usbccgp - ok
16:21:05.0395 8176 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:21:05.0410 8176 usbcir - ok
16:21:05.0457 8176 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:21:05.0473 8176 usbehci - ok
16:21:05.0504 8176 usbfilter (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
16:21:05.0520 8176 usbfilter - ok
16:21:05.0566 8176 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:21:05.0613 8176 usbhub - ok
16:21:05.0629 8176 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:21:05.0644 8176 usbohci - ok
16:21:05.0676 8176 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:21:05.0707 8176 usbprint - ok
16:21:05.0722 8176 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:21:05.0754 8176 usbscan - ok
16:21:05.0785 8176 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:21:05.0816 8176 USBSTOR - ok
16:21:05.0832 8176 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:21:05.0863 8176 usbuhci - ok
16:21:05.0894 8176 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:21:05.0910 8176 usbvideo - ok
16:21:05.0941 8176 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:21:05.0988 8176 UxSms - ok
16:21:06.0003 8176 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:21:06.0034 8176 VaultSvc - ok
16:21:06.0050 8176 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:21:06.0066 8176 vdrvroot - ok
16:21:06.0128 8176 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:21:06.0190 8176 vds - ok
16:21:06.0206 8176 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:06.0237 8176 vga - ok
16:21:06.0253 8176 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:21:06.0300 8176 VgaSave - ok
16:21:06.0346 8176 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:21:06.0362 8176 vhdmp - ok
16:21:06.0393 8176 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:21:06.0409 8176 viaide - ok
16:21:06.0440 8176 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:21:06.0456 8176 volmgr - ok
16:21:06.0518 8176 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:21:06.0534 8176 volmgrx - ok
16:21:06.0596 8176 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:21:06.0612 8176 volsnap - ok
16:21:06.0783 8176 vsapint (3a5862d9a4fe4bbb2ffa1700e2b21b9b) C:\Windows\system32\DRIVERS\vsapint.sys
16:21:06.0846 8176 vsapint - ok
16:21:07.0017 8176 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:07.0064 8176 vsmraid - ok
16:21:07.0204 8176 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:21:07.0282 8176 VSS - ok
16:21:07.0423 8176 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:07.0470 8176 vwifibus - ok
16:21:07.0485 8176 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:07.0516 8176 vwififlt - ok
16:21:07.0516 8176 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:07.0548 8176 vwifimp - ok
16:21:07.0594 8176 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:21:07.0657 8176 W32Time - ok
16:21:07.0672 8176 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:21:07.0688 8176 WacomPen - ok
16:21:07.0735 8176 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:21:07.0782 8176 WANARP - ok
16:21:07.0782 8176 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:21:07.0828 8176 Wanarpv6 - ok
16:21:07.0969 8176 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:21:08.0016 8176 wbengine - ok
16:21:08.0156 8176 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:21:08.0218 8176 WbioSrvc - ok
16:21:08.0281 8176 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:21:08.0312 8176 wcncsvc - ok
16:21:08.0343 8176 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:21:08.0374 8176 WcsPlugInService - ok
16:21:08.0406 8176 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:21:08.0421 8176 Wd - ok
16:21:08.0499 8176 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:21:08.0530 8176 Wdf01000 - ok
16:21:08.0562 8176 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:21:08.0593 8176 WdiServiceHost - ok
16:21:08.0593 8176 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:21:08.0624 8176 WdiSystemHost - ok
16:21:08.0671 8176 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:21:08.0702 8176 WebClient - ok
16:21:08.0733 8176 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:21:08.0796 8176 Wecsvc - ok
16:21:08.0811 8176 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:21:08.0858 8176 wercplsupport - ok
16:21:08.0889 8176 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:21:08.0936 8176 WerSvc - ok
16:21:08.0983 8176 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:09.0061 8176 WfpLwf - ok
16:21:09.0076 8176 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:21:09.0092 8176 WIMMount - ok
16:21:09.0139 8176 WinDefend - ok
16:21:09.0154 8176 WinHttpAutoProxySvc - ok
16:21:09.0217 8176 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:21:09.0279 8176 Winmgmt - ok
16:21:09.0466 8176 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:21:09.0560 8176 WinRM - ok
16:21:09.0732 8176 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:21:09.0778 8176 WinUsb - ok
16:21:09.0872 8176 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:21:09.0919 8176 Wlansvc - ok
16:21:09.0966 8176 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:21:09.0997 8176 wlcrasvc - ok
16:21:10.0246 8176 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:10.0309 8176 wlidsvc - ok
16:21:10.0480 8176 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:21:10.0512 8176 WmiAcpi - ok
16:21:10.0574 8176 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:21:10.0590 8176 wmiApSrv - ok
16:21:10.0652 8176 WMPNetworkSvc - ok
16:21:10.0683 8176 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:21:10.0730 8176 WPCSvc - ok
16:21:10.0777 8176 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:21:10.0792 8176 WPDBusEnum - ok
16:21:10.0824 8176 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:21:10.0870 8176 ws2ifsl - ok
16:21:10.0902 8176 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:21:10.0933 8176 wscsvc - ok
16:21:10.0933 8176 WSearch - ok
16:21:11.0136 8176 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:21:11.0214 8176 wuauserv - ok
16:21:11.0370 8176 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:21:11.0432 8176 WudfPf - ok
16:21:11.0463 8176 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:11.0510 8176 WUDFRd - ok
16:21:11.0541 8176 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:21:11.0588 8176 wudfsvc - ok
16:21:11.0635 8176 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:21:11.0666 8176 WwanSvc - ok
16:21:11.0713 8176 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
16:21:11.0744 8176 yukonw7 - ok
16:21:11.0775 8176 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:21:12.0196 8176 \Device\Harddisk0\DR0 - ok
16:21:12.0196 8176 Boot (0x1200) (6c4ac01224932aa3e7b28942214e7aa3) \Device\Harddisk0\DR0\Partition0
16:21:12.0196 8176 \Device\Harddisk0\DR0\Partition0 - ok
16:21:12.0212 8176 Boot (0x1200) (a658c0bbed514bdc8e7a9203f55f0706) \Device\Harddisk0\DR0\Partition1
16:21:12.0212 8176 \Device\Harddisk0\DR0\Partition1 - ok
16:21:12.0259 8176 Boot (0x1200) (d46a3289f794abb084f50b752566b7a3) \Device\Harddisk0\DR0\Partition2
16:21:12.0259 8176 \Device\Harddisk0\DR0\Partition2 - ok
16:21:12.0274 8176 Boot (0x1200) (5007b345a485cc457e429edf1bd7d4b1) \Device\Harddisk0\DR0\Partition3
16:21:12.0274 8176 \Device\Harddisk0\DR0\Partition3 - ok
16:21:12.0274 8176 ============================================================
16:21:12.0274 8176 Scan finished
16:21:12.0274 8176 ============================================================
16:21:12.0290 8760 Detected object count: 6
16:21:12.0290 8760 Actual detected object count: 6
VG Danke Sascha |
|
| Themen zu GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! |
| 4d36e972-e325-11ce-bfc1-08002be10318, autorun, bho, bingbar, browser, conduit, converter, emsisoft, explorer, feedback, firefox, format, frage, google earth, helper, home, launch, logfile, mp3, netzwerk, nvstor.sys, object, plug-in, realtek, registry, rundll, searchscopes, security, services.exe, software, temp, trojaner, updates, usb, usb 3.0, version=1.0, warum, windows, wrapper |
Linear-Darstellung
