|
Plagegeister aller Art und deren Bekämpfung: Verschlüsselungstrojaner (BKA) auf meinem Windows 7 PcWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.07.2012, 23:45 | #1 | ||
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Hey liebes Trojaner-Forum Team, auch ich habe mir einen dieser "Verschlüsselungs/Polizei Warnung" Trojaner eingefangen und habe somit leichte Probleme mit einer anständigen Nutzung meines Systems :P Ich habe mir die Anleitungen die ich für eine rasche Hilfeleistung eurerseits leisten sollte durchgelesen und Versucht so gut und vollständig als möglich zu erfüllen! edit: Nach dem öffnen einer Internetseite hat sich auf einmal dieses Fenster geöffnet das mich der Kinderpornographie beschuldigte und alle anderen aktionen wurden blokiert. über den Taskmanager konnte ich ein paar Programme die schädlich für mich ausgesehen haben schließen und sogar wieder normal mit einem Explorer restart alle Programme nutzen. Habe mich aber doch entschieden da ich es für sinnvoller erachtet habe die Systemprüfung im abgesicherten Modus durchzuführen! Da mein Computer relativ neu ist und ich mit ziemlicher Sicherheit keine Cd Emulatoren installiert habe hatte ich defogger nicht angewendet! Hier erstmals der Scan von Malwarebytes (überraschenderweise für mich keinen einzigen Trojaner gefunden): Malwarebytes Anti-Malware (Test) 1.61.0.1400 www.malwarebytes.org Datenbank Version: v2012.07.03.06 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 Filib :: FILIB-PC [Administrator] Schutz: Deaktiviert 03.07.2012 23:49:53 mbam-log-2012-07-03 (23-49-53).txt Art des Suchlaufs: Vollständiger Suchlauf Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 332997 Laufzeit: 30 Minute(n), 9 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Hier die OTL Scans einmal die OTL Datei: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.07.2012 00:22:22 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Filib\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 3,02 Gb Available Physical Memory | 77,27% Memory free 7,82 Gb Paging File | 7,05 Gb Available in Paging File | 90,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 555,07 Gb Total Space | 490,92 Gb Free Space | 88,44% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS Computer Name: FILIB-PC | User Name: Filib | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0A2983E6-64C0-4CA2-AC19-F01DC1F0CA45}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{10D4D940-1255-4790-BA32-D9BA8F83DA9D}" = rport=445 | protocol=6 | dir=out | app=system | "{2712C87F-0B91-4ECA-A364-476B000237E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{28297CF6-FDCE-4609-9D5E-56918440FF68}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{29874FEB-E514-4A76-83E5-1912D101E6AB}" = rport=10243 | protocol=6 | dir=out | app=system | "{3431290C-D6C1-44F8-BFCE-80857C447625}" = rport=137 | protocol=17 | dir=out | app=system | "{41F25EDA-4F14-4F2F-85C3-306C699D7AFE}" = lport=10243 | protocol=6 | dir=in | app=system | "{513CBA7A-3C50-4CB8-B4B5-6DA68202496F}" = lport=2869 | protocol=6 | dir=in | app=system | "{5DCF1A4D-08BD-4327-8D61-FDF08C527D32}" = lport=445 | protocol=6 | dir=in | app=system | "{83A7B532-4A8C-4918-B91B-56FFB8586E94}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{8CBB7E21-077B-403F-BDED-979087A17DAC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9AF16A45-AF1E-4823-93DE-DA141BB2BBE0}" = lport=138 | protocol=17 | dir=in | app=system | "{9CAFBAB3-5ABC-4062-B2AD-84EC19C97333}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A38FF13E-17AA-49AC-B0A1-CA3F97D42CF7}" = rport=139 | protocol=6 | dir=out | app=system | "{AE9413F2-8812-4EB7-8264-ABC675C618B7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B9F3473E-66B5-4C14-B1AF-84E4F888E2EF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{D003C03F-6213-49C3-A267-49D15620FEA0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D611168E-665F-421D-B039-F0E617826DFF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D7510885-DD0C-463F-BDEF-A77FEB8786E2}" = lport=139 | protocol=6 | dir=in | app=system | "{DB3FECFE-E1AC-4802-8055-25C9BC36EEE1}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{DB89E45F-92F7-40DE-8190-5CCD0009B511}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E0B94EFF-EFC4-4BA3-849F-4EC3F3027FCB}" = lport=137 | protocol=17 | dir=in | app=system | "{E0E459FD-4630-4CAA-A106-1318E285E781}" = rport=138 | protocol=17 | dir=out | app=system | "{EA7A5514-815D-4A21-BD5B-CB093B5C0795}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EF720BB2-4882-4EE4-8189-6162F5613F89}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{06E23EBE-CFF9-4F76-9E1E-2C7DEFF81F74}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxditime.exe | "{0E67BF87-B6B0-4B96-963D-0A2FFF76B5E4}" = protocol=17 | dir=in | app=c:\users\filib\appdata\local\temp\lxdi\wireless\german\lxdiwpss.exe | "{16207F27-E370-4AFD-A963-EEA943D13737}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{19F309AD-4D77-40C0-A922-752A19B13F63}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{20248070-2AA9-421A-A47F-E7C18EECB6CA}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdicoms.exe | "{28A04645-A91F-4AEB-B7DB-74F67D32A375}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{2EDBC4E1-0FDD-4001-B2A4-2D62481491F9}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{3A419A38-607D-4E98-ABAC-DA4826A13130}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdipswx.exe | "{3A9359E5-7224-41C1-8DD1-54C18664F305}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{3C6AF7D8-0120-4014-894F-CCDB1144044C}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe | "{44EE272A-7E81-4D4A-9650-EACEC3B6E88E}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdicoms.exe | "{4B53AE5D-CD0E-494D-9292-A83ED3E3955A}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{4FC7439C-D3A1-475D-A31F-E31704EE3EF7}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe | "{510BA137-41C8-44AE-9917-4DF19B66C5F2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{5BAA8F1A-28F7-4D9F-B23A-1E8D9EAC0263}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{60E7A00E-F75C-405E-A7C7-5708C6AD90F4}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe | "{61D8F49D-D5C5-48B3-B29A-E5599256DA39}" = protocol=6 | dir=in | app=c:\users\filib\appdata\local\temp\lxdi\wireless\german\lxdiwpss.exe | "{64D93C16-863A-47FF-9AC8-EE0D9434B716}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{677A87D6-DA9B-4E9A-A37B-6E9980D4DA52}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdipswx.exe | "{6953F860-C803-4399-882F-E15DB3E53515}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicfg.exe | "{6C9CC998-492E-49E6-BE1A-E83C00D04406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6EE12DC5-793B-4EAA-8B92-AF88C678D787}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{79C9117E-6555-45F8-A171-896259656D94}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe | "{7C773480-F041-4DE7-A41A-500644319587}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{7F9A36C9-2610-4856-A929-451A82BE04CF}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe | "{88AD8894-0D22-4D04-8245-69A1F9EDF7F4}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\wireless\lxdiwpss.exe | "{894DD592-95CA-4AFA-AD31-9D46D04371AD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8E1504FF-98FD-4714-BD26-A466E998FDB1}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdijswx.exe | "{8FC2A739-1694-4595-9DEC-FC21E4B02D95}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{9248046D-4A15-4E16-944E-3E8D04CDF4EE}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\app4r.exe | "{934A969D-325E-4910-9DE6-73B2B3E5A7F6}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\app4r.exe | "{A36B4486-3470-4586-B13F-BAD000AD0B34}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxditime.exe | "{A5D02DFB-D2D3-476D-B3BF-42996628F632}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{A6DDC549-6EA4-445D-9EAD-BC93D5E2F91F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{AA474329-E16D-4026-A445-21A14692F5C1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{AB33CBAE-06A3-4F2F-A186-7EA343BB89E7}" = protocol=6 | dir=out | app=system | "{B9D7729B-2ED9-41AC-9761-CB9067DE7013}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{CEC1D9C4-B802-4029-8296-14437A202017}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{D3387779-24A1-4061-9297-1BDF05029851}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{DA5DCB23-A050-414D-AB34-4C33190A14D4}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicfg.exe | "{DECA9F78-0EE7-4C1A-85F4-51F6E1F80D4E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E208CF46-8B50-4A88-BD1D-640B6A656E89}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{E7B1E7C2-AD81-4F6B-B14A-8F01C76D814E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{EEA913C4-5330-4AC3-94D0-BB6CD1D99EB9}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdijswx.exe | "{F8BA434F-3751-4264-BB64-81A691281D5C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{FBE753C7-B52E-4043-8B1F-2E82E8C5EDFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "TCP Query User{4A3F8434-E874-4CB1-897D-D62015D4B502}C:\alles\spiele\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\alles\spiele\world of warcraft\launcher.exe | "TCP Query User{5D7D4EA9-FDC0-42A6-9BC8-E4AEC58E308F}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe | "TCP Query User{8707E407-C26E-436E-ABD9-3633178F26CE}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe | "UDP Query User{4BE239ED-BAB2-4E44-A327-A9861D6B4919}C:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe | "UDP Query User{7462ACC1-19F1-451B-A927-3BEC3CD468FB}C:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe | "UDP Query User{E5932AEA-9C6C-4E34-B285-8BB5E52E856C}C:\alles\spiele\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\alles\spiele\world of warcraft\launcher.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources "{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources "{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software "{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources "{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources "{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources "{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources "{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources "{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources "{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources "{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client "{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Display Control Panel "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 266.39 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.11 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources "{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector "{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources "{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}" = Finger Sensing Pad Driver "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "CNXT_AUDIO_HDA" = Conexant HD Audio "Lexmark 3500-4500 Series" = Lexmark 3500-4500 Series "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft Security Client" = Microsoft Security Essentials "ProInst" = Intel PROSet Wireless [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas "{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack "{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common "{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack "{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack "{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail "{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live "{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail "{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources "{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials "{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi "{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31 "{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials "{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger "{2C7E8AA1-9C03-4606-BF34-5D99D07964DA}" = Windows Live Messenger "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver "{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources "{32A3A4F4-B792-11D6-A78A-00B0D0160310}" = Java(TM) SE Development Kit 6 Update 31 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer "{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack "{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials "{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover "{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh "{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader "{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live "{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger "{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer "{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack "{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack "{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack "{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources "{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance "{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh "{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker "{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger "{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker "{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources "{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail "{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker "{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live "{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger "{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh "{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common "{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker "{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz "{6EE9F44A-B8C7-4CDB-B2A9-441AF2AE315A}" = Windows Live Messenger "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer "{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh "{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár "{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common "{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh "{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack "{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack "{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh "{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live "{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live "{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer "{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources "{7F6021AE-E688-4D03-843A-C2260482BA0D}" = Windows Live Messenger "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh "{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common "{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker "{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AA4D1C5E-116A-4FF4-AA91-28F526868203}" = watchmi "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.3) MUI "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail "{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common "{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials "{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2 "{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi "{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker "{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh "{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live "{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail "{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common "{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave "{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack "{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker "{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer "{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey "{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas "{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer "{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live "{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack "{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources "{E7688C7D-DE09-4D43-9785-534EDE9BC18E}" = Windows Live Messenger "{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer "{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live "{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live "{EE492B20-FB15-4A98-883C-3054354A11F8}" = Windows Live Messenger "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις "{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh "{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials "{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AmUStor" = Alcor Micro USB Card Reader "Elasto Mania" = Elasto Mania "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228 "Google Chrome" = Google Chrome "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = CyberLink PowerRecover "InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400 "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "ProInst" = Intel PROSet Wireless "TeamSpeak 3 Client" = TeamSpeak 3 Client "Win2day Poker" = Win2day Poker "WinLiveSuite" = Windows Live Essentials "World of Warcraft" = World of Warcraft ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 10.05.2012 06:17:13 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxdiJSWX.EXE, Version: 4.0.17.0, Zeitstempel: 0x4610dd6c Name des fehlerhaften Moduls: lxdiJSWX.EXE, Version: 4.0.17.0, Zeitstempel: 0x4610dd6c Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000001454e ID des fehlerhaften Prozesses: 0x47c Startzeit der fehlerhaften Anwendung: 0x01cd2e9505691ca7 Pfad der fehlerhaften Anwendung: C:\Windows\system32\spool\DRIVERS\x64\3\lxdiJSWX.EXE Pfad des fehlerhaften Moduls: C:\Windows\system32\spool\DRIVERS\x64\3\lxdiJSWX.EXE Berichtskennung: 4eda19b6-9a89-11e1-9bb5-3860773623dd Error - 10.05.2012 06:17:19 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: lxdiJSWX.EXE, Version: 4.0.17.0, Zeitstempel: 0x4610dd6c Name des fehlerhaften Moduls: lxdiJSWX.EXE, Version: 4.0.17.0, Zeitstempel: 0x4610dd6c Ausnahmecode: 0xc000041d Fehleroffset: 0x000000000001454e ID des fehlerhaften Prozesses: 0x47c Startzeit der fehlerhaften Anwendung: 0x01cd2e9505691ca7 Pfad der fehlerhaften Anwendung: C:\Windows\system32\spool\DRIVERS\x64\3\lxdiJSWX.EXE Pfad des fehlerhaften Moduls: C:\Windows\system32\spool\DRIVERS\x64\3\lxdiJSWX.EXE Berichtskennung: 52a75c97-9a89-11e1-9bb5-3860773623dd Error - 11.05.2012 01:54:28 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: NvXDSync.exe, Version: 7.17.12.6639, Zeitstempel: 0x4d13f16c Name des fehlerhaften Moduls: NvXDSync.exe, Version: 7.17.12.6639, Zeitstempel: 0x4d13f16c Ausnahmecode: 0xc0000417 Fehleroffset: 0x0000000000061534 ID des fehlerhaften Prozesses: 0xe74 Startzeit der fehlerhaften Anwendung: 0x01cd2f3a8639077d Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe Pfad des fehlerhaften Moduls: C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe Berichtskennung: c4b70b75-9b2d-11e1-8e1c-3860773623dd Error - 29.05.2012 07:17:28 | Computer Name = Filib-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Error - 31.05.2012 07:20:08 | Computer Name = Filib-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Error - 18.06.2012 10:55:48 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe, Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll, Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x00490fb1 ID des fehlerhaften Prozesses: 0xc7c Startzeit der fehlerhaften Anwendung: 0x01cd4d3fa5eb7cc6 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Berichtskennung: b03a6055-b955-11e1-b491-3860773623dd Error - 19.06.2012 06:32:54 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe, Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll, Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0016b4ac ID des fehlerhaften Prozesses: 0xb14 Startzeit der fehlerhaften Anwendung: 0x01cd4e06d4815416 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Berichtskennung: 203a3093-b9fa-11e1-ad52-3860773623dd Error - 19.06.2012 11:24:03 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe, Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll, Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x0016b4ac ID des fehlerhaften Prozesses: 0xf10 Startzeit der fehlerhaften Anwendung: 0x01cd4e2f8a9d03ec Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Berichtskennung: ccc4b011-ba22-11e1-af14-3860773623dd Error - 29.06.2012 20:22:41 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe, Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll, Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x001a4b75 ID des fehlerhaften Prozesses: 0x1c68 Startzeit der fehlerhaften Anwendung: 0x01cd56501f016cd6 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Berichtskennung: b405bbf7-c249-11e1-8fad-3860773623dd Error - 03.07.2012 07:27:08 | Computer Name = Filib-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe, Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll, Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset: 0x000ccb60 ID des fehlerhaften Prozesses: 0xed8 Startzeit der fehlerhaften Anwendung: 0x01cd58ffcc15635e Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll Berichtskennung: 05b440c5-c502-11e1-83cb-3860773623dd [ System Events ] Error - 28.06.2012 07:58:52 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdiCATSCustConnectService erreicht. Error - 28.06.2012 07:58:52 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdiCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 29.06.2012 07:16:47 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdiCATSCustConnectService erreicht. Error - 29.06.2012 07:16:47 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdiCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 29.06.2012 10:27:42 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdiCATSCustConnectService erreicht. Error - 29.06.2012 10:27:42 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdiCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 29.06.2012 16:15:41 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdiCATSCustConnectService erreicht. Error - 29.06.2012 16:15:41 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdiCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 30.06.2012 07:37:24 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxdiCATSCustConnectService erreicht. Error - 30.06.2012 07:37:24 | Computer Name = Filib-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "lxdiCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > und weiters Extras: OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.07.2012 00:22:22 - Run 1 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Filib\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 3,02 Gb Available Physical Memory | 77,27% Memory free 7,82 Gb Paging File | 7,05 Gb Available in Paging File | 90,13% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 555,07 Gb Total Space | 490,92 Gb Free Space | 88,44% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS Computer Name: FILIB-PC | User Name: Filib | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.04 00:03:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2011.05.02 23:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV:64bit: - [2011.05.02 23:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011.05.02 23:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV:64bit: - [2010.12.17 16:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Stopped] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2007.06.11 10:15:08 | 000,876,976 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxdicoms.exe -- (lxdi_device) SRV:64bit: - [2007.06.11 10:15:00 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) SRV - [2012.06.17 17:52:01 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.12.24 09:26:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010.12.06 13:52:40 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi) SRV - [2010.11.06 08:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.10.07 02:46:42 | 000,159,752 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.19 00:40:48 | 000,104,968 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.06.11 10:15:00 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) SRV - [2007.06.11 10:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxdicoms.exe -- (lxdi_device) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.05.26 09:24:16 | 001,590,912 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011.05.01 23:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011.04.15 01:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.06 21:52:22 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.02.10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.02.10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.12.24 09:26:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.08 15:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64) DRV:64bit: - [2010.11.08 15:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64) DRV:64bit: - [2010.11.06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.09.23 22:03:06 | 000,129,008 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2010.08.24 18:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.02.06 16:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2009.10.23 17:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.09.11 23:11:46 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{24DBECDD-86CD-44BC-91D2-C4153D7B69BB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.orf.at" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:52:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:52:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.20 15:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filib\AppData\Roaming\mozilla\Extensions [2012.05.04 13:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filib\AppData\Roaming\mozilla\Firefox\Profiles\z1ehmlkz.default\extensions [2012.02.21 16:26:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Filib\AppData\Roaming\mozilla\Firefox\Profiles\z1ehmlkz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.04.26 10:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.17 17:52:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.02.05 16:20:35 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.05 16:20:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.05 16:20:35 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.05 16:20:35 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.05 16:20:35 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.05 16:20:35 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Filib\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [lxdiamon] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe () O4:64bit: - HKLM..\Run: [lxdimon.exe] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe () O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKCU..\Run: [Update] C:\Users\Filib\AppData\Roaming\0_0u_l.exe (Koolance) O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FB12DB-D76C-41CF-B3FA-D6245DB6EA4A}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0202C20-E07A-4081-8DFF-E4B4ADCF5B00}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\Shell - "" = AutoRun O33 - MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.04 00:03:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe [2012.07.03 23:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.07.03 23:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.07.03 22:41:47 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Malwarebytes [2012.07.03 22:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.03 22:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.03 22:41:38 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.03 22:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.03 22:29:17 | 000,160,256 | ---- | C] (Koolance) -- C:\Users\Filib\AppData\Roaming\0_0u_l.exe [2012.06.27 16:48:52 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.06.27 16:48:34 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElastoMania111 [2012.06.27 16:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElastoMania111 [2012.06.27 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElastoMania111 [2012.06.27 16:39:36 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Local\Microsoft Games [2012.06.15 22:02:01 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Local\Macromedia [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.04 00:03:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe [2012.07.03 23:47:06 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2012.07.03 23:46:46 | 3151,269,888 | -HS- | M] () -- C:\hiberfil.sys [2012.07.03 23:37:40 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.03 23:35:58 | 000,283,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.03 23:28:02 | 001,528,894 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.03 23:28:02 | 000,656,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.03 23:28:02 | 000,618,814 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.03 23:28:02 | 000,131,454 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.03 23:28:02 | 000,107,836 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.03 23:25:51 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.07.03 22:41:42 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.03 22:40:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.03 22:29:16 | 000,160,256 | ---- | M] (Koolance) -- C:\Users\Filib\AppData\Roaming\0_0u_l.exe [2012.07.03 11:39:38 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.03 11:39:38 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.30 13:40:48 | 000,002,678 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.03 23:25:51 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.07.03 22:41:42 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.29 22:21:16 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdicomx.dll [2012.05.29 22:21:16 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\lxdiinst.dll [2012.05.29 22:21:15 | 001,187,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiserv.dll [2012.05.29 22:21:15 | 000,942,080 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiusb1.dll [2012.05.29 22:21:15 | 000,614,400 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipmui.dll [2012.05.29 22:21:15 | 000,532,480 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdilmpm.dll [2012.05.29 22:21:15 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiinpa.dll [2012.05.29 22:21:15 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiiesc.dll [2012.05.29 22:21:15 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiih.exe [2012.05.29 22:21:15 | 000,054,192 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdippls.exe [2012.05.29 22:21:15 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiprox.dll [2012.05.29 22:21:15 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipplc.dll [2012.05.29 22:21:14 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomc.dll [2012.05.29 22:21:14 | 000,671,744 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdihbn3.dll [2012.05.29 22:21:14 | 000,517,040 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicoms.exe [2012.05.29 22:21:14 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomm.dll [2012.05.29 22:21:14 | 000,340,912 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicfg.exe [2012.04.07 00:48:11 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.02.21 12:42:16 | 001,529,424 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.15 12:16:31 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.15 12:16:29 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.15 12:16:28 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== LOP Check ========== [2012.02.21 16:26:47 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\DVDVideoSoft [2012.02.21 16:26:25 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.29 22:24:49 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\Lexmark Productivity Studio [2012.06.10 11:25:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\SoftGrid Client [2012.02.21 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\TP [2012.07.03 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\TS3Client [2012.02.20 17:06:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\ts3overlay [2012.02.27 12:19:58 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\Windows Live Writer [2012.06.26 13:19:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Danke im Vorhinein für eure Hilfe, Lg Filib (Ich hätte euch die Dateien wirklich gerne gezippt nur war das im gesicherten Modus leider nicht möglich) Hi, sorry das ich meinen Beitrag selbst kommentiere, jedoch habe ich neue Infos zu dem Thema Ich hatte zuvor MSE installiert nun jedoch, da ich das Gefühl hatte das ich mit Avira Viren-Suchlauf mehr erfolg haben könnte mir Avira geladen, ausgeführt und nun habe ich einen Virus/Trojan mit dem namen "exp/2012-0507.aw" gefunden und in Quarantäne geschoben. Da ich annehme, dass von dem her auch die oben geposteten Scans nicht mehr aktuell sind werde ich Avira Report, MWB log und OTL log hier neu posten! Hoffe das ist ok und macht das ganze nicht komplizierter! Avira Zitat:
Zitat:
OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.07.2012 13:59:01 - Run 3 OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Filib\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,93 Gb Available Physical Memory | 74,90% Memory free 7,82 Gb Paging File | 7,04 Gb Available in Paging File | 89,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 555,07 Gb Total Space | 490,20 Gb Free Space | 88,31% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 19,98 Gb Free Space | 49,94% Space Free | Partition Type: NTFS Computer Name: FILIB-PC | User Name: Filib | Logged in as Administrator. Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.07.04 00:03:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe PRC - [2012.06.27 09:25:04 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe ========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012.03.26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv) SRV:64bit: - [2012.03.26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2011.05.02 23:27:50 | 001,517,328 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV:64bit: - [2011.05.02 23:13:54 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV:64bit: - [2011.05.02 23:10:26 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV:64bit: - [2010.12.17 16:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Stopped] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg) SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2007.06.11 10:15:08 | 000,876,976 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysNative\lxdicoms.exe -- (lxdi_device) SRV:64bit: - [2007.06.11 10:15:00 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) SRV - [2012.06.27 09:25:06 | 001,326,176 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent) SRV - [2012.06.17 17:52:01 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.02.15 14:30:18 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.01.03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010.12.24 09:26:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService) SRV - [2010.12.06 13:52:40 | 000,062,464 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi) SRV - [2010.11.06 08:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R) SRV - [2010.10.07 02:46:42 | 000,159,752 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.19 00:40:48 | 000,104,968 | R--- | M] () [Auto | Stopped] -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007.06.11 10:15:00 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe -- (lxdiCATSCustConnectService) SRV - [2007.06.11 10:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxdicoms.exe -- (lxdi_device) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.05.02 15:24:12 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.04.27 10:20:04 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.04.25 00:32:27 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.03.20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.12.16 16:20:10 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI) DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011.05.26 09:24:16 | 001,590,912 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2011.05.01 23:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2011.04.15 01:16:08 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.03.06 21:52:22 | 012,264,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.02.10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2011.02.10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.12.24 09:26:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.11.08 15:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64) DRV:64bit: - [2010.11.08 15:52:14 | 000,068,608 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64) DRV:64bit: - [2010.11.06 08:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.09.23 22:03:06 | 000,129,008 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd) DRV:64bit: - [2010.08.24 18:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.02.06 16:49:24 | 000,690,208 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2009.10.23 17:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 22:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.09.11 23:11:46 | 000,014,344 | R--- | M] (PEGATRON) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{24DBECDD-86CD-44BC-91D2-C4153D7B69BB}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNF_enDE393 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.orf.at" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:52:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:52:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.20 15:25:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filib\AppData\Roaming\mozilla\Extensions [2012.05.04 13:24:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Filib\AppData\Roaming\mozilla\Firefox\Profiles\z1ehmlkz.default\extensions [2012.02.21 16:26:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Filib\AppData\Roaming\mozilla\Firefox\Profiles\z1ehmlkz.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012.04.26 10:43:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.06.17 17:52:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.02.05 16:20:35 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.02.05 16:20:35 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.05 16:20:35 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.05 16:20:35 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.05 16:20:35 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.05 16:20:35 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Filib\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\fspuip.exe (Sentelic Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [lxdiamon] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdiamon.exe () O4:64bit: - HKLM..\Run: [lxdimon.exe] C:\Program Files (x86)\Lexmark 3500-4500 Series\lxdimon.exe () O4:64bit: - HKLM..\Run: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink) O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.) O4 - HKCU..\Run: [Update] C:\Users\Filib\AppData\Roaming\0_0u_l.exe (Koolance) O4:64bit: - HKLM..\RunOnce: [GrpConv] C:\Windows\SysNative\grpconv.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [MedionReminder] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (CyberLink) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra Button: eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O9 - Extra 'Tools' menuitem : eBay.at - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/5221-29898-17534-1/4 File not found O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62FB12DB-D76C-41CF-B3FA-D6245DB6EA4A}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0202C20-E07A-4081-8DFF-E4B4ADCF5B00}: DhcpNameServer = 192.168.0.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\Shell - "" = AutoRun O33 - MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.07.04 13:17:38 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Local\Secunia PSI [2012.07.04 13:17:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia [2012.07.04 13:11:09 | 000,000,000 | ---D | C] -- C:\Windows\Sun [2012.07.04 11:56:32 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Avira [2012.07.04 11:51:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.07.04 11:51:00 | 000,132,832 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.07.04 11:51:00 | 000,098,848 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.07.04 11:51:00 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.07.04 11:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.07.04 11:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.07.04 00:03:12 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe [2012.07.03 23:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2012.07.03 23:25:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.07.03 22:41:47 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Malwarebytes [2012.07.03 22:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.07.03 22:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.07.03 22:41:38 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.07.03 22:41:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.07.03 22:29:17 | 000,160,256 | ---- | C] (Koolance) -- C:\Users\Filib\AppData\Roaming\0_0u_l.exe [2012.06.27 16:48:52 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games [2012.06.27 16:48:34 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ElastoMania111 [2012.06.27 16:48:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElastoMania111 [2012.06.27 16:48:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ElastoMania111 [2012.06.27 16:39:36 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Local\Microsoft Games [2012.06.15 22:02:01 | 000,000,000 | ---D | C] -- C:\Users\Filib\AppData\Local\Macromedia [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.07.04 13:17:10 | 000,001,114 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.07.04 11:59:03 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat [2012.07.04 11:58:59 | 3151,269,888 | -HS- | M] () -- C:\hiberfil.sys [2012.07.04 11:51:20 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 11:51:20 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.07.04 11:51:13 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.07.04 11:48:33 | 001,506,902 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.07.04 11:48:33 | 000,656,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.07.04 11:48:33 | 000,618,814 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.07.04 11:48:33 | 000,131,454 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.07.04 11:48:33 | 000,107,836 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.07.04 11:44:59 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.07.04 00:03:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Filib\Desktop\OTL.exe [2012.07.03 23:35:58 | 000,283,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.07.03 23:25:51 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.07.03 22:41:42 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.07.03 22:40:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.07.03 22:29:16 | 000,160,256 | ---- | M] (Koolance) -- C:\Users\Filib\AppData\Roaming\0_0u_l.exe [2012.06.30 13:40:48 | 000,002,678 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.07.04 13:17:10 | 000,001,114 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2012.07.04 13:17:10 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk [2012.07.04 11:51:13 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.07.03 23:25:51 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.07.03 22:41:42 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.05.29 22:21:16 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\lxdicomx.dll [2012.05.29 22:21:16 | 000,294,912 | ---- | C] () -- C:\Windows\SysWow64\lxdiinst.dll [2012.05.29 22:21:15 | 001,187,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiserv.dll [2012.05.29 22:21:15 | 000,942,080 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiusb1.dll [2012.05.29 22:21:15 | 000,614,400 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipmui.dll [2012.05.29 22:21:15 | 000,532,480 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdilmpm.dll [2012.05.29 22:21:15 | 000,356,352 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiinpa.dll [2012.05.29 22:21:15 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiiesc.dll [2012.05.29 22:21:15 | 000,320,432 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiih.exe [2012.05.29 22:21:15 | 000,054,192 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdippls.exe [2012.05.29 22:21:15 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdiprox.dll [2012.05.29 22:21:15 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdipplc.dll [2012.05.29 22:21:14 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomc.dll [2012.05.29 22:21:14 | 000,671,744 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdihbn3.dll [2012.05.29 22:21:14 | 000,517,040 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicoms.exe [2012.05.29 22:21:14 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicomm.dll [2012.05.29 22:21:14 | 000,340,912 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdicfg.exe [2012.04.07 00:48:11 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2012.02.21 12:42:16 | 001,529,424 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.07.15 12:16:31 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.07.15 12:16:29 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.07.15 12:16:28 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== LOP Check ========== [2012.02.21 16:26:47 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\DVDVideoSoft [2012.02.21 16:26:25 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\DVDVideoSoftIEHelpers [2012.05.29 22:24:49 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\Lexmark Productivity Studio [2012.06.10 11:25:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\SoftGrid Client [2012.02.21 12:43:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\TP [2012.07.03 23:28:39 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\TS3Client [2012.02.20 17:06:26 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\ts3overlay [2012.02.27 12:19:58 | 000,000,000 | ---D | M] -- C:\Users\Filib\AppData\Roaming\Windows Live Writer [2012.06.26 13:19:21 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Leider wurde keine Extra Datei erstellt dieses mal so oft ich auch versucht habe. Hoffe ihr könnt die obrige verwenden, wenn nicht bitte um Hilfe wie ich diese Datei erstellen kann. Noch eine Frage, ist es wichtig, das sich die Extra Datei noch auf meinem Desktop befindeT? denn ich habe sie derzeit von dort weg verschoeben, da ich ja dachte das eine neue erstellt werden würde Danke und sorry für den erneuten Post! Liebe Grüße Geändert von Filib1990 (03.07.2012 um 23:55 Uhr) |
05.07.2012, 14:21 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Führ bitte auch ESET aus, danach sehen wir weiter.
__________________Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden. ESET Online Scanner Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
Code:
ATTFilter "%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt" Code:
ATTFilter "%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
__________________ |
05.07.2012, 16:28 | #3 | |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Hello, danke für die Antwort und hier der Log :
__________________Zitat:
|
05.07.2012, 16:30 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Hätte da mal zwei Fragen bevor es weiter geht 1.) Geht der normale Modus von Windows (wieder) uneingeschränkt? 2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________ Logfiles bitte immer in CODE-Tags posten |
05.07.2012, 20:53 | #5 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Hi Arne, danke für die super schnelle Antwort, leider musste ich arbeiten und somit kann ich erst jetzt antworten! Also im normalen Modus ist der Pc leider nicht zu starten. Die gleichen Symptome wie bisher. ich fahr hoch zuerst kommen alle Desktop icons + taskleiste dann vercshwinden sie wieder und nix is mehr da. Ob das Fenster noch kommen würde weiß ich von dem her nicht da ich ihn dann immre dirrekt abmelde über den ctrl alt entf. Ordner fallen mir keine leeren auf aber in diesem Falle kann ich nur von dem abgesicherten Modus reden! Lg Filib edit: ich habe die gefundenen Fehler von ESET nicht gelöscht oder so, passt das eh? Oder hätte ich das machen sollen`? |
05.07.2012, 21:08 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Naja in diesem Fall ist das schon ok das Löschen mit ESET Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter netsvcs msconfig safebootminimal safebootnetwork activex drivers32 %ALLUSERSPROFILE%\Application Data\*. %ALLUSERSPROFILE%\Application Data\*.exe /s %APPDATA%\*. %APPDATA%\*.exe /s %SYSTEMDRIVE%\*.exe /md5start wininit.exe userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\*. /mp /s %systemroot%\system32\*.dll /lockedfiles CREATERESTOREPOINT
__________________ --> Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc |
05.07.2012, 22:21 | #7 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc So habe die drei Dateien jetzt löschen lassen, falls du brauchst hier wäre der Log für ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f962c22c0cd5a84090156ff9ebc824b7 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-05 03:26:09 # local_time=2012-07-05 05:26:09 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 103436 103436 0 0 # compatibility_mode=5893 16776574 100 94 14415495 93128745 0 0 # compatibility_mode=8192 67108863 100 0 119 119 0 0 # scanned=121355 # found=3 # cleaned=0 # scan_time=3074 C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\61b1a4a-77f5253f probably a variant of Java/Exploit.CVE-2012-0507.CP trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\74424cd3-3ca7c74f probably a variant of Java/Exploit.CVE-2012-0507.CP trojan (unable to clean) 00000000000000000000000000000000 I C:\Users\Filib\AppData\Roaming\0_0u_l.exe a variant of Win32/Kryptik.AHVH trojan (unable to clean) 00000000000000000000000000000000 I ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f962c22c0cd5a84090156ff9ebc824b7 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-07-05 09:06:44 # local_time=2012-07-05 11:06:44 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 123805 123805 0 0 # compatibility_mode=5893 16776574 100 94 14435864 93149114 0 0 # compatibility_mode=8192 67108863 100 0 20488 20488 0 0 # scanned=121459 # found=3 # cleaned=3 # scan_time=3140 C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\61b1a4a-77f5253f probably a variant of Java/Exploit.CVE-2012-0507.CP trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\74424cd3-3ca7c74f probably a variant of Java/Exploit.CVE-2012-0507.CP trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\Filib\AppData\Roaming\0_0u_l.exe a variant of Win32/Kryptik.AHVH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C Code:
ATTFilter 23:18 05.07.2012OTL Logfile: edit: Der normale nutzer scheint nun nach der Bereinigung durch ESET wieder zu funktionieren, jedoch ist er noch ziemlich langsam :P Geändert von Filib1990 (05.07.2012 um 22:34 Uhr) |
06.07.2012, 09:38 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL FF - user.js - File not found O3 - HKU\S-1-5-21-4056338413-1803659449-3003814670-1001\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\Shell - "" = AutoRun :Files C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache C:\Users\Filib\AppData\Roaming\0_0u_l.exe :Commands [purity] [emptytemp] [emptyflash] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt. Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________ Logfiles bitte immer in CODE-Tags posten |
06.07.2012, 12:59 | #9 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Danke, hier ist der entstandene Log: Code:
ATTFilter All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-4056338413-1803659449-3003814670-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2dc448b9-6ac7-11e1-9ec3-3860773623dd}\ not found. ========== FILES ========== C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully. C:\Users\Filib\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully. File\Folder C:\Users\Filib\AppData\Roaming\0_0u_l.exe not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56468 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Filib ->Temp folder emptied: 428101746 bytes ->Temporary Internet Files folder emptied: 12902684 bytes ->FireFox cache emptied: 441861470 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 59845 bytes User: Public User: UpdatusUser ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56468 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 56713588 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes RecycleBin emptied: 19865296 bytes Total Files Cleaned = 915,00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Filib ->Flash cache emptied: 0 bytes User: Public User: UpdatusUser ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.53.1 log created on 07062012_134519 Files\Folders moved on Reboot... C:\Users\Filib\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... File C:\Users\Filib\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! Registry entries deleted on Reboot... |
06.07.2012, 14:10 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen! 2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ Logfiles bitte immer in CODE-Tags posten |
07.07.2012, 08:48 | #11 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Ich habe das jetzt hochgeladen, sehe allerdings keine bestätigung hier in diesem Thread, hoffe du hast alles bekommen was du brauchst! |
09.07.2012, 10:08 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Die Datei ist zwar da, aber viel zu klein. Wie groß ist deine ZIP? Hast du wirklich alles also den kompletten Ordner MovedFiles inkl. alle Unterverzeichnisse und darin enthaltene Dateien mit in die ZIP packen lassen? Virenscanner vor dem zippen auch deaktiviert?
__________________ Logfiles bitte immer in CODE-Tags posten |
09.07.2012, 19:22 | #13 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Die Zip ist 9Kb groß bei mir, aber der gesamte moved files ordner bei mir ist nur 35,6 groß. also weiß nicht ob das nicht eh normal ist so? Es steht wenn ich auf movedfiles ordner eigentschaften gehe größe 36.5 kb; größe auf datenträger 75kb. ich bin einfach auf movedfiles mit der rechten maustaste, dann 7zip, dann zu einem archiv hinzufügen, und das hab ich dann hochgeladen, passt das so ? Lg |
10.07.2012, 10:32 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Dann vergessen wir das mal mit der zip datei Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
__________________ Logfiles bitte immer in CODE-Tags posten |
10.07.2012, 11:34 | #15 |
| Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc Hi, habe den Suchlauf durchgeführt, es wurde ein OBjekt names Watchmi gefunden. Ich habe es so wie empfohlen jetzt nicht gelöscht! Ist das richtig so oder sollte ich es lieber noch löschen? Hier der Log Code:
ATTFilter 12:29:27.0401 5984 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 12:29:27.0530 5984 ============================================================ 12:29:27.0530 5984 Current date / time: 2012/07/10 12:29:27.0530 12:29:27.0530 5984 SystemInfo: 12:29:27.0530 5984 12:29:27.0530 5984 OS Version: 6.1.7601 ServicePack: 1.0 12:29:27.0530 5984 Product type: Workstation 12:29:27.0530 5984 ComputerName: FILIB-PC 12:29:27.0530 5984 UserName: Filib 12:29:27.0531 5984 Windows directory: C:\Windows 12:29:27.0531 5984 System windows directory: C:\Windows 12:29:27.0531 5984 Running under WOW64 12:29:27.0531 5984 Processor architecture: Intel x64 12:29:27.0531 5984 Number of processors: 4 12:29:27.0531 5984 Page size: 0x1000 12:29:27.0531 5984 Boot type: Normal boot 12:29:27.0531 5984 ============================================================ 12:29:28.0033 5984 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 12:29:28.0038 5984 ============================================================ 12:29:28.0038 5984 \Device\Harddisk0\DR0: 12:29:28.0039 5984 MBR partitions: 12:29:28.0039 5984 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 12:29:28.0039 5984 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x45625000 12:29:28.0039 5984 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x45657800, BlocksNum 0x5000000 12:29:28.0039 5984 ============================================================ 12:29:28.0071 5984 C: <-> \Device\Harddisk0\DR0\Partition1 12:29:28.0120 5984 D: <-> \Device\Harddisk0\DR0\Partition2 12:29:28.0120 5984 ============================================================ 12:29:28.0120 5984 Initialize success 12:29:28.0120 5984 ============================================================ 12:29:53.0345 0468 ============================================================ 12:29:53.0345 0468 Scan started 12:29:53.0345 0468 Mode: Manual; 12:29:53.0345 0468 ============================================================ 12:29:53.0856 0468 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 12:29:53.0859 0468 1394ohci - ok 12:29:53.0940 0468 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 12:29:53.0943 0468 ACPI - ok 12:29:54.0004 0468 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 12:29:54.0005 0468 AcpiPmi - ok 12:29:54.0149 0468 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 12:29:54.0150 0468 AdobeARMservice - ok 12:29:54.0282 0468 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 12:29:54.0283 0468 AdobeFlashPlayerUpdateSvc - ok 12:29:54.0336 0468 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 12:29:54.0341 0468 adp94xx - ok 12:29:54.0391 0468 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 12:29:54.0396 0468 adpahci - ok 12:29:54.0448 0468 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 12:29:54.0450 0468 adpu320 - ok 12:29:54.0473 0468 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 12:29:54.0474 0468 AeLookupSvc - ok 12:29:54.0526 0468 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 12:29:54.0529 0468 AFD - ok 12:29:54.0557 0468 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 12:29:54.0559 0468 agp440 - ok 12:29:54.0598 0468 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 12:29:54.0600 0468 ALG - ok 12:29:54.0637 0468 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 12:29:54.0638 0468 aliide - ok 12:29:54.0657 0468 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 12:29:54.0658 0468 amdide - ok 12:29:54.0696 0468 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 12:29:54.0697 0468 AmdK8 - ok 12:29:54.0713 0468 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 12:29:54.0714 0468 AmdPPM - ok 12:29:54.0739 0468 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 12:29:54.0741 0468 amdsata - ok 12:29:54.0769 0468 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 12:29:54.0772 0468 amdsbs - ok 12:29:54.0789 0468 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 12:29:54.0790 0468 amdxata - ok 12:29:54.0823 0468 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS 12:29:54.0824 0468 AmUStor - ok 12:29:54.0943 0468 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 12:29:54.0944 0468 AntiVirSchedulerService - ok 12:29:54.0974 0468 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 12:29:54.0975 0468 AntiVirService - ok 12:29:55.0020 0468 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 12:29:55.0021 0468 AppID - ok 12:29:55.0051 0468 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 12:29:55.0052 0468 AppIDSvc - ok 12:29:55.0077 0468 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 12:29:55.0078 0468 Appinfo - ok 12:29:55.0118 0468 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 12:29:55.0120 0468 arc - ok 12:29:55.0149 0468 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 12:29:55.0151 0468 arcsas - ok 12:29:55.0216 0468 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 12:29:55.0217 0468 ASLDRService - ok 12:29:55.0247 0468 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 12:29:55.0248 0468 AsyncMac - ok 12:29:55.0285 0468 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 12:29:55.0286 0468 atapi - ok 12:29:55.0347 0468 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 12:29:55.0352 0468 AudioEndpointBuilder - ok 12:29:55.0358 0468 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 12:29:55.0362 0468 AudioSrv - ok 12:29:55.0401 0468 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 12:29:55.0403 0468 avgntflt - ok 12:29:55.0445 0468 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 12:29:55.0447 0468 avipbb - ok 12:29:55.0476 0468 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 12:29:55.0477 0468 avkmgr - ok 12:29:55.0510 0468 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 12:29:55.0512 0468 AxInstSV - ok 12:29:55.0566 0468 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 12:29:55.0570 0468 b06bdrv - ok 12:29:55.0609 0468 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 12:29:55.0613 0468 b57nd60a - ok 12:29:55.0655 0468 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 12:29:55.0656 0468 BDESVC - ok 12:29:55.0683 0468 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 12:29:55.0684 0468 Beep - ok 12:29:55.0750 0468 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 12:29:55.0756 0468 BFE - ok 12:29:55.0816 0468 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 12:29:55.0824 0468 BITS - ok 12:29:55.0869 0468 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 12:29:55.0871 0468 blbdrive - ok 12:29:55.0906 0468 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 12:29:55.0907 0468 bowser - ok 12:29:55.0934 0468 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 12:29:55.0935 0468 BrFiltLo - ok 12:29:55.0955 0468 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 12:29:55.0955 0468 BrFiltUp - ok 12:29:55.0989 0468 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 12:29:55.0990 0468 Browser - ok 12:29:56.0030 0468 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 12:29:56.0033 0468 Brserid - ok 12:29:56.0063 0468 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 12:29:56.0064 0468 BrSerWdm - ok 12:29:56.0108 0468 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 12:29:56.0109 0468 BrUsbMdm - ok 12:29:56.0127 0468 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 12:29:56.0127 0468 BrUsbSer - ok 12:29:56.0176 0468 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 12:29:56.0177 0468 BthEnum - ok 12:29:56.0216 0468 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 12:29:56.0217 0468 BTHMODEM - ok 12:29:56.0262 0468 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 12:29:56.0264 0468 BthPan - ok 12:29:56.0320 0468 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 12:29:56.0326 0468 BTHPORT - ok 12:29:56.0362 0468 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 12:29:56.0364 0468 bthserv - ok 12:29:56.0403 0468 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 12:29:56.0404 0468 BTHUSB - ok 12:29:56.0434 0468 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 12:29:56.0436 0468 cdfs - ok 12:29:56.0476 0468 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 12:29:56.0478 0468 cdrom - ok 12:29:56.0507 0468 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 12:29:56.0508 0468 CertPropSvc - ok 12:29:56.0575 0468 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 12:29:56.0576 0468 circlass - ok 12:29:56.0620 0468 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 12:29:56.0623 0468 CLFS - ok 12:29:56.0717 0468 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:29:56.0719 0468 clr_optimization_v2.0.50727_32 - ok 12:29:56.0783 0468 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 12:29:56.0785 0468 clr_optimization_v2.0.50727_64 - ok 12:29:56.0843 0468 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:29:56.0844 0468 clr_optimization_v4.0.30319_32 - ok 12:29:56.0876 0468 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 12:29:56.0877 0468 clr_optimization_v4.0.30319_64 - ok 12:29:56.0922 0468 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 12:29:56.0923 0468 clwvd - ok 12:29:56.0948 0468 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 12:29:56.0949 0468 CmBatt - ok 12:29:56.0978 0468 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 12:29:56.0978 0468 cmdide - ok 12:29:57.0018 0468 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 12:29:57.0023 0468 CNG - ok 12:29:57.0129 0468 CnxtHdAudService (e0b53d1fef69106b76c06a0d783916e8) C:\Windows\system32\drivers\CHDRT64.sys 12:29:57.0144 0468 CnxtHdAudService - ok 12:29:57.0288 0468 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 12:29:57.0288 0468 Compbatt - ok 12:29:57.0321 0468 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 12:29:57.0322 0468 CompositeBus - ok 12:29:57.0337 0468 COMSysApp - ok 12:29:57.0369 0468 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 12:29:57.0370 0468 crcdisk - ok 12:29:57.0404 0468 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 12:29:57.0405 0468 CryptSvc - ok 12:29:57.0539 0468 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 12:29:57.0543 0468 cvhsvc - ok 12:29:57.0583 0468 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe 12:29:57.0585 0468 CxAudMsg - ok 12:29:57.0641 0468 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 12:29:57.0646 0468 DcomLaunch - ok 12:29:57.0692 0468 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 12:29:57.0695 0468 defragsvc - ok 12:29:57.0754 0468 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 12:29:57.0756 0468 DfsC - ok 12:29:57.0806 0468 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 12:29:57.0810 0468 Dhcp - ok 12:29:57.0824 0468 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 12:29:57.0824 0468 discache - ok 12:29:57.0861 0468 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 12:29:57.0863 0468 Disk - ok 12:29:57.0903 0468 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 12:29:57.0905 0468 Dnscache - ok 12:29:57.0945 0468 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 12:29:57.0948 0468 dot3svc - ok 12:29:57.0962 0468 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 12:29:57.0964 0468 DPS - ok 12:29:57.0999 0468 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 12:29:58.0000 0468 drmkaud - ok 12:29:58.0081 0468 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 12:29:58.0091 0468 DXGKrnl - ok 12:29:58.0125 0468 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 12:29:58.0126 0468 EapHost - ok 12:29:58.0289 0468 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 12:29:58.0350 0468 ebdrv - ok 12:29:58.0450 0468 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 12:29:58.0451 0468 EFS - ok 12:29:58.0530 0468 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 12:29:58.0537 0468 ehRecvr - ok 12:29:58.0568 0468 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 12:29:58.0569 0468 ehSched - ok 12:29:58.0637 0468 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 12:29:58.0642 0468 elxstor - ok 12:29:58.0671 0468 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 12:29:58.0672 0468 ErrDev - ok 12:29:58.0724 0468 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 12:29:58.0727 0468 EventSystem - ok 12:29:58.0866 0468 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 12:29:58.0881 0468 EvtEng - ok 12:29:59.0007 0468 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 12:29:59.0009 0468 exfat - ok 12:29:59.0030 0468 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 12:29:59.0033 0468 fastfat - ok 12:29:59.0095 0468 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 12:29:59.0102 0468 Fax - ok 12:29:59.0161 0468 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 12:29:59.0162 0468 fdc - ok 12:29:59.0179 0468 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 12:29:59.0180 0468 fdPHost - ok 12:29:59.0191 0468 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 12:29:59.0192 0468 FDResPub - ok 12:29:59.0217 0468 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 12:29:59.0219 0468 FileInfo - ok 12:29:59.0235 0468 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 12:29:59.0236 0468 Filetrace - ok 12:29:59.0274 0468 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 12:29:59.0275 0468 flpydisk - ok 12:29:59.0317 0468 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 12:29:59.0321 0468 FltMgr - ok 12:29:59.0402 0468 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 12:29:59.0412 0468 FontCache - ok 12:29:59.0479 0468 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 12:29:59.0479 0468 FontCache3.0.0.0 - ok 12:29:59.0524 0468 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 12:29:59.0525 0468 FsDepends - ok 12:29:59.0558 0468 fspad_wlh64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\DRIVERS\fspad_wlh64.sys 12:29:59.0559 0468 fspad_wlh64 - ok 12:29:59.0588 0468 fspad_xp64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\drivers\fspad_xp64.sys 12:29:59.0589 0468 fspad_xp64 - ok 12:29:59.0612 0468 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 12:29:59.0613 0468 Fs_Rec - ok 12:29:59.0653 0468 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 12:29:59.0655 0468 fvevol - ok 12:29:59.0681 0468 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 12:29:59.0682 0468 gagp30kx - ok 12:29:59.0753 0468 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 12:29:59.0754 0468 GFNEXSrv - ok 12:29:59.0824 0468 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 12:29:59.0831 0468 gpsvc - ok 12:29:59.0891 0468 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:29:59.0892 0468 gupdate - ok 12:29:59.0898 0468 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:29:59.0899 0468 gupdatem - ok 12:29:59.0920 0468 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 12:29:59.0921 0468 hcw85cir - ok 12:29:59.0995 0468 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 12:29:59.0999 0468 HdAudAddService - ok 12:30:00.0031 0468 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 12:30:00.0032 0468 HDAudBus - ok 12:30:00.0065 0468 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 12:30:00.0066 0468 HidBatt - ok 12:30:00.0088 0468 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 12:30:00.0089 0468 HidBth - ok 12:30:00.0111 0468 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 12:30:00.0112 0468 HidIr - ok 12:30:00.0142 0468 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 12:30:00.0143 0468 hidserv - ok 12:30:00.0178 0468 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 12:30:00.0179 0468 HidUsb - ok 12:30:00.0200 0468 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 12:30:00.0201 0468 hkmsvc - ok 12:30:00.0224 0468 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 12:30:00.0226 0468 HomeGroupListener - ok 12:30:00.0257 0468 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 12:30:00.0259 0468 HomeGroupProvider - ok 12:30:00.0275 0468 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 12:30:00.0276 0468 HpSAMD - ok 12:30:00.0339 0468 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 12:30:00.0345 0468 HTTP - ok 12:30:00.0361 0468 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 12:30:00.0361 0468 hwpolicy - ok 12:30:00.0413 0468 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 12:30:00.0414 0468 i8042prt - ok 12:30:00.0472 0468 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 12:30:00.0474 0468 iaStor - ok 12:30:00.0565 0468 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 12:30:00.0566 0468 IAStorDataMgrSvc - ok 12:30:00.0616 0468 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 12:30:00.0620 0468 iaStorV - ok 12:30:00.0738 0468 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 12:30:00.0746 0468 idsvc - ok 12:30:01.0418 0468 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys 12:30:01.0620 0468 igfx - ok 12:30:01.0755 0468 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 12:30:01.0756 0468 iirsp - ok 12:30:01.0827 0468 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 12:30:01.0836 0468 IKEEXT - ok 12:30:01.0880 0468 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 12:30:01.0884 0468 IntcDAud - ok 12:30:01.0906 0468 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 12:30:01.0907 0468 intelide - ok 12:30:01.0934 0468 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 12:30:01.0934 0468 intelppm - ok 12:30:01.0967 0468 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 12:30:01.0969 0468 IPBusEnum - ok 12:30:01.0990 0468 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 12:30:01.0992 0468 IpFilterDriver - ok 12:30:02.0040 0468 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 12:30:02.0046 0468 iphlpsvc - ok 12:30:02.0070 0468 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 12:30:02.0071 0468 IPMIDRV - ok 12:30:02.0092 0468 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 12:30:02.0094 0468 IPNAT - ok 12:30:02.0119 0468 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 12:30:02.0120 0468 IRENUM - ok 12:30:02.0136 0468 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 12:30:02.0137 0468 isapnp - ok 12:30:02.0168 0468 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 12:30:02.0171 0468 iScsiPrt - ok 12:30:02.0213 0468 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 12:30:02.0214 0468 kbdclass - ok 12:30:02.0247 0468 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 12:30:02.0247 0468 kbdhid - ok 12:30:02.0272 0468 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:30:02.0273 0468 KeyIso - ok 12:30:02.0290 0468 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 12:30:02.0292 0468 KSecDD - ok 12:30:02.0306 0468 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 12:30:02.0308 0468 KSecPkg - ok 12:30:02.0335 0468 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 12:30:02.0336 0468 ksthunk - ok 12:30:02.0373 0468 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 12:30:02.0378 0468 KtmRm - ok 12:30:02.0414 0468 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys 12:30:02.0416 0468 L1C - ok 12:30:02.0468 0468 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 12:30:02.0471 0468 LanmanServer - ok 12:30:02.0500 0468 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 12:30:02.0502 0468 LanmanWorkstation - ok 12:30:02.0530 0468 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 12:30:02.0531 0468 lltdio - ok 12:30:02.0572 0468 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 12:30:02.0576 0468 lltdsvc - ok 12:30:02.0590 0468 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 12:30:02.0591 0468 lmhosts - ok 12:30:02.0631 0468 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 12:30:02.0633 0468 LSI_FC - ok 12:30:02.0659 0468 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 12:30:02.0660 0468 LSI_SAS - ok 12:30:02.0693 0468 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 12:30:02.0694 0468 LSI_SAS2 - ok 12:30:02.0716 0468 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 12:30:02.0718 0468 LSI_SCSI - ok 12:30:02.0744 0468 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 12:30:02.0746 0468 luafv - ok 12:30:02.0832 0468 lxdiCATSCustConnectService (baa003617d899996cf282a3d92aee29b) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe 12:30:02.0834 0468 lxdiCATSCustConnectService - ok 12:30:02.0850 0468 lxdi_device - ok 12:30:02.0912 0468 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 12:30:02.0912 0468 MBAMProtector - ok 12:30:03.0007 0468 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 12:30:03.0011 0468 MBAMService - ok 12:30:03.0034 0468 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 12:30:03.0036 0468 Mcx2Svc - ok 12:30:03.0057 0468 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 12:30:03.0058 0468 megasas - ok 12:30:03.0100 0468 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 12:30:03.0103 0468 MegaSR - ok 12:30:03.0143 0468 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 12:30:03.0144 0468 MMCSS - ok 12:30:03.0167 0468 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 12:30:03.0168 0468 Modem - ok 12:30:03.0197 0468 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 12:30:03.0197 0468 monitor - ok 12:30:03.0238 0468 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 12:30:03.0239 0468 mouclass - ok 12:30:03.0263 0468 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 12:30:03.0263 0468 mouhid - ok 12:30:03.0292 0468 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 12:30:03.0293 0468 mountmgr - ok 12:30:03.0383 0468 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 12:30:03.0384 0468 MozillaMaintenance - ok 12:30:03.0431 0468 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 12:30:03.0434 0468 MpFilter - ok 12:30:03.0469 0468 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 12:30:03.0471 0468 mpio - ok 12:30:03.0494 0468 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 12:30:03.0495 0468 mpsdrv - ok 12:30:03.0564 0468 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 12:30:03.0572 0468 MpsSvc - ok 12:30:03.0590 0468 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 12:30:03.0592 0468 MRxDAV - ok 12:30:03.0630 0468 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 12:30:03.0633 0468 mrxsmb - ok 12:30:03.0672 0468 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 12:30:03.0675 0468 mrxsmb10 - ok 12:30:03.0702 0468 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 12:30:03.0704 0468 mrxsmb20 - ok 12:30:03.0734 0468 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 12:30:03.0735 0468 msahci - ok 12:30:03.0766 0468 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 12:30:03.0768 0468 msdsm - ok 12:30:03.0793 0468 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 12:30:03.0796 0468 MSDTC - ok 12:30:03.0819 0468 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 12:30:03.0820 0468 Msfs - ok 12:30:03.0835 0468 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 12:30:03.0836 0468 mshidkmdf - ok 12:30:03.0854 0468 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 12:30:03.0855 0468 msisadrv - ok 12:30:03.0895 0468 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 12:30:03.0897 0468 MSiSCSI - ok 12:30:03.0900 0468 msiserver - ok 12:30:03.0933 0468 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 12:30:03.0934 0468 MSKSSRV - ok 12:30:03.0975 0468 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 12:30:03.0976 0468 MsMpSvc - ok 12:30:03.0999 0468 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 12:30:04.0000 0468 MSPCLOCK - ok 12:30:04.0008 0468 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 12:30:04.0008 0468 MSPQM - ok 12:30:04.0044 0468 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 12:30:04.0048 0468 MsRPC - ok 12:30:04.0079 0468 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 12:30:04.0079 0468 mssmbios - ok 12:30:04.0102 0468 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 12:30:04.0103 0468 MSTEE - ok 12:30:04.0126 0468 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 12:30:04.0127 0468 MTConfig - ok 12:30:04.0143 0468 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 12:30:04.0144 0468 Mup - ok 12:30:04.0224 0468 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 12:30:04.0228 0468 MyWiFiDHCPDNS - ok 12:30:04.0279 0468 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 12:30:04.0283 0468 napagent - ok 12:30:04.0328 0468 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 12:30:04.0331 0468 NativeWifiP - ok 12:30:04.0386 0468 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 12:30:04.0396 0468 NDIS - ok 12:30:04.0423 0468 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 12:30:04.0424 0468 NdisCap - ok 12:30:04.0454 0468 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 12:30:04.0455 0468 NdisTapi - ok 12:30:04.0472 0468 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 12:30:04.0474 0468 Ndisuio - ok 12:30:04.0490 0468 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 12:30:04.0492 0468 NdisWan - ok 12:30:04.0510 0468 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 12:30:04.0511 0468 NDProxy - ok 12:30:04.0534 0468 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 12:30:04.0536 0468 NetBIOS - ok 12:30:04.0562 0468 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 12:30:04.0563 0468 NetBT - ok 12:30:04.0583 0468 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:30:04.0584 0468 Netlogon - ok 12:30:04.0642 0468 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 12:30:04.0645 0468 Netman - ok 12:30:04.0682 0468 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 12:30:04.0689 0468 netprofm - ok 12:30:04.0776 0468 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:30:04.0776 0468 NetTcpPortSharing - ok 12:30:05.0244 0468 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 12:30:05.0420 0468 NETwNs64 - ok 12:30:05.0535 0468 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 12:30:05.0537 0468 nfrd960 - ok 12:30:05.0593 0468 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 12:30:05.0595 0468 NisDrv - ok 12:30:05.0675 0468 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 12:30:05.0678 0468 NisSrv - ok 12:30:05.0728 0468 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 12:30:05.0731 0468 NlaSvc - ok 12:30:05.0755 0468 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 12:30:05.0756 0468 Npfs - ok 12:30:05.0786 0468 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 12:30:05.0787 0468 nsi - ok 12:30:05.0802 0468 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 12:30:05.0803 0468 nsiproxy - ok 12:30:05.0914 0468 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 12:30:05.0930 0468 Ntfs - ok 12:30:06.0045 0468 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 12:30:06.0046 0468 Null - ok 12:30:06.0084 0468 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 12:30:06.0086 0468 nusb3hub - ok 12:30:06.0115 0468 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 12:30:06.0118 0468 nusb3xhc - ok 12:30:06.0790 0468 nvlddmkm (5b87b16d2781982e32bab6d359034c37) C:\Windows\system32\DRIVERS\nvlddmkm.sys 12:30:06.0994 0468 nvlddmkm - ok 12:30:07.0158 0468 nvpciflt (0fb06978e39d3b2bb02d616b71a718dc) C:\Windows\system32\DRIVERS\nvpciflt.sys 12:30:07.0159 0468 nvpciflt - ok 12:30:07.0207 0468 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 12:30:07.0209 0468 nvraid - ok 12:30:07.0226 0468 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 12:30:07.0229 0468 nvstor - ok 12:30:07.0303 0468 NVSvc (e0978d69d66403beb006bed61b27b883) C:\Windows\system32\nvvsvc.exe 12:30:07.0313 0468 NVSvc - ok 12:30:07.0467 0468 nvUpdatusService (dc49ec481397457aea7d094383c0e1b6) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 12:30:07.0482 0468 nvUpdatusService - ok 12:30:07.0609 0468 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 12:30:07.0611 0468 nv_agp - ok 12:30:07.0642 0468 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 12:30:07.0643 0468 ohci1394 - ok 12:30:07.0726 0468 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:30:07.0728 0468 ose - ok 12:30:08.0030 0468 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 12:30:08.0115 0468 osppsvc - ok 12:30:08.0231 0468 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 12:30:08.0235 0468 p2pimsvc - ok 12:30:08.0286 0468 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 12:30:08.0291 0468 p2psvc - ok 12:30:08.0339 0468 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 12:30:08.0340 0468 Parport - ok 12:30:08.0357 0468 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 12:30:08.0358 0468 partmgr - ok 12:30:08.0390 0468 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 12:30:08.0392 0468 PcaSvc - ok 12:30:08.0422 0468 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 12:30:08.0424 0468 pci - ok 12:30:08.0451 0468 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 12:30:08.0452 0468 pciide - ok 12:30:08.0483 0468 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 12:30:08.0485 0468 pcmcia - ok 12:30:08.0523 0468 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 12:30:08.0525 0468 pcw - ok 12:30:08.0563 0468 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 12:30:08.0569 0468 PEAUTH - ok 12:30:08.0636 0468 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys 12:30:08.0637 0468 PEGAGFN - ok 12:30:08.0715 0468 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 12:30:08.0717 0468 PerfHost - ok 12:30:08.0853 0468 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 12:30:08.0867 0468 pla - ok 12:30:08.0925 0468 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 12:30:08.0930 0468 PlugPlay - ok 12:30:08.0952 0468 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 12:30:08.0954 0468 PNRPAutoReg - ok 12:30:08.0975 0468 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 12:30:08.0978 0468 PNRPsvc - ok 12:30:09.0015 0468 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 12:30:09.0020 0468 PolicyAgent - ok 12:30:09.0052 0468 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 12:30:09.0055 0468 Power - ok 12:30:09.0099 0468 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 12:30:09.0101 0468 PptpMiniport - ok 12:30:09.0138 0468 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 12:30:09.0139 0468 Processor - ok 12:30:09.0176 0468 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 12:30:09.0178 0468 ProfSvc - ok 12:30:09.0195 0468 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:30:09.0197 0468 ProtectedStorage - ok 12:30:09.0234 0468 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 12:30:09.0235 0468 Psched - ok 12:30:09.0251 0468 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 12:30:09.0252 0468 PSI - ok 12:30:09.0356 0468 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 12:30:09.0371 0468 ql2300 - ok 12:30:09.0484 0468 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 12:30:09.0485 0468 ql40xx - ok 12:30:09.0518 0468 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 12:30:09.0522 0468 QWAVE - ok 12:30:09.0554 0468 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 12:30:09.0555 0468 QWAVEdrv - ok 12:30:09.0571 0468 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 12:30:09.0571 0468 RasAcd - ok 12:30:09.0584 0468 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 12:30:09.0585 0468 RasAgileVpn - ok 12:30:09.0608 0468 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 12:30:09.0610 0468 RasAuto - ok 12:30:09.0626 0468 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 12:30:09.0628 0468 Rasl2tp - ok 12:30:09.0654 0468 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 12:30:09.0659 0468 RasMan - ok 12:30:09.0683 0468 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 12:30:09.0685 0468 RasPppoe - ok 12:30:09.0695 0468 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 12:30:09.0697 0468 RasSstp - ok 12:30:09.0729 0468 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 12:30:09.0733 0468 rdbss - ok 12:30:09.0752 0468 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 12:30:09.0753 0468 rdpbus - ok 12:30:09.0777 0468 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 12:30:09.0778 0468 RDPCDD - ok 12:30:09.0790 0468 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 12:30:09.0791 0468 RDPENCDD - ok 12:30:09.0810 0468 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 12:30:09.0811 0468 RDPREFMP - ok 12:30:09.0831 0468 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 12:30:09.0832 0468 RDPWD - ok 12:30:09.0880 0468 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 12:30:09.0883 0468 rdyboost - ok 12:30:10.0003 0468 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 12:30:10.0010 0468 RegSrvc - ok 12:30:10.0033 0468 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 12:30:10.0035 0468 RemoteAccess - ok 12:30:10.0069 0468 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 12:30:10.0072 0468 RemoteRegistry - ok 12:30:10.0128 0468 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 12:30:10.0131 0468 RFCOMM - ok 12:30:10.0164 0468 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 12:30:10.0165 0468 RpcEptMapper - ok 12:30:10.0189 0468 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 12:30:10.0191 0468 RpcLocator - ok 12:30:10.0230 0468 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 12:30:10.0233 0468 RpcSs - ok 12:30:10.0276 0468 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 12:30:10.0277 0468 rspndr - ok 12:30:10.0306 0468 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 12:30:10.0309 0468 RTL8167 - ok 12:30:10.0381 0468 RTL8192su (4629c5c4772d223b0ecd1ea8ba7a2a33) C:\Windows\system32\DRIVERS\RTL8192su.sys 12:30:10.0384 0468 RTL8192su - ok 12:30:10.0407 0468 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:30:10.0408 0468 SamSs - ok 12:30:10.0428 0468 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 12:30:10.0430 0468 sbp2port - ok 12:30:10.0464 0468 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 12:30:10.0467 0468 SCardSvr - ok 12:30:10.0498 0468 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 12:30:10.0499 0468 scfilter - ok 12:30:10.0569 0468 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 12:30:10.0577 0468 Schedule - ok 12:30:10.0597 0468 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 12:30:10.0597 0468 SCPolicySvc - ok 12:30:10.0630 0468 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 12:30:10.0633 0468 SDRSVC - ok 12:30:10.0685 0468 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 12:30:10.0686 0468 secdrv - ok 12:30:10.0709 0468 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 12:30:10.0711 0468 seclogon - ok 12:30:10.0852 0468 Secunia PSI Agent (f70a51eb03ee7046784ef62efce9528e) C:\Program Files (x86)\Secunia\PSI\PSIA.exe 12:30:10.0864 0468 Secunia PSI Agent - ok 12:30:10.0924 0468 Secunia Update Agent (ad56ceb08eeb517332355fde9e5939c8) C:\Program Files (x86)\Secunia\PSI\sua.exe 12:30:10.0927 0468 Secunia Update Agent - ok 12:30:11.0024 0468 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 12:30:11.0026 0468 SENS - ok 12:30:11.0043 0468 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 12:30:11.0045 0468 SensrSvc - ok 12:30:11.0108 0468 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 12:30:11.0109 0468 Serenum - ok 12:30:11.0145 0468 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 12:30:11.0146 0468 Serial - ok 12:30:11.0170 0468 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 12:30:11.0172 0468 sermouse - ok 12:30:11.0223 0468 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 12:30:11.0225 0468 SessionEnv - ok 12:30:11.0263 0468 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 12:30:11.0265 0468 sffdisk - ok 12:30:11.0269 0468 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 12:30:11.0271 0468 sffp_mmc - ok 12:30:11.0275 0468 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 12:30:11.0276 0468 sffp_sd - ok 12:30:11.0332 0468 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 12:30:11.0333 0468 sfloppy - ok 12:30:11.0418 0468 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 12:30:11.0426 0468 Sftfs - ok 12:30:11.0513 0468 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 12:30:11.0518 0468 sftlist - ok 12:30:11.0542 0468 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 12:30:11.0545 0468 Sftplay - ok 12:30:11.0559 0468 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 12:30:11.0560 0468 Sftredir - ok 12:30:11.0579 0468 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 12:30:11.0580 0468 Sftvol - ok 12:30:11.0615 0468 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 12:30:11.0617 0468 sftvsa - ok 12:30:11.0661 0468 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 12:30:11.0666 0468 SharedAccess - ok 12:30:11.0700 0468 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 12:30:11.0703 0468 ShellHWDetection - ok 12:30:11.0729 0468 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 12:30:11.0730 0468 SiSRaid2 - ok 12:30:11.0752 0468 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 12:30:11.0754 0468 SiSRaid4 - ok 12:30:11.0799 0468 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe 12:30:11.0800 0468 SkypeUpdate - ok 12:30:11.0835 0468 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 12:30:11.0837 0468 Smb - ok 12:30:11.0879 0468 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 12:30:11.0881 0468 SNMPTRAP - ok 12:30:11.0903 0468 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 12:30:11.0904 0468 spldr - ok 12:30:11.0944 0468 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 12:30:11.0951 0468 Spooler - ok 12:30:12.0144 0468 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 12:30:12.0201 0468 sppsvc - ok 12:30:12.0317 0468 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 12:30:12.0319 0468 sppuinotify - ok 12:30:12.0384 0468 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 12:30:12.0389 0468 srv - ok 12:30:12.0421 0468 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 12:30:12.0426 0468 srv2 - ok 12:30:12.0450 0468 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 12:30:12.0452 0468 srvnet - ok 12:30:12.0492 0468 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 12:30:12.0495 0468 SSDPSRV - ok 12:30:12.0508 0468 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 12:30:12.0510 0468 SstpSvc - ok 12:30:12.0587 0468 Steam Client Service - ok 12:30:12.0612 0468 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 12:30:12.0613 0468 stexstor - ok 12:30:12.0674 0468 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 12:30:12.0681 0468 stisvc - ok 12:30:12.0704 0468 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 12:30:12.0705 0468 swenum - ok 12:30:12.0761 0468 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 12:30:12.0768 0468 swprv - ok 12:30:12.0851 0468 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 12:30:12.0867 0468 SysMain - ok 12:30:12.0970 0468 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 12:30:12.0973 0468 TabletInputService - ok 12:30:13.0006 0468 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 12:30:13.0011 0468 TapiSrv - ok 12:30:13.0025 0468 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 12:30:13.0028 0468 TBS - ok 12:30:13.0157 0468 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 12:30:13.0176 0468 Tcpip - ok 12:30:13.0409 0468 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 12:30:13.0417 0468 TCPIP6 - ok 12:30:13.0543 0468 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 12:30:13.0544 0468 tcpipreg - ok 12:30:13.0562 0468 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 12:30:13.0563 0468 TDPIPE - ok 12:30:13.0585 0468 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 12:30:13.0586 0468 TDTCP - ok 12:30:13.0617 0468 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 12:30:13.0619 0468 tdx - ok 12:30:13.0649 0468 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 12:30:13.0650 0468 TermDD - ok 12:30:13.0705 0468 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 12:30:13.0712 0468 TermService - ok 12:30:13.0721 0468 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 12:30:13.0722 0468 Themes - ok 12:30:13.0743 0468 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 12:30:13.0745 0468 THREADORDER - ok 12:30:13.0769 0468 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 12:30:13.0771 0468 TrkWks - ok 12:30:13.0820 0468 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 12:30:13.0823 0468 TrustedInstaller - ok 12:30:13.0842 0468 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 12:30:13.0843 0468 tssecsrv - ok 12:30:13.0878 0468 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 12:30:13.0879 0468 TsUsbFlt - ok 12:30:13.0909 0468 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 12:30:13.0910 0468 TsUsbGD - ok 12:30:13.0958 0468 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 12:30:13.0960 0468 tunnel - ok 12:30:13.0982 0468 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 12:30:13.0984 0468 uagp35 - ok 12:30:14.0013 0468 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 12:30:14.0017 0468 udfs - ok 12:30:14.0042 0468 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 12:30:14.0045 0468 UI0Detect - ok 12:30:14.0077 0468 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 12:30:14.0078 0468 uliagpkx - ok 12:30:14.0104 0468 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 12:30:14.0106 0468 umbus - ok 12:30:14.0143 0468 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 12:30:14.0144 0468 UmPass - ok 12:30:14.0182 0468 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 12:30:14.0186 0468 upnphost - ok 12:30:14.0216 0468 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 12:30:14.0217 0468 usbccgp - ok 12:30:14.0255 0468 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 12:30:14.0257 0468 usbcir - ok 12:30:14.0279 0468 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 12:30:14.0280 0468 usbehci - ok 12:30:14.0333 0468 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 12:30:14.0337 0468 usbhub - ok 12:30:14.0364 0468 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 12:30:14.0366 0468 usbohci - ok 12:30:14.0395 0468 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 12:30:14.0397 0468 usbprint - ok 12:30:14.0417 0468 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 12:30:14.0419 0468 usbscan - ok 12:30:14.0441 0468 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 12:30:14.0442 0468 USBSTOR - ok 12:30:14.0463 0468 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 12:30:14.0464 0468 usbuhci - ok 12:30:14.0510 0468 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 12:30:14.0512 0468 usbvideo - ok 12:30:14.0539 0468 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 12:30:14.0540 0468 UxSms - ok 12:30:14.0562 0468 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:30:14.0563 0468 VaultSvc - ok 12:30:14.0598 0468 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 12:30:14.0599 0468 vdrvroot - ok 12:30:14.0647 0468 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 12:30:14.0654 0468 vds - ok 12:30:14.0681 0468 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 12:30:14.0683 0468 vga - ok 12:30:14.0698 0468 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 12:30:14.0699 0468 VgaSave - ok 12:30:14.0739 0468 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 12:30:14.0742 0468 vhdmp - ok 12:30:14.0770 0468 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 12:30:14.0771 0468 viaide - ok 12:30:14.0797 0468 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 12:30:14.0798 0468 volmgr - ok 12:30:14.0838 0468 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 12:30:14.0841 0468 volmgrx - ok 12:30:14.0877 0468 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 12:30:14.0880 0468 volsnap - ok 12:30:14.0913 0468 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 12:30:14.0915 0468 vsmraid - ok 12:30:15.0009 0468 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 12:30:15.0026 0468 VSS - ok 12:30:15.0160 0468 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 12:30:15.0161 0468 vwifibus - ok 12:30:15.0184 0468 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 12:30:15.0185 0468 vwififlt - ok 12:30:15.0203 0468 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 12:30:15.0204 0468 vwifimp - ok 12:30:15.0246 0468 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 12:30:15.0250 0468 W32Time - ok 12:30:15.0270 0468 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 12:30:15.0271 0468 WacomPen - ok 12:30:15.0303 0468 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:30:15.0304 0468 WANARP - ok 12:30:15.0307 0468 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:30:15.0308 0468 Wanarpv6 - ok 12:30:15.0411 0468 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 12:30:15.0424 0468 WatAdminSvc - ok 12:30:15.0501 0468 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe 12:30:15.0501 0468 watchmi - ok 12:30:15.0590 0468 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 12:30:15.0607 0468 wbengine - ok 12:30:15.0719 0468 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 12:30:15.0723 0468 WbioSrvc - ok 12:30:15.0759 0468 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 12:30:15.0764 0468 wcncsvc - ok 12:30:15.0780 0468 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 12:30:15.0782 0468 WcsPlugInService - ok 12:30:15.0822 0468 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 12:30:15.0822 0468 Wd - ok 12:30:15.0882 0468 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 12:30:15.0889 0468 Wdf01000 - ok 12:30:15.0910 0468 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 12:30:15.0912 0468 WdiServiceHost - ok 12:30:15.0915 0468 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 12:30:15.0917 0468 WdiSystemHost - ok 12:30:15.0944 0468 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 12:30:15.0948 0468 WebClient - ok 12:30:15.0969 0468 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 12:30:15.0973 0468 Wecsvc - ok 12:30:15.0988 0468 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 12:30:15.0990 0468 wercplsupport - ok 12:30:16.0023 0468 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 12:30:16.0025 0468 WerSvc - ok 12:30:16.0075 0468 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 12:30:16.0075 0468 WfpLwf - ok 12:30:16.0092 0468 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 12:30:16.0093 0468 WIMMount - ok 12:30:16.0124 0468 WinDefend - ok 12:30:16.0130 0468 WinHttpAutoProxySvc - ok 12:30:16.0181 0468 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 12:30:16.0184 0468 Winmgmt - ok 12:30:16.0305 0468 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 12:30:16.0327 0468 WinRM - ok 12:30:16.0483 0468 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 12:30:16.0491 0468 Wlansvc - ok 12:30:16.0565 0468 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 12:30:16.0567 0468 wlcrasvc - ok 12:30:16.0745 0468 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:30:16.0767 0468 wlidsvc - ok 12:30:16.0894 0468 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 12:30:16.0895 0468 WmiAcpi - ok 12:30:16.0939 0468 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 12:30:16.0942 0468 wmiApSrv - ok 12:30:16.0975 0468 WMPNetworkSvc - ok 12:30:17.0014 0468 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 12:30:17.0016 0468 WPCSvc - ok 12:30:17.0033 0468 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 12:30:17.0037 0468 WPDBusEnum - ok 12:30:17.0063 0468 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 12:30:17.0064 0468 ws2ifsl - ok 12:30:17.0084 0468 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 12:30:17.0086 0468 wscsvc - ok 12:30:17.0090 0468 WSearch - ok 12:30:17.0136 0468 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys 12:30:17.0138 0468 wsvd - ok 12:30:17.0311 0468 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 12:30:17.0337 0468 wuauserv - ok 12:30:17.0450 0468 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 12:30:17.0452 0468 WudfPf - ok 12:30:17.0475 0468 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 12:30:17.0477 0468 WUDFRd - ok 12:30:17.0497 0468 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 12:30:17.0500 0468 wudfsvc - ok 12:30:17.0526 0468 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 12:30:17.0529 0468 WwanSvc - ok 12:30:17.0570 0468 MBR (0x1B8) (af7e2860d7c52a307fc27eecf18f08df) \Device\Harddisk0\DR0 12:30:20.0112 0468 \Device\Harddisk0\DR0 - ok 12:30:20.0168 0468 Boot (0x1200) (8af0380f1f1ceee2fec372c9e8961a00) \Device\Harddisk0\DR0\Partition0 12:30:20.0169 0468 \Device\Harddisk0\DR0\Partition0 - ok 12:30:20.0180 0468 Boot (0x1200) (e7dac6cebb8dd616e59820ae8b2948bb) \Device\Harddisk0\DR0\Partition1 12:30:20.0181 0468 \Device\Harddisk0\DR0\Partition1 - ok 12:30:20.0207 0468 Boot (0x1200) (26d7c8ff6c0fb1b0f43508d6a5f185e9) \Device\Harddisk0\DR0\Partition2 12:30:20.0208 0468 \Device\Harddisk0\DR0\Partition2 - ok 12:30:20.0209 0468 ============================================================ 12:30:20.0209 0468 Scan finished 12:30:20.0209 0468 ============================================================ 12:30:20.0217 5488 Detected object count: 0 12:30:20.0217 5488 Actual detected object count: 0 12:31:42.0965 5192 ============================================================ 12:31:42.0965 5192 Scan started 12:31:42.0965 5192 Mode: Manual; SigCheck; TDLFS; 12:31:42.0965 5192 ============================================================ 12:31:43.0155 5192 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 12:31:43.0238 5192 1394ohci - ok 12:31:43.0357 5192 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 12:31:43.0372 5192 ACPI - ok 12:31:43.0533 5192 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 12:31:43.0608 5192 AcpiPmi - ok 12:31:43.0783 5192 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 12:31:43.0790 5192 AdobeARMservice - ok 12:31:44.0018 5192 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 12:31:44.0027 5192 AdobeFlashPlayerUpdateSvc - ok 12:31:44.0132 5192 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 12:31:44.0144 5192 adp94xx - ok 12:31:44.0280 5192 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 12:31:44.0290 5192 adpahci - ok 12:31:44.0385 5192 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 12:31:44.0394 5192 adpu320 - ok 12:31:44.0427 5192 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 12:31:44.0722 5192 AeLookupSvc - ok 12:31:44.0856 5192 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 12:31:44.0963 5192 AFD - ok 12:31:44.0997 5192 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 12:31:45.0005 5192 agp440 - ok 12:31:45.0040 5192 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 12:31:45.0089 5192 ALG - ok 12:31:45.0109 5192 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 12:31:45.0117 5192 aliide - ok 12:31:45.0151 5192 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 12:31:45.0158 5192 amdide - ok 12:31:45.0180 5192 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 12:31:45.0209 5192 AmdK8 - ok 12:31:45.0231 5192 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 12:31:45.0264 5192 AmdPPM - ok 12:31:45.0292 5192 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 12:31:45.0301 5192 amdsata - ok 12:31:45.0336 5192 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 12:31:45.0345 5192 amdsbs - ok 12:31:45.0361 5192 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 12:31:45.0368 5192 amdxata - ok 12:31:45.0396 5192 AmUStor (08d51900c07bae4f1fc82fc669b99b79) C:\Windows\system32\drivers\AmUStor.SYS 12:31:45.0442 5192 AmUStor - ok 12:31:45.0517 5192 AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 12:31:45.0535 5192 AntiVirSchedulerService - ok 12:31:45.0560 5192 AntiVirService (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 12:31:45.0567 5192 AntiVirService - ok 12:31:45.0594 5192 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 12:31:45.0760 5192 AppID - ok 12:31:45.0791 5192 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 12:31:45.0843 5192 AppIDSvc - ok 12:31:45.0863 5192 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 12:31:45.0902 5192 Appinfo - ok 12:31:45.0936 5192 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 12:31:45.0944 5192 arc - ok 12:31:45.0965 5192 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 12:31:45.0973 5192 arcsas - ok 12:31:46.0025 5192 ASLDRService (efd89582b55dd32dc79c1a4eb54612a1) C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 12:31:46.0038 5192 ASLDRService - ok 12:31:46.0075 5192 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 12:31:46.0124 5192 AsyncMac - ok 12:31:46.0146 5192 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 12:31:46.0154 5192 atapi - ok 12:31:46.0228 5192 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 12:31:46.0280 5192 AudioEndpointBuilder - ok 12:31:46.0286 5192 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 12:31:46.0315 5192 AudioSrv - ok 12:31:46.0343 5192 avgntflt (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys 12:31:46.0350 5192 avgntflt - ok 12:31:46.0376 5192 avipbb (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys 12:31:46.0383 5192 avipbb - ok 12:31:46.0404 5192 avkmgr (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys 12:31:46.0410 5192 avkmgr - ok 12:31:46.0441 5192 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 12:31:46.0504 5192 AxInstSV - ok 12:31:46.0560 5192 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 12:31:46.0591 5192 b06bdrv - ok 12:31:46.0628 5192 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 12:31:46.0663 5192 b57nd60a - ok 12:31:46.0696 5192 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 12:31:46.0724 5192 BDESVC - ok 12:31:46.0744 5192 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 12:31:46.0789 5192 Beep - ok 12:31:46.0866 5192 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 12:31:46.0916 5192 BFE - ok 12:31:46.0994 5192 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 12:31:47.0053 5192 BITS - ok 12:31:47.0098 5192 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 12:31:47.0138 5192 blbdrive - ok 12:31:47.0169 5192 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 12:31:47.0205 5192 bowser - ok 12:31:47.0240 5192 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 12:31:47.0264 5192 BrFiltLo - ok 12:31:47.0293 5192 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 12:31:47.0321 5192 BrFiltUp - ok 12:31:47.0349 5192 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 12:31:47.0387 5192 Browser - ok 12:31:47.0432 5192 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 12:31:47.0469 5192 Brserid - ok 12:31:47.0503 5192 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 12:31:47.0523 5192 BrSerWdm - ok 12:31:47.0558 5192 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 12:31:47.0584 5192 BrUsbMdm - ok 12:31:47.0621 5192 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 12:31:47.0645 5192 BrUsbSer - ok 12:31:47.0683 5192 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 12:31:47.0730 5192 BthEnum - ok 12:31:47.0757 5192 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 12:31:47.0784 5192 BTHMODEM - ok 12:31:47.0827 5192 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 12:31:47.0853 5192 BthPan - ok 12:31:47.0915 5192 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 12:31:47.0940 5192 BTHPORT - ok 12:31:47.0971 5192 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 12:31:47.0997 5192 bthserv - ok 12:31:48.0010 5192 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 12:31:48.0043 5192 BTHUSB - ok 12:31:48.0076 5192 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 12:31:48.0133 5192 cdfs - ok 12:31:48.0173 5192 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 12:31:48.0201 5192 cdrom - ok 12:31:48.0234 5192 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 12:31:48.0288 5192 CertPropSvc - ok 12:31:48.0314 5192 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 12:31:48.0338 5192 circlass - ok 12:31:48.0397 5192 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 12:31:48.0409 5192 CLFS - ok 12:31:48.0478 5192 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:31:48.0485 5192 clr_optimization_v2.0.50727_32 - ok 12:31:48.0535 5192 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 12:31:48.0542 5192 clr_optimization_v2.0.50727_64 - ok 12:31:48.0582 5192 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:31:48.0591 5192 clr_optimization_v4.0.30319_32 - ok 12:31:48.0651 5192 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 12:31:48.0658 5192 clr_optimization_v4.0.30319_64 - ok 12:31:48.0683 5192 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys 12:31:48.0690 5192 clwvd - ok 12:31:48.0709 5192 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 12:31:48.0735 5192 CmBatt - ok 12:31:48.0761 5192 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 12:31:48.0768 5192 cmdide - ok 12:31:48.0837 5192 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 12:31:48.0853 5192 CNG - ok 12:31:48.0967 5192 CnxtHdAudService (e0b53d1fef69106b76c06a0d783916e8) C:\Windows\system32\drivers\CHDRT64.sys 12:31:48.0991 5192 CnxtHdAudService - ok 12:31:49.0104 5192 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 12:31:49.0112 5192 Compbatt - ok 12:31:49.0161 5192 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys 12:31:49.0206 5192 CompositeBus - ok 12:31:49.0208 5192 COMSysApp - ok 12:31:49.0242 5192 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 12:31:49.0249 5192 crcdisk - ok 12:31:49.0282 5192 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 12:31:49.0317 5192 CryptSvc - ok 12:31:49.0470 5192 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 12:31:49.0488 5192 cvhsvc - ok 12:31:49.0528 5192 CxAudMsg (f160b26b26ba4afe8cecc12ed5ac231e) C:\Windows\system32\CxAudMsg64.exe 12:31:49.0536 5192 CxAudMsg - ok 12:31:49.0596 5192 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 12:31:49.0651 5192 DcomLaunch - ok 12:31:49.0695 5192 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 12:31:49.0735 5192 defragsvc - ok 12:31:49.0785 5192 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 12:31:49.0820 5192 DfsC - ok 12:31:49.0875 5192 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 12:31:49.0929 5192 Dhcp - ok 12:31:49.0952 5192 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 12:31:49.0992 5192 discache - ok 12:31:50.0024 5192 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 12:31:50.0031 5192 Disk - ok 12:31:50.0070 5192 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 12:31:50.0114 5192 Dnscache - ok 12:31:50.0154 5192 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 12:31:50.0209 5192 dot3svc - ok 12:31:50.0239 5192 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 12:31:50.0294 5192 DPS - ok 12:31:50.0315 5192 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 12:31:50.0350 5192 drmkaud - ok 12:31:50.0435 5192 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 12:31:50.0460 5192 DXGKrnl - ok 12:31:50.0490 5192 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 12:31:50.0524 5192 EapHost - ok 12:31:50.0734 5192 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 12:31:50.0796 5192 ebdrv - ok 12:31:50.0911 5192 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 12:31:50.0964 5192 EFS - ok 12:31:51.0041 5192 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 12:31:51.0109 5192 ehRecvr - ok 12:31:51.0139 5192 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 12:31:51.0167 5192 ehSched - ok 12:31:51.0244 5192 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 12:31:51.0257 5192 elxstor - ok 12:31:51.0287 5192 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 12:31:51.0314 5192 ErrDev - ok 12:31:51.0363 5192 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 12:31:51.0412 5192 EventSystem - ok 12:31:51.0547 5192 EvtEng (54fc81b0162478a72a93dbbeafb35671) C:\Program Files\Intel\WiFi\bin\EvtEng.exe 12:31:51.0571 5192 EvtEng - ok 12:31:51.0690 5192 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 12:31:51.0738 5192 exfat - ok 12:31:51.0909 5192 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 12:31:51.0972 5192 fastfat - ok 12:31:52.0744 5192 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 12:31:52.0827 5192 Fax - ok 12:31:52.0868 5192 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 12:31:52.0909 5192 fdc - ok 12:31:52.0930 5192 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 12:31:52.0978 5192 fdPHost - ok 12:31:53.0002 5192 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 12:31:53.0043 5192 FDResPub - ok 12:31:53.0177 5192 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 12:31:53.0185 5192 FileInfo - ok 12:31:53.0196 5192 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 12:31:53.0237 5192 Filetrace - ok 12:31:53.0258 5192 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 12:31:53.0278 5192 flpydisk - ok 12:31:53.0327 5192 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 12:31:53.0337 5192 FltMgr - ok 12:31:53.0422 5192 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 12:31:53.0449 5192 FontCache - ok 12:31:53.0509 5192 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 12:31:53.0516 5192 FontCache3.0.0.0 - ok 12:31:53.0554 5192 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 12:31:53.0561 5192 FsDepends - ok 12:31:53.0587 5192 fspad_wlh64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\DRIVERS\fspad_wlh64.sys 12:31:53.0620 5192 fspad_wlh64 - ok 12:31:53.0652 5192 fspad_xp64 (95d0cb3e794dea8cbe21725811a554dc) C:\Windows\system32\drivers\fspad_xp64.sys 12:31:53.0659 5192 fspad_xp64 - ok 12:31:53.0686 5192 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 12:31:53.0693 5192 Fs_Rec - ok 12:31:53.0732 5192 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 12:31:53.0744 5192 fvevol - ok 12:31:53.0767 5192 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 12:31:53.0775 5192 gagp30kx - ok 12:31:53.0854 5192 GFNEXSrv (ba9051d3745fa546de3660f5f2ef84a5) C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 12:31:53.0861 5192 GFNEXSrv - ok 12:31:53.0951 5192 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 12:31:53.0993 5192 gpsvc - ok 12:31:54.0059 5192 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:31:54.0065 5192 gupdate - ok 12:31:54.0068 5192 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 12:31:54.0075 5192 gupdatem - ok 12:31:54.0093 5192 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 12:31:54.0124 5192 hcw85cir - ok 12:31:54.0173 5192 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 12:31:54.0195 5192 HdAudAddService - ok 12:31:54.0229 5192 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys 12:31:54.0254 5192 HDAudBus - ok 12:31:54.0283 5192 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 12:31:54.0313 5192 HidBatt - ok 12:31:54.0352 5192 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 12:31:54.0376 5192 HidBth - ok 12:31:54.0408 5192 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 12:31:54.0418 5192 HidIr - ok 12:31:54.0449 5192 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 12:31:54.0488 5192 hidserv - ok 12:31:54.0507 5192 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 12:31:54.0516 5192 HidUsb - ok 12:31:54.0543 5192 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 12:31:54.0592 5192 hkmsvc - ok 12:31:54.0642 5192 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 12:31:54.0704 5192 HomeGroupListener - ok 12:31:54.0742 5192 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 12:31:54.0777 5192 HomeGroupProvider - ok 12:31:54.0819 5192 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 12:31:54.0827 5192 HpSAMD - ok 12:31:54.0913 5192 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 12:31:54.0953 5192 HTTP - ok 12:31:54.0967 5192 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 12:31:54.0975 5192 hwpolicy - ok 12:31:55.0001 5192 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 12:31:55.0010 5192 i8042prt - ok 12:31:55.0065 5192 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys 12:31:55.0076 5192 iaStor - ok 12:31:55.0150 5192 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 12:31:55.0156 5192 IAStorDataMgrSvc - ok 12:31:55.0190 5192 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 12:31:55.0202 5192 iaStorV - ok 12:31:55.0330 5192 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 12:31:55.0345 5192 idsvc - ok 12:31:55.0992 5192 igfx (66dc0ce2d1867b8178eaa0e11930dbd7) C:\Windows\system32\DRIVERS\igdkmd64.sys 12:31:56.0145 5192 igfx - ok 12:31:56.0284 5192 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 12:31:56.0292 5192 iirsp - ok 12:31:56.0377 5192 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 12:31:56.0425 5192 IKEEXT - ok 12:31:56.0486 5192 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys 12:31:56.0511 5192 IntcDAud - ok 12:31:56.0535 5192 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 12:31:56.0543 5192 intelide - ok 12:31:56.0576 5192 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 12:31:56.0603 5192 intelppm - ok 12:31:56.0632 5192 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 12:31:56.0677 5192 IPBusEnum - ok 12:31:56.0710 5192 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 12:31:56.0752 5192 IpFilterDriver - ok 12:31:56.0816 5192 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 12:31:56.0871 5192 iphlpsvc - ok 12:31:56.0913 5192 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 12:31:56.0933 5192 IPMIDRV - ok 12:31:56.0982 5192 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 12:31:57.0038 5192 IPNAT - ok 12:31:57.0071 5192 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 12:31:57.0107 5192 IRENUM - ok 12:31:57.0143 5192 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 12:31:57.0150 5192 isapnp - ok 12:31:57.0185 5192 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 12:31:57.0194 5192 iScsiPrt - ok 12:31:57.0343 5192 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 12:31:57.0350 5192 kbdclass - ok 12:31:57.0461 5192 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys 12:31:57.0470 5192 kbdhid - ok 12:31:57.0544 5192 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:31:57.0552 5192 KeyIso - ok 12:31:57.0608 5192 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 12:31:57.0616 5192 KSecDD - ok 12:31:57.0644 5192 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 12:31:57.0652 5192 KSecPkg - ok 12:31:57.0688 5192 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 12:31:57.0736 5192 ksthunk - ok 12:31:57.0790 5192 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 12:31:57.0835 5192 KtmRm - ok 12:31:57.0868 5192 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys 12:31:57.0874 5192 L1C - ok 12:31:57.0915 5192 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 12:31:57.0951 5192 LanmanServer - ok 12:31:57.0989 5192 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 12:31:58.0029 5192 LanmanWorkstation - ok 12:31:58.0047 5192 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 12:31:58.0082 5192 lltdio - ok 12:31:58.0132 5192 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 12:31:58.0173 5192 lltdsvc - ok 12:31:58.0197 5192 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 12:31:58.0237 5192 lmhosts - ok 12:31:58.0263 5192 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 12:31:58.0271 5192 LSI_FC - ok 12:31:58.0303 5192 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 12:31:58.0311 5192 LSI_SAS - ok 12:31:58.0335 5192 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 12:31:58.0343 5192 LSI_SAS2 - ok 12:31:58.0370 5192 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 12:31:58.0379 5192 LSI_SCSI - ok 12:31:58.0398 5192 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 12:31:58.0442 5192 luafv - ok 12:31:58.0507 5192 lxdiCATSCustConnectService (baa003617d899996cf282a3d92aee29b) C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe 12:31:58.0514 5192 lxdiCATSCustConnectService - ok 12:31:58.0515 5192 lxdi_device - ok 12:31:58.0541 5192 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 12:31:58.0548 5192 MBAMProtector - ok 12:31:58.0661 5192 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 12:31:58.0674 5192 MBAMService - ok 12:31:58.0698 5192 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 12:31:58.0720 5192 Mcx2Svc - ok 12:31:58.0742 5192 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 12:31:58.0751 5192 megasas - ok 12:31:58.0797 5192 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 12:31:58.0807 5192 MegaSR - ok 12:31:58.0828 5192 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 12:31:58.0883 5192 MMCSS - ok 12:31:58.0908 5192 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 12:31:58.0952 5192 Modem - ok 12:31:58.0970 5192 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 12:31:59.0000 5192 monitor - ok 12:31:59.0023 5192 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 12:31:59.0031 5192 mouclass - ok 12:31:59.0059 5192 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 12:31:59.0081 5192 mouhid - ok 12:31:59.0112 5192 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 12:31:59.0120 5192 mountmgr - ok 12:31:59.0182 5192 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 12:31:59.0190 5192 MozillaMaintenance - ok 12:31:59.0233 5192 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys 12:31:59.0243 5192 MpFilter - ok 12:31:59.0280 5192 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 12:31:59.0289 5192 mpio - ok 12:31:59.0313 5192 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 12:31:59.0338 5192 mpsdrv - ok 12:31:59.0423 5192 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 12:31:59.0466 5192 MpsSvc - ok 12:31:59.0510 5192 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 12:31:59.0547 5192 MRxDAV - ok 12:31:59.0587 5192 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 12:31:59.0620 5192 mrxsmb - ok 12:31:59.0666 5192 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 12:31:59.0700 5192 mrxsmb10 - ok 12:31:59.0737 5192 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 12:31:59.0785 5192 mrxsmb20 - ok 12:31:59.0818 5192 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 12:31:59.0825 5192 msahci - ok 12:31:59.0865 5192 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 12:31:59.0873 5192 msdsm - ok 12:31:59.0904 5192 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 12:31:59.0926 5192 MSDTC - ok 12:31:59.0947 5192 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 12:31:59.0983 5192 Msfs - ok 12:31:59.0997 5192 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 12:32:00.0035 5192 mshidkmdf - ok 12:32:00.0060 5192 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 12:32:00.0068 5192 msisadrv - ok 12:32:00.0106 5192 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 12:32:00.0150 5192 MSiSCSI - ok 12:32:00.0152 5192 msiserver - ok 12:32:00.0173 5192 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 12:32:00.0212 5192 MSKSSRV - ok 12:32:00.0260 5192 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe 12:32:00.0268 5192 MsMpSvc - ok 12:32:00.0283 5192 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 12:32:00.0329 5192 MSPCLOCK - ok 12:32:00.0347 5192 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 12:32:00.0383 5192 MSPQM - ok 12:32:00.0439 5192 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 12:32:00.0450 5192 MsRPC - ok 12:32:00.0475 5192 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 12:32:00.0483 5192 mssmbios - ok 12:32:00.0509 5192 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 12:32:00.0544 5192 MSTEE - ok 12:32:00.0566 5192 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 12:32:00.0589 5192 MTConfig - ok 12:32:00.0618 5192 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 12:32:00.0625 5192 Mup - ok 12:32:00.0695 5192 MyWiFiDHCPDNS (4bbb9d9c4df259fae2d172c5bb25ddd0) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 12:32:00.0703 5192 MyWiFiDHCPDNS - ok 12:32:00.0765 5192 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 12:32:00.0803 5192 napagent - ok 12:32:00.0854 5192 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 12:32:00.0877 5192 NativeWifiP - ok 12:32:00.0955 5192 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 12:32:00.0973 5192 NDIS - ok 12:32:00.0986 5192 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 12:32:01.0043 5192 NdisCap - ok 12:32:01.0072 5192 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 12:32:01.0115 5192 NdisTapi - ok 12:32:01.0136 5192 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 12:32:01.0170 5192 Ndisuio - ok 12:32:01.0212 5192 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 12:32:01.0249 5192 NdisWan - ok 12:32:01.0274 5192 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 12:32:01.0317 5192 NDProxy - ok 12:32:01.0342 5192 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 12:32:01.0376 5192 NetBIOS - ok 12:32:01.0410 5192 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 12:32:01.0447 5192 NetBT - ok 12:32:01.0467 5192 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:32:01.0476 5192 Netlogon - ok 12:32:01.0524 5192 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 12:32:01.0565 5192 Netman - ok 12:32:01.0611 5192 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 12:32:01.0648 5192 netprofm - ok 12:32:01.0742 5192 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:32:01.0749 5192 NetTcpPortSharing - ok 12:32:02.0273 5192 NETwNs64 (ac69618de5bcce8747c9ab0aae1003c1) C:\Windows\system32\DRIVERS\NETwNs64.sys 12:32:02.0386 5192 NETwNs64 - ok 12:32:02.0508 5192 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 12:32:02.0516 5192 nfrd960 - ok 12:32:02.0546 5192 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 12:32:02.0554 5192 NisDrv - ok 12:32:02.0636 5192 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe 12:32:02.0647 5192 NisSrv - ok 12:32:02.0698 5192 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 12:32:02.0736 5192 NlaSvc - ok 12:32:02.0762 5192 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 12:32:02.0788 5192 Npfs - ok 12:32:02.0816 5192 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 12:32:02.0855 5192 nsi - ok 12:32:02.0876 5192 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 12:32:02.0919 5192 nsiproxy - ok 12:32:03.0048 5192 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 12:32:03.0075 5192 Ntfs - ok 12:32:03.0207 5192 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 12:32:03.0243 5192 Null - ok 12:32:03.0271 5192 nusb3hub (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\DRIVERS\nusb3hub.sys 12:32:03.0300 5192 nusb3hub - ok 12:32:03.0338 5192 nusb3xhc (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\DRIVERS\nusb3xhc.sys 12:32:03.0356 5192 nusb3xhc - ok 12:32:04.0061 5192 nvlddmkm (5b87b16d2781982e32bab6d359034c37) C:\Windows\system32\DRIVERS\nvlddmkm.sys 12:32:04.0214 5192 nvlddmkm - ok 12:32:04.0409 5192 nvpciflt (0fb06978e39d3b2bb02d616b71a718dc) C:\Windows\system32\DRIVERS\nvpciflt.sys 12:32:04.0415 5192 nvpciflt - ok 12:32:04.0450 5192 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 12:32:04.0459 5192 nvraid - ok 12:32:04.0482 5192 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 12:32:04.0490 5192 nvstor - ok 12:32:04.0572 5192 NVSvc (e0978d69d66403beb006bed61b27b883) C:\Windows\system32\nvvsvc.exe 12:32:04.0590 5192 NVSvc - ok 12:32:04.0756 5192 nvUpdatusService (dc49ec481397457aea7d094383c0e1b6) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe 12:32:04.0784 5192 nvUpdatusService - ok 12:32:04.0941 5192 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 12:32:04.0949 5192 nv_agp - ok 12:32:04.0983 5192 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 12:32:05.0005 5192 ohci1394 - ok 12:32:05.0081 5192 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 12:32:05.0089 5192 ose - ok 12:32:05.0395 5192 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 12:32:05.0457 5192 osppsvc - ok 12:32:05.0603 5192 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 12:32:05.0643 5192 p2pimsvc - ok 12:32:05.0705 5192 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 12:32:05.0717 5192 p2psvc - ok 12:32:05.0770 5192 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 12:32:05.0796 5192 Parport - ok 12:32:05.0821 5192 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 12:32:05.0829 5192 partmgr - ok 12:32:05.0868 5192 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 12:32:05.0897 5192 PcaSvc - ok 12:32:05.0944 5192 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 12:32:05.0953 5192 pci - ok 12:32:05.0979 5192 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 12:32:05.0986 5192 pciide - ok 12:32:06.0016 5192 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 12:32:06.0025 5192 pcmcia - ok 12:32:06.0053 5192 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 12:32:06.0060 5192 pcw - ok 12:32:06.0128 5192 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 12:32:06.0169 5192 PEAUTH - ok 12:32:06.0242 5192 PEGAGFN (ee926c59cbd4dc4dc9fbb85014a2f1a5) C:\Program Files (x86)\PHotkey\PEGAGFN.sys 12:32:06.0248 5192 PEGAGFN - ok 12:32:06.0332 5192 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 12:32:06.0357 5192 PerfHost - ok 12:32:06.0536 5192 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 12:32:06.0590 5192 pla - ok 12:32:06.0644 5192 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 12:32:06.0683 5192 PlugPlay - ok 12:32:06.0703 5192 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 12:32:06.0723 5192 PNRPAutoReg - ok 12:32:06.0769 5192 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 12:32:06.0780 5192 PNRPsvc - ok 12:32:06.0832 5192 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 12:32:06.0876 5192 PolicyAgent - ok 12:32:06.0918 5192 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 12:32:06.0955 5192 Power - ok 12:32:07.0005 5192 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 12:32:07.0046 5192 PptpMiniport - ok 12:32:07.0078 5192 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 12:32:07.0087 5192 Processor - ok 12:32:07.0133 5192 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 12:32:07.0156 5192 ProfSvc - ok 12:32:07.0179 5192 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:32:07.0188 5192 ProtectedStorage - ok 12:32:07.0221 5192 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 12:32:07.0254 5192 Psched - ok 12:32:07.0279 5192 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys 12:32:07.0286 5192 PSI - ok 12:32:07.0393 5192 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 12:32:07.0417 5192 ql2300 - ok 12:32:07.0549 5192 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 12:32:07.0557 5192 ql40xx - ok 12:32:07.0597 5192 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 12:32:07.0611 5192 QWAVE - ok 12:32:07.0639 5192 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 12:32:07.0665 5192 QWAVEdrv - ok 12:32:07.0687 5192 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 12:32:07.0729 5192 RasAcd - ok 12:32:07.0756 5192 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 12:32:07.0793 5192 RasAgileVpn - ok 12:32:07.0828 5192 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 12:32:07.0869 5192 RasAuto - ok 12:32:07.0891 5192 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 12:32:07.0933 5192 Rasl2tp - ok 12:32:07.0983 5192 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 12:32:08.0020 5192 RasMan - ok 12:32:08.0047 5192 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 12:32:08.0091 5192 RasPppoe - ok 12:32:08.0114 5192 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 12:32:08.0159 5192 RasSstp - ok 12:32:08.0199 5192 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 12:32:08.0243 5192 rdbss - ok 12:32:08.0269 5192 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 12:32:08.0295 5192 rdpbus - ok 12:32:08.0327 5192 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 12:32:08.0365 5192 RDPCDD - ok 12:32:08.0369 5192 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 12:32:08.0407 5192 RDPENCDD - ok 12:32:08.0427 5192 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 12:32:08.0451 5192 RDPREFMP - ok 12:32:08.0487 5192 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 12:32:08.0540 5192 RDPWD - ok 12:32:08.0582 5192 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 12:32:08.0592 5192 rdyboost - ok 12:32:08.0724 5192 RegSrvc (a436f5e7d80bbdbb0826d0f176d5bea8) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 12:32:08.0739 5192 RegSrvc - ok 12:32:08.0763 5192 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 12:32:08.0805 5192 RemoteAccess - ok 12:32:08.0846 5192 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 12:32:08.0882 5192 RemoteRegistry - ok 12:32:08.0951 5192 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 12:32:08.0972 5192 RFCOMM - ok 12:32:09.0004 5192 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 12:32:09.0046 5192 RpcEptMapper - ok 12:32:09.0073 5192 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 12:32:09.0102 5192 RpcLocator - ok 12:32:09.0173 5192 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 12:32:09.0202 5192 RpcSs - ok 12:32:09.0250 5192 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 12:32:09.0285 5192 rspndr - ok 12:32:09.0318 5192 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\Windows\system32\DRIVERS\Rt64win7.sys 12:32:09.0338 5192 RTL8167 - ok 12:32:09.0408 5192 RTL8192su (4629c5c4772d223b0ecd1ea8ba7a2a33) C:\Windows\system32\DRIVERS\RTL8192su.sys 12:32:09.0421 5192 RTL8192su - ok 12:32:09.0446 5192 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:32:09.0455 5192 SamSs - ok 12:32:09.0482 5192 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 12:32:09.0491 5192 sbp2port - ok 12:32:09.0532 5192 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 12:32:09.0574 5192 SCardSvr - ok 12:32:09.0604 5192 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 12:32:09.0644 5192 scfilter - ok 12:32:09.0738 5192 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 12:32:09.0794 5192 Schedule - ok 12:32:09.0827 5192 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 12:32:09.0853 5192 SCPolicySvc - ok 12:32:09.0886 5192 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 12:32:09.0926 5192 SDRSVC - ok 12:32:09.0971 5192 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 12:32:10.0011 5192 secdrv - ok 12:32:10.0038 5192 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 12:32:10.0063 5192 seclogon - ok 12:32:10.0221 5192 Secunia PSI Agent (f70a51eb03ee7046784ef62efce9528e) C:\Program Files (x86)\Secunia\PSI\PSIA.exe 12:32:10.0242 5192 Secunia PSI Agent - ok 12:32:10.0305 5192 Secunia Update Agent (ad56ceb08eeb517332355fde9e5939c8) C:\Program Files (x86)\Secunia\PSI\sua.exe 12:32:10.0318 5192 Secunia Update Agent - ok 12:32:10.0444 5192 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 12:32:10.0482 5192 SENS - ok 12:32:10.0495 5192 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 12:32:10.0541 5192 SensrSvc - ok 12:32:10.0593 5192 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 12:32:10.0615 5192 Serenum - ok 12:32:10.0653 5192 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 12:32:10.0679 5192 Serial - ok 12:32:10.0710 5192 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 12:32:10.0727 5192 sermouse - ok 12:32:10.0763 5192 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 12:32:10.0804 5192 SessionEnv - ok 12:32:10.0836 5192 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 12:32:10.0860 5192 sffdisk - ok 12:32:10.0864 5192 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 12:32:10.0884 5192 sffp_mmc - ok 12:32:10.0888 5192 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 12:32:10.0898 5192 sffp_sd - ok 12:32:10.0927 5192 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 12:32:10.0946 5192 sfloppy - ok 12:32:11.0025 5192 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 12:32:11.0039 5192 Sftfs - ok 12:32:11.0150 5192 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 12:32:11.0162 5192 sftlist - ok 12:32:11.0198 5192 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 12:32:11.0207 5192 Sftplay - ok 12:32:11.0221 5192 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 12:32:11.0228 5192 Sftredir - ok 12:32:11.0253 5192 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 12:32:11.0259 5192 Sftvol - ok 12:32:11.0295 5192 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 12:32:11.0303 5192 sftvsa - ok 12:32:11.0357 5192 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 12:32:11.0395 5192 SharedAccess - ok 12:32:11.0452 5192 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 12:32:11.0488 5192 ShellHWDetection - ok 12:32:11.0513 5192 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 12:32:11.0520 5192 SiSRaid2 - ok 12:32:11.0551 5192 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 12:32:11.0558 5192 SiSRaid4 - ok 12:32:11.0589 5192 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe 12:32:11.0596 5192 SkypeUpdate - ok 12:32:11.0632 5192 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 12:32:11.0668 5192 Smb - ok 12:32:11.0697 5192 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 12:32:11.0724 5192 SNMPTRAP - ok 12:32:11.0754 5192 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 12:32:11.0762 5192 spldr - ok 12:32:11.0824 5192 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 12:32:11.0853 5192 Spooler - ok 12:32:12.0041 5192 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 12:32:12.0094 5192 sppsvc - ok 12:32:12.0223 5192 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 12:32:12.0263 5192 sppuinotify - ok 12:32:12.0347 5192 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 12:32:12.0392 5192 srv - ok 12:32:12.0453 5192 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 12:32:12.0464 5192 srv2 - ok 12:32:12.0506 5192 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 12:32:12.0524 5192 srvnet - ok 12:32:12.0560 5192 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 12:32:12.0606 5192 SSDPSRV - ok 12:32:12.0627 5192 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 12:32:12.0670 5192 SstpSvc - ok 12:32:12.0716 5192 Steam Client Service - ok 12:32:12.0741 5192 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 12:32:12.0749 5192 stexstor - ok 12:32:12.0816 5192 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 12:32:12.0845 5192 stisvc - ok 12:32:12.0867 5192 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 12:32:12.0874 5192 swenum - ok 12:32:12.0938 5192 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 12:32:12.0980 5192 swprv - ok 12:32:13.0097 5192 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 12:32:13.0138 5192 SysMain - ok 12:32:13.0257 5192 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 12:32:13.0271 5192 TabletInputService - ok 12:32:13.0310 5192 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 12:32:13.0354 5192 TapiSrv - ok 12:32:13.0390 5192 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 12:32:13.0433 5192 TBS - ok 12:32:13.0596 5192 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 12:32:13.0624 5192 Tcpip - ok 12:32:13.0866 5192 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 12:32:13.0893 5192 TCPIP6 - ok 12:32:14.0038 5192 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 12:32:14.0072 5192 tcpipreg - ok 12:32:14.0091 5192 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 12:32:14.0126 5192 TDPIPE - ok 12:32:14.0147 5192 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 12:32:14.0171 5192 TDTCP - ok 12:32:14.0205 5192 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 12:32:14.0238 5192 tdx - ok 12:32:14.0280 5192 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys 12:32:14.0287 5192 TermDD - ok 12:32:14.0355 5192 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 12:32:14.0397 5192 TermService - ok 12:32:14.0416 5192 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 12:32:14.0429 5192 Themes - ok 12:32:14.0451 5192 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 12:32:14.0477 5192 THREADORDER - ok 12:32:14.0501 5192 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 12:32:14.0538 5192 TrkWks - ok 12:32:14.0600 5192 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 12:32:14.0634 5192 TrustedInstaller - ok 12:32:14.0649 5192 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 12:32:14.0690 5192 tssecsrv - ok 12:32:14.0731 5192 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 12:32:14.0766 5192 TsUsbFlt - ok 12:32:14.0794 5192 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys 12:32:14.0813 5192 TsUsbGD - ok 12:32:14.0857 5192 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 12:32:14.0882 5192 tunnel - ok 12:32:14.0913 5192 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 12:32:14.0921 5192 uagp35 - ok 12:32:14.0963 5192 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 12:32:15.0008 5192 udfs - ok 12:32:15.0049 5192 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 12:32:15.0069 5192 UI0Detect - ok 12:32:15.0106 5192 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 12:32:15.0114 5192 uliagpkx - ok 12:32:15.0146 5192 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 12:32:15.0171 5192 umbus - ok 12:32:15.0194 5192 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 12:32:15.0218 5192 UmPass - ok 12:32:15.0256 5192 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 12:32:15.0293 5192 upnphost - ok 12:32:15.0337 5192 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 12:32:15.0377 5192 usbccgp - ok 12:32:15.0409 5192 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 12:32:15.0439 5192 usbcir - ok 12:32:15.0476 5192 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 12:32:15.0493 5192 usbehci - ok 12:32:15.0551 5192 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 12:32:15.0575 5192 usbhub - ok 12:32:15.0605 5192 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 12:32:15.0628 5192 usbohci - ok 12:32:15.0658 5192 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 12:32:15.0684 5192 usbprint - ok 12:32:15.0713 5192 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 12:32:15.0724 5192 usbscan - ok 12:32:15.0750 5192 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 12:32:15.0786 5192 USBSTOR - ok 12:32:15.0814 5192 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 12:32:15.0831 5192 usbuhci - ok 12:32:15.0878 5192 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys 12:32:15.0909 5192 usbvideo - ok 12:32:15.0946 5192 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 12:32:15.0986 5192 UxSms - ok 12:32:16.0013 5192 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 12:32:16.0022 5192 VaultSvc - ok 12:32:16.0050 5192 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 12:32:16.0058 5192 vdrvroot - ok 12:32:16.0120 5192 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 12:32:16.0150 5192 vds - ok 12:32:16.0178 5192 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 12:32:16.0188 5192 vga - ok 12:32:16.0205 5192 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 12:32:16.0229 5192 VgaSave - ok 12:32:16.0257 5192 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 12:32:16.0266 5192 vhdmp - ok 12:32:16.0299 5192 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 12:32:16.0307 5192 viaide - ok 12:32:16.0339 5192 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 12:32:16.0346 5192 volmgr - ok 12:32:16.0399 5192 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 12:32:16.0410 5192 volmgrx - ok 12:32:16.0448 5192 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 12:32:16.0458 5192 volsnap - ok 12:32:16.0491 5192 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 12:32:16.0500 5192 vsmraid - ok 12:32:16.0620 5192 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 12:32:16.0676 5192 VSS - ok 12:32:16.0800 5192 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 12:32:16.0819 5192 vwifibus - ok 12:32:16.0837 5192 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 12:32:16.0868 5192 vwififlt - ok 12:32:16.0888 5192 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 12:32:16.0899 5192 vwifimp - ok 12:32:16.0953 5192 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 12:32:16.0981 5192 W32Time - ok 12:32:16.0999 5192 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 12:32:17.0017 5192 WacomPen - ok 12:32:17.0056 5192 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:32:17.0100 5192 WANARP - ok 12:32:17.0102 5192 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 12:32:17.0127 5192 Wanarpv6 - ok 12:32:17.0237 5192 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 12:32:17.0258 5192 WatAdminSvc - ok 12:32:17.0321 5192 watchmi (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe 12:32:17.0340 5192 watchmi ( UnsignedFile.Multi.Generic ) - warning 12:32:17.0340 5192 watchmi - detected UnsignedFile.Multi.Generic (1) 12:32:17.0446 5192 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 12:32:17.0492 5192 wbengine - ok 12:32:17.0633 5192 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 12:32:17.0659 5192 WbioSrvc - ok 12:32:17.0709 5192 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 12:32:17.0743 5192 wcncsvc - ok 12:32:17.0776 5192 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 12:32:17.0823 5192 WcsPlugInService - ok 12:32:17.0873 5192 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 12:32:17.0880 5192 Wd - ok 12:32:17.0956 5192 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 12:32:17.0970 5192 Wdf01000 - ok 12:32:17.0986 5192 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 12:32:18.0054 5192 WdiServiceHost - ok 12:32:18.0056 5192 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 12:32:18.0069 5192 WdiSystemHost - ok 12:32:18.0103 5192 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 12:32:18.0137 5192 WebClient - ok 12:32:18.0171 5192 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 12:32:18.0221 5192 Wecsvc - ok 12:32:18.0264 5192 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 12:32:18.0308 5192 wercplsupport - ok 12:32:18.0343 5192 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 12:32:18.0382 5192 WerSvc - ok 12:32:18.0437 5192 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 12:32:18.0462 5192 WfpLwf - ok 12:32:18.0477 5192 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 12:32:18.0486 5192 WIMMount - ok 12:32:18.0517 5192 WinDefend - ok 12:32:18.0521 5192 WinHttpAutoProxySvc - ok 12:32:18.0584 5192 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 12:32:18.0625 5192 Winmgmt - ok 12:32:18.0773 5192 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 12:32:18.0815 5192 WinRM - ok 12:32:19.0002 5192 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 12:32:19.0032 5192 Wlansvc - ok 12:32:19.0096 5192 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 12:32:19.0102 5192 wlcrasvc - ok 12:32:19.0275 5192 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 12:32:19.0306 5192 wlidsvc - ok 12:32:19.0434 5192 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 12:32:19.0454 5192 WmiAcpi - ok 12:32:19.0500 5192 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 12:32:19.0526 5192 wmiApSrv - ok 12:32:19.0570 5192 WMPNetworkSvc - ok 12:32:19.0587 5192 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 12:32:19.0604 5192 WPCSvc - ok 12:32:19.0621 5192 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 12:32:19.0632 5192 WPDBusEnum - ok 12:32:19.0658 5192 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 12:32:19.0695 5192 ws2ifsl - ok 12:32:19.0726 5192 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 12:32:19.0740 5192 wscsvc - ok 12:32:19.0742 5192 WSearch - ok 12:32:19.0777 5192 wsvd (82e8f5aa03df7dbdb8a33f700d5d8cda) C:\Windows\system32\DRIVERS\wsvd.sys 12:32:19.0784 5192 wsvd - ok 12:32:19.0934 5192 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 12:32:19.0968 5192 wuauserv - ok 12:32:20.0105 5192 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 12:32:20.0158 5192 WudfPf - ok 12:32:20.0187 5192 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 12:32:20.0225 5192 WUDFRd - ok 12:32:20.0249 5192 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 12:32:20.0275 5192 wudfsvc - ok 12:32:20.0306 5192 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 12:32:20.0331 5192 WwanSvc - ok 12:32:20.0353 5192 MBR (0x1B8) (af7e2860d7c52a307fc27eecf18f08df) \Device\Harddisk0\DR0 12:32:22.0301 5192 \Device\Harddisk0\DR0 - ok 12:32:22.0329 5192 Boot (0x1200) (8af0380f1f1ceee2fec372c9e8961a00) \Device\Harddisk0\DR0\Partition0 12:32:22.0332 5192 \Device\Harddisk0\DR0\Partition0 - ok 12:32:22.0341 5192 Boot (0x1200) (e7dac6cebb8dd616e59820ae8b2948bb) \Device\Harddisk0\DR0\Partition1 12:32:22.0343 5192 \Device\Harddisk0\DR0\Partition1 - ok 12:32:22.0368 5192 Boot (0x1200) (26d7c8ff6c0fb1b0f43508d6a5f185e9) \Device\Harddisk0\DR0\Partition2 12:32:22.0369 5192 \Device\Harddisk0\DR0\Partition2 - ok 12:32:22.0371 5192 ============================================================ 12:32:22.0371 5192 Scan finished 12:32:22.0371 5192 ============================================================ 12:32:22.0377 5772 Detected object count: 1 12:32:22.0378 5772 Actual detected object count: 1 12:32:42.0606 5772 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user 12:32:42.0606 5772 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip |
Themen zu Verschlüsselungstrojaner (BKA) auf meinem Windows 7 Pc |
0_0u_l.exe, autorun, bho, computer, converter, error, exp/2012-0507.aw, failed, firefox 13.0.1, flash player, format, gfnexsrv.exe, google, heuristiks/extra, heuristiks/shuriken, home, install.exe, juli 2012, logfile, microsoft office starter 2010, mozilla, mp3, nicht möglich, nt.dll, nvidia update, nvpciflt.sys, plug-in, rarsfx0, realtek, registry, rojaner gefunden, rundll, searchscopes, secunia psi, security, server, software, svchost.exe, tcp, teamspeak, trojaner gefunden, usb, usb 3.0, verweise, warnung, windows |