| |
| |||||||
Log-Analyse und Auswertung: Avira meldet Fund von EXP/2012-4681.ADWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.10.2012, 14:28
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avira meldet Fund von EXP/2012-4681.AD Probier es bitte im abgesicherten Modus mit Netzwerktreibern aus
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.10.2012, 08:47
| #17 |
 | Avira meldet Fund von EXP/2012-4681.AD Hallo Cosinus,
__________________leider ergibt sich im abgesicherten Modus das selbe Ergebnis. Mfg |
|
17.10.2012, 11:08
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet Fund von EXP/2012-4681.AD du fügst 1:1 diesen Text bei OTL ein?!
__________________ Zitat:
__________________ |
|
18.10.2012, 08:08
| #19 |
| | Avira meldet Fund von EXP/2012-4681.AD Hallo cosinus, ja, habe es nochmals getestet. Ich starte Otl.EXE als Administrator Klicken an Scanne alle Benutzer Kopiere den Text in das Feld unten von OTL und Scanne Bei Getting Folder Structure kommt es dann zu dem Out of Memory Fehler. Mfg |
|
18.10.2012, 12:14
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet Fund von EXP/2012-4681.AD Dann mach ein neues Log bitte so Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.10.2012, 21:59
| #21 |
| | Avira meldet Fund von EXP/2012-4681.AD Hallo Cosinus, wie gewünscht: OTL Logfile: Code:
ATTFilter OTL logfile created on: 18.10.2012 17:24:09 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gudrun\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 69,05% Memory free
5,93 Gb Paging File | 4,93 Gb Available in Paging File | 83,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 380,76 Gb Total Space | 175,95 Gb Free Space | 46,21% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 56,83 Gb Free Space | 78,93% Space Free | Partition Type: NTFS
Computer Name: GUDRUN-PC | User Name: Gudrun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Gudrun\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Users\Gudrun\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
========== Modules (No Company Name) ==========
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
========== Services (SafeList) ==========
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater12.2.6) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe ()
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_5891ae0.dll ()
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Sony Ericsson PCCompanion) -- C:\Programme\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (DAUpdaterSvc) -- C:\Programme\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (acedrv11) -- C:\Windows\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_de
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 02:28:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.12 02:28:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 02:28:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.12 02:28:33 | 000,000,000 | ---D | M]
[2011.01.08 03:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gudrun\AppData\Roaming\mozilla\Extensions
[2012.10.17 15:50:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Gudrun\AppData\Roaming\mozilla\Firefox\Profiles\2bkmojau.default\extensions
[2011.03.04 22:14:39 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Gudrun\AppData\Roaming\mozilla\Firefox\Profiles\2bkmojau.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.19 16:24:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Gudrun\AppData\Roaming\mozilla\Firefox\Profiles\2bkmojau.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.10.17 15:50:04 | 000,395,926 | ---- | M] () (No name found) -- C:\Users\Gudrun\AppData\Roaming\mozilla\firefox\profiles\2bkmojau.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
[2012.10.12 02:28:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.10.12 02:28:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 02:28:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.12 02:28:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.10.12 02:28:37 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.08.25 04:49:52 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.25 04:49:52 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.08.25 04:49:52 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.08.25 04:49:52 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.08.25 04:49:52 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.08.25 04:49:52 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ROC_ROC_NT] "C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT File not found
O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" File not found
O4 - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000..\Run: [Akamai NetSession Interface] C:\Users\Gudrun\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-2694796141-4042297030-3838815509-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Gudrun\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gudrun\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D096CB6-6E80-4267-8CDB-31064E4F6412}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6126C79-D0CD-4382-80DC-95F092E57F9E}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.10.18 17:22:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gudrun\Desktop\OTL(1).exe
[2012.10.12 19:58:40 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\Desktop\Hochzeitswalzer
[2012.10.12 07:10:16 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\Desktop\Jazz For Weddings (Jazz Club)
[2012.10.12 02:28:31 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.11 23:31:19 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\Desktop\The 99 Most Essential Pieces of Classical Music
[2012.10.11 23:31:18 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\Documents\Amazon MP3
[2012.10.11 23:31:18 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\AppData\Roaming\Amazon
[2012.10.11 23:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
[2012.10.11 23:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\Amazon
[2012.10.10 08:08:04 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.10.10 08:07:46 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.10.10 08:07:45 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.10.10 08:07:45 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.10.10 08:07:45 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.10.10 08:07:45 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.10.10 08:07:45 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.10.10 08:07:29 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.10.10 08:07:29 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.10.07 23:12:30 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.06 14:00:20 | 000,000,000 | ---D | C] -- C:\Users\Gudrun\AppData\Roaming\Malwarebytes
[2012.10.06 13:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.06 13:59:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.06 13:59:38 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.06 13:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.09.26 16:45:01 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OxpsConverter.exe
[2012.09.21 23:14:00 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.21 23:13:59 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.21 23:13:58 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.21 23:13:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.21 23:13:58 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.21 23:13:56 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.21 23:13:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.21 23:13:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.10.18 17:23:57 | 000,010,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.18 17:23:57 | 000,010,832 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.18 17:22:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gudrun\Desktop\OTL(1).exe
[2012.10.18 17:16:35 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.18 17:16:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.18 17:16:18 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.17 21:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.17 21:36:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.13 23:13:20 | 000,657,676 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.13 23:13:20 | 000,618,912 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.13 23:13:20 | 000,131,016 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.13 23:13:20 | 000,107,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.08 21:52:07 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.08 21:52:07 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.10.07 23:12:24 | 583,044,766 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.07 09:42:16 | 000,302,592 | ---- | M] () -- C:\Users\Gudrun\Desktop\hwkj8rvb.exe
[2012.10.07 08:38:58 | 000,000,000 | ---- | M] () -- C:\Users\Gudrun\defogger_reenable
[2012.10.07 08:31:17 | 000,050,477 | ---- | M] () -- C:\Users\Gudrun\Desktop\Defogger.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.10.07 23:12:24 | 583,044,766 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.10.07 09:42:16 | 000,302,592 | ---- | C] () -- C:\Users\Gudrun\Desktop\hwkj8rvb.exe
[2012.10.07 08:38:58 | 000,000,000 | ---- | C] () -- C:\Users\Gudrun\defogger_reenable
[2012.10.07 08:31:17 | 000,050,477 | ---- | C] () -- C:\Users\Gudrun\Desktop\Defogger.exe
[2012.07.15 22:04:02 | 000,004,593 | ---- | C] () -- C:\Users\Gudrun\.recently-used.xbel
[2012.03.26 19:52:55 | 000,281,504 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2012.03.26 19:52:55 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2012.03.13 01:17:03 | 000,000,045 | ---- | C] () -- C:\Users\Gudrun\.gtk-bookmarks
[2011.01.28 13:32:38 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >
Nun noch Otl Extras: OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 18.10.2012 17:24:09 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gudrun\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,97 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 69,05% Memory free
5,93 Gb Paging File | 4,93 Gb Available in Paging File | 83,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 380,76 Gb Total Space | 175,95 Gb Free Space | 46,21% Space Free | Partition Type: NTFS
Drive D: | 72,00 Gb Total Space | 56,83 Gb Free Space | 78,93% Space Free | Partition Type: NTFS
Computer Name: GUDRUN-PC | User Name: Gudrun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2694796141-4042297030-3838815509-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C064B0D-9D1F-4B85-A094-9323E04D95EC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0C9DBD19-8946-46F3-9C8C-B0EA3FE8CEB6}" = rport=137 | protocol=17 | dir=out | app=system |
"{263B87A1-A627-4525-A4E8-5C5602845184}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2DED2B15-0481-4A88-ABD9-97889DBFE5BF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3B82D07A-FCC1-4489-B165-A2CC586EAC9F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4580847C-6638-40B3-99E8-7C7FD7C01D0E}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{496F2B59-B2FF-46A7-8456-FA38D6E031DE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{557A62A3-989D-4E9D-9FA4-0D966482BCFB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56CB739A-7E7A-4805-8898-BD72C11D47F4}" = lport=445 | protocol=6 | dir=in | app=system |
"{57017312-5674-4505-AC73-2A5949E2DCE8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5912CDC7-095A-4196-BB45-F0856AD1A3A5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{607B0DC7-6423-4BEF-A8CC-68849F47A1A1}" = rport=445 | protocol=6 | dir=out | app=system |
"{68B3969D-9229-4F98-A678-86B9049CADC6}" = lport=138 | protocol=17 | dir=in | app=system |
"{8660DB8F-B8C3-4282-A3AA-49797CD14578}" = lport=139 | protocol=6 | dir=in | app=system |
"{8F1A0FF1-AE70-4158-95B2-A3758C9F353D}" = rport=138 | protocol=17 | dir=out | app=system |
"{98CA0AD6-18D1-4716-90BE-21360EEDA616}" = rport=139 | protocol=6 | dir=out | app=system |
"{9A24E270-91BB-433D-B45E-41DE60FC1AED}" = lport=137 | protocol=17 | dir=in | app=system |
"{CAF2BB4D-E8E5-47FF-A2B0-2134D60C7059}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D28E7239-7023-4E3D-B5C4-C8F6A9CEB5D6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DE5D9009-8B61-41D1-B99F-54353EA79A4D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E110AC28-538A-4E20-9929-242C220B7FDC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EBC49B9B-8B0B-491A-AF00-1C3C02AA5ACC}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{062D7574-8413-4C40-8803-424EEF5A0B7F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1BE4555D-F432-417F-B0A7-AB6D0EDBA3AC}" = protocol=17 | dir=in | app=c:\program files\reality pump\two worlds ii\twoworlds2.exe |
"{213E6FE1-4F3A-4586-9FB0-1F8DA0A7A72E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{227210BE-5D8E-4B9D-AFF6-058D57C5B68C}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{24207019-2E39-4F25-93B0-5DCB6DDB23B0}" = protocol=6 | dir=in | app=c:\program files\reality pump\two worlds ii\twoworlds2.exe |
"{2A844571-AC5A-48D4-9282-175058A34EEC}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{33F4CA3E-0AE8-4EB7-AFD6-CBDC93F3EDE3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{35B4114C-F4D3-4E18-8EB1-46259B94D0DE}" = protocol=6 | dir=in | app=c:\users\gudrun\appdata\local\akamai\netsession_win.exe |
"{3757DEEF-5B35-425B-BFAE-BC08F590FE26}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3CB17FCE-1D2C-4F98-856E-3202ED1FBD81}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{479B9B14-9D45-4470-9C94-AE2DC7CAC907}" = protocol=17 | dir=in | app=c:\program files\dragon age 2\dragonage2launcher.exe |
"{4C79328E-AE86-403A-B715-392EAE773A1F}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{4E0FB7DA-2838-4359-820A-49A4377ED47C}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{500B896F-AE1E-4DD6-B723-812C3EA01019}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{517F2F53-B9CF-4E76-92A0-E482BC332AF7}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{5538596A-9730-49F4-BBC2-7FF6C38B8337}" = protocol=6 | dir=in | app=c:\program files\dragon age 2\bin_ship\dragonage2.exe |
"{61C704CB-C484-4E99-98FE-C94D9209C554}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{679BA5B2-6E17-4438-967B-2C81517A2F65}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{6904D9DC-7615-4E49-9FC1-8FF23C57C447}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{69D8E22C-698B-4CA3-B820-B77BE546BF52}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{7201C70E-F1FC-44D3-B612-CFAF143D1920}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{757EC3D5-18FC-4D36-A31B-23C84E0AA215}" = protocol=6 | dir=out | app=system |
"{794E0848-0E01-4D81-8C6D-CD84082269C5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7D7647EC-9778-4EA3-92F4-DD433DF02D1A}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{804C61D2-D79F-443E-9C2A-0F37659B5D76}" = protocol=6 | dir=in | app=c:\program files\dragon age 2\dragonage2launcher.exe |
"{875EA354-2B6E-4612-9D12-216CF7204B07}" = protocol=17 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{909DCDF2-7AC2-490E-8400-A2FCC0FCD94E}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{96E912C4-0830-46BF-A792-46B9A5B3374C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9CF5A0E5-85D7-4237-8AB8-9C3CCF17C392}" = protocol=6 | dir=in | app=c:\program files\mass effect\masseffectlauncher.exe |
"{9D544A07-C55A-46A7-9886-C0D76A050B9B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A11ED015-B9A2-46C1-A9E0-862DCA011353}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{AFA1D72B-35CA-46D6-85E7-265110A8B362}" = protocol=17 | dir=in | app=c:\users\gudrun\appdata\local\akamai\netsession_win.exe |
"{B0D52236-2B8D-493F-A526-F979776BE298}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B1478444-5D61-4CEB-BF9E-39FFE565AB2C}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{B630271E-C2D3-49AD-BA35-2B8CC1984C4C}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{B6B98B8A-D794-4D1F-AA88-7E161542A6B8}" = protocol=6 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{BB1E7611-8CE0-4D84-8DAF-C4CA0B88BE0F}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{C2719DA6-76F2-4216-B154-81D4E76EDCAE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C63BF64E-D81B-4C8D-96D8-3E88F333EBF9}" = protocol=6 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\swtor\retailclient\swtor.exe |
"{C8C228A9-B6E2-4389-A2FD-27A0FE519EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CB3EBDF7-D36D-46FB-A0BA-5CF547B6F369}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CB46DDDB-8BE8-469C-B084-540765DC2B95}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{CCF81B87-1DC1-42BF-B60B-75966AE7680B}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{D0ED510F-51AE-4D0F-A7B1-1B09358ED12A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DA2F0E2B-25BC-429F-89FE-6BAC6218E5B0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DF07A6D7-B2F6-40BE-AE50-1EB744EFC974}" = protocol=17 | dir=in | app=c:\program files\mass effect\binaries\masseffect.exe |
"{E871081A-F5ED-4587-8A0A-8AF5D14DF472}" = protocol=17 | dir=in | app=c:\program files\dragon age 2\bin_ship\dragonage2.exe |
"{EE03C361-F75B-4762-8877-AE0F2F684BE7}" = protocol=17 | dir=in | app=c:\program files\electronic arts\bioware\star wars - the old republic\launcher.exe |
"{FE447DD4-1816-4A65-8415-AACDCE415F93}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"TCP Query User{2D5DBC0C-7A06-4C2D-83FE-A45E20242E5B}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe |
"TCP Query User{306DEF67-80D6-44AD-B11A-59E02BB952C1}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{44559E22-FB79-45F8-A693-4C408F269208}C:\users\gudrun\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\gudrun\appdata\local\akamai\netsession_win.exe |
"TCP Query User{8D8E4D20-9786-4E27-8C81-26DE69FF6223}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
"TCP Query User{95E44999-CCF7-4A38-B1AD-FC5DA00EE568}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"TCP Query User{A770FC8C-29E7-491C-8DBB-851B51CC0E21}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{B2BF5BC9-5917-46D4-8243-B524CCB404D3}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=6 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"TCP Query User{B91126D9-1CF6-4DB5-A1EA-7B92C6ED15EB}C:\users\gudrun\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\gudrun\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{FBC70CA4-B879-46C4-9140-F97CB7F711E6}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{361B7F9F-7975-4878-BF0B-72AB7DBD9481}C:\users\gudrun\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\gudrun\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{393A4FF2-482F-4C1D-BC5D-2AEE31668DDB}C:\users\gudrun\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\gudrun\appdata\local\akamai\netsession_win.exe |
"UDP Query User{40019207-BCD4-4771-B17B-C22D3A2DD849}C:\program files\starcraft ii\versions\base17326\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base17326\sc2.exe |
"UDP Query User{52A13E4F-C322-4DC7-9EE5-3C13AA5058C1}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{6CC2498C-3E85-4916-91EA-B5502D792F5A}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{920446AF-C447-4060-838A-57DAB4BBDFD1}C:\program files\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files\the witcher 2\bin\witcher2.exe |
"UDP Query User{A3FE4096-8156-45D5-90D9-8F2EB3E64B17}C:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe" = protocol=17 | dir=in | app=c:\program files\gretech\gomtvstreamer\gomtvstreamerlive.exe |
"UDP Query User{AC031832-24D9-41D7-A409-8BFCB36C2FAF}C:\program files\starcraft ii\versions\base16939\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base16939\sc2.exe |
"UDP Query User{DF00FE72-0E46-4C51-AD59-E4C56682BE20}C:\program files\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\support\blizzarddownloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{33C730FE-A1EC-46EA-82ED-C79C639D4F92}_is1" = SolarDemo V0.93
"{3B10321A-80CC-4B55-B9A1-A1D69F74A052}" = DruckStudio Karten
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56F53F3E-E2D5-4AB7-A2C5-2A51EE3FB2E8}" = Danfoss20120515
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{765AB753-AFC9-4352-A56F-363EB06B2601}" = Danfoss20120515
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{ED2FC50F-C1A5-40DA-B6A7-A787F7323E86}" = DanBasic V
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 2.02.002
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2E23139-3404-4E3C-9855-7724415D62A5}" = Dragon Age II
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Drakensang_is1" = Drakensang
"easy-AZA Version 12.03_is1" = easy-AZA Version 12.03 (06.07.2012)
"easy-AZK Version 12.02_is1" = easy-AZK Version 12.02 (11.05.2012)
"Free Studio_is1" = Free Studio version 5.6.1.608
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"freeocr_is1" = FreeOCR v4.2
"GIMP-2_is1" = GIMP 2.8.0
"GOM Player" = GOM Player
"GomTVStreamer" = GOMTV Streamer
"KaloMa_is1" = KaloMa 4.77
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Professional 2010
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"StarCraft II" = StarCraft II
"Two Worlds II" = Two Worlds II
"Update Engine" = Sony Ericsson Update Engine
"WinMerge_is1" = WinMerge 2.12.4
"WinRAR archiver" = WinRAR
"Workrave_is1" = Workrave 1.9.4
"YTdetect" = Yahoo! Detect
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2694796141-4042297030-3838815509-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.02.2012 22:17:30 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 29.02.2012 23:17:12 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 29.02.2012 23:17:17 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 29.02.2012 23:17:24 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 29.02.2012 23:17:30 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 01.03.2012 11:48:42 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 02.03.2012 13:35:14 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 03.03.2012 09:00:01 | Computer Name = GUDRUN-PC | Source = Avira Antivirus | ID = 4118
Description = AUSNAHMEFEHLER beim Aufruf der Funktion AVEPROC_InitEngine() für die
Datei unknown. [ACCESS_VIOLATION Exception!! EIP = 0x71e861bc] Bitte Avira informieren
und die obige Datei übersenden!
Error - 03.03.2012 09:57:17 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
Error - 04.03.2012 17:12:20 | Computer Name = GUDRUN-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Die Daten sind unzulässig. .
[ System Events ]
Error - 17.10.2012 16:28:40 | Computer Name = GUDRUN-PC | Source = DCOM | ID = 10005
Description =
Error - 17.10.2012 16:28:41 | Computer Name = GUDRUN-PC | Source = DCOM | ID = 10005
Description =
Error - 17.10.2012 16:28:43 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.10.2012 16:28:43 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.10.2012 16:28:43 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.10.2012 16:28:43 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.10.2012 16:28:45 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 17.10.2012 16:28:45 | Computer Name = GUDRUN-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068
Error - 18.10.2012 11:16:27 | Computer Name = GUDRUN-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 18.10.2012 11:16:27 | Computer Name = GUDRUN-PC | Source = atikmdag | ID = 43029
Description = Display is not active
< End of report >
Mfg |
|
19.10.2012, 09:45
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet Fund von EXP/2012-4681.AD Das Log ist unauffällig. Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.10.2012, 20:36
| #23 |
| | Avira meldet Fund von EXP/2012-4681.AD Hallo Cosinus, hier wie gewünscht der Log (1 Fund): Code:
ATTFilter 21:27:31.0901 3584 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
21:27:32.0167 3584 ============================================================
21:27:32.0167 3584 Current date / time: 2012/10/19 21:27:32.0167
21:27:32.0167 3584 SystemInfo:
21:27:32.0167 3584
21:27:32.0167 3584 OS Version: 6.1.7601 ServicePack: 1.0
21:27:32.0167 3584 Product type: Workstation
21:27:32.0168 3584 ComputerName: GUDRUN-PC
21:27:32.0168 3584 UserName: Gudrun
21:27:32.0168 3584 Windows directory: C:\Windows
21:27:32.0168 3584 System windows directory: C:\Windows
21:27:32.0168 3584 Processor architecture: Intel x86
21:27:32.0168 3584 Number of processors: 2
21:27:32.0168 3584 Page size: 0x1000
21:27:32.0168 3584 Boot type: Normal boot
21:27:32.0168 3584 ============================================================
21:27:33.0532 3584 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:27:33.0534 3584 ============================================================
21:27:33.0534 3584 \Device\Harddisk0\DR0:
21:27:33.0535 3584 MBR partitions:
21:27:33.0535 3584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x2F984000
21:27:33.0535 3584 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x31384800, BlocksNum 0x9001000
21:27:33.0535 3584 ============================================================
21:27:33.0557 3584 C: <-> \Device\Harddisk0\DR0\Partition1
21:27:33.0604 3584 D: <-> \Device\Harddisk0\DR0\Partition2
21:27:33.0604 3584 ============================================================
21:27:33.0604 3584 Initialize success
21:27:33.0604 3584 ============================================================
21:28:19.0013 2864 ============================================================
21:28:19.0013 2864 Scan started
21:28:19.0013 2864 Mode: Manual; SigCheck; TDLFS;
21:28:19.0013 2864 ============================================================
21:28:19.0754 2864 ================ Scan system memory ========================
21:28:19.0754 2864 System memory - ok
21:28:19.0754 2864 ================ Scan services =============================
21:28:19.0944 2864 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:28:20.0054 2864 1394ohci - ok
21:28:20.0144 2864 [ DA115C33158E4ED1CCE74221F320B6B3 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:28:20.0164 2864 acedrv11 - ok
21:28:20.0214 2864 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:28:20.0264 2864 ACPI - ok
21:28:20.0334 2864 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:28:20.0414 2864 AcpiPmi - ok
21:28:20.0594 2864 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:28:20.0614 2864 AdobeARMservice - ok
21:28:20.0734 2864 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:28:20.0754 2864 AdobeFlashPlayerUpdateSvc - ok
21:28:20.0824 2864 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:28:20.0854 2864 adp94xx - ok
21:28:20.0904 2864 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:28:20.0934 2864 adpahci - ok
21:28:20.0964 2864 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:28:20.0984 2864 adpu320 - ok
21:28:21.0034 2864 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:28:21.0074 2864 AeLookupSvc - ok
21:28:21.0146 2864 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
21:28:21.0224 2864 AFD - ok
21:28:21.0255 2864 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
21:28:21.0271 2864 agp440 - ok
21:28:21.0318 2864 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
21:28:21.0333 2864 aic78xx - ok
21:28:21.0552 2864 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
21:28:21.0552 2864 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
21:28:21.0567 2864 Akamai ( HiddenFile.Multi.Generic ) - warning
21:28:21.0567 2864 Akamai - detected HiddenFile.Multi.Generic (1)
21:28:21.0627 2864 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
21:28:21.0707 2864 ALG - ok
21:28:21.0757 2864 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
21:28:21.0777 2864 aliide - ok
21:28:21.0837 2864 [ B19505648F033393E907E2E419FDE8B3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:28:21.0907 2864 AMD External Events Utility - ok
21:28:21.0927 2864 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:28:21.0947 2864 amdagp - ok
21:28:21.0977 2864 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
21:28:21.0997 2864 amdide - ok
21:28:22.0087 2864 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:28:22.0157 2864 AmdK8 - ok
21:28:22.0267 2864 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:28:22.0337 2864 AmdPPM - ok
21:28:22.0397 2864 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:28:22.0417 2864 amdsata - ok
21:28:22.0477 2864 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:28:22.0497 2864 amdsbs - ok
21:28:22.0547 2864 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:28:22.0567 2864 amdxata - ok
21:28:22.0667 2864 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
21:28:22.0697 2864 AntiVirSchedulerService - ok
21:28:22.0757 2864 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
21:28:22.0777 2864 AntiVirService - ok
21:28:22.0837 2864 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
21:28:22.0967 2864 AppID - ok
21:28:23.0017 2864 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:28:23.0077 2864 AppIDSvc - ok
21:28:23.0147 2864 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
21:28:23.0207 2864 Appinfo - ok
21:28:23.0267 2864 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
21:28:23.0277 2864 arc - ok
21:28:23.0287 2864 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:28:23.0307 2864 arcsas - ok
21:28:23.0327 2864 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:28:23.0437 2864 AsyncMac - ok
21:28:23.0457 2864 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
21:28:23.0467 2864 atapi - ok
21:28:23.0527 2864 [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr C:\Windows\system32\DRIVERS\athr.sys
21:28:23.0637 2864 athr - ok
21:28:23.0797 2864 [ 04F09923A393E4E0E8453A8F78361E73 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:28:23.0957 2864 atikmdag - ok
21:28:24.0037 2864 [ 70F72C50D39F5AFA76C17F86223A7C4F ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:28:24.0057 2864 atksgt - ok
21:28:24.0127 2864 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:28:24.0197 2864 AudioEndpointBuilder - ok
21:28:24.0207 2864 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:28:24.0237 2864 Audiosrv - ok
21:28:24.0287 2864 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:28:24.0297 2864 avgntflt - ok
21:28:24.0367 2864 [ 3001E24F340D400BFF85935E5777FC5B ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
21:28:24.0387 2864 avgtp - ok
21:28:24.0447 2864 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:28:24.0467 2864 avipbb - ok
21:28:24.0497 2864 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:28:24.0507 2864 avkmgr - ok
21:28:24.0547 2864 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:28:24.0627 2864 AxInstSV - ok
21:28:24.0687 2864 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
21:28:24.0767 2864 b06bdrv - ok
21:28:24.0827 2864 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:28:24.0847 2864 b57nd60x - ok
21:28:24.0907 2864 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
21:28:24.0977 2864 BDESVC - ok
21:28:24.0987 2864 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
21:28:25.0057 2864 Beep - ok
21:28:25.0097 2864 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
21:28:25.0157 2864 BFE - ok
21:28:25.0207 2864 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
21:28:25.0287 2864 BITS - ok
21:28:25.0327 2864 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:28:25.0337 2864 blbdrive - ok
21:28:25.0387 2864 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:28:25.0447 2864 bowser - ok
21:28:25.0467 2864 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:28:25.0497 2864 BrFiltLo - ok
21:28:25.0517 2864 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:28:25.0557 2864 BrFiltUp - ok
21:28:25.0597 2864 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
21:28:25.0667 2864 Browser - ok
21:28:25.0717 2864 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:28:25.0757 2864 Brserid - ok
21:28:25.0777 2864 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:28:25.0827 2864 BrSerWdm - ok
21:28:25.0847 2864 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:28:25.0897 2864 BrUsbMdm - ok
21:28:25.0927 2864 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:28:25.0987 2864 BrUsbSer - ok
21:28:26.0017 2864 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:28:26.0067 2864 BTHMODEM - ok
21:28:26.0127 2864 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
21:28:26.0187 2864 bthserv - ok
21:28:26.0247 2864 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:28:26.0327 2864 cdfs - ok
21:28:26.0397 2864 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:28:26.0447 2864 cdrom - ok
21:28:26.0507 2864 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
21:28:26.0577 2864 CertPropSvc - ok
21:28:26.0637 2864 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:28:26.0687 2864 circlass - ok
21:28:26.0727 2864 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
21:28:26.0757 2864 CLFS - ok
21:28:26.0877 2864 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:28:26.0897 2864 clr_optimization_v2.0.50727_32 - ok
21:28:26.0997 2864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:28:27.0017 2864 clr_optimization_v4.0.30319_32 - ok
21:28:27.0067 2864 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:28:27.0107 2864 CmBatt - ok
21:28:27.0137 2864 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:28:27.0167 2864 cmdide - ok
21:28:27.0217 2864 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
21:28:27.0257 2864 CNG - ok
21:28:27.0347 2864 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:28:27.0367 2864 Compbatt - ok
21:28:27.0397 2864 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:28:27.0437 2864 CompositeBus - ok
21:28:27.0457 2864 COMSysApp - ok
21:28:27.0477 2864 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:28:27.0487 2864 crcdisk - ok
21:28:27.0537 2864 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:28:27.0617 2864 CryptSvc - ok
21:28:27.0717 2864 [ 80861969541971176E005D2C09DAE851 ] DAUpdaterSvc C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
21:28:27.0737 2864 DAUpdaterSvc - ok
21:28:27.0777 2864 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
21:28:27.0827 2864 DcomLaunch - ok
21:28:27.0857 2864 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
21:28:27.0927 2864 defragsvc - ok
21:28:27.0987 2864 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:28:28.0057 2864 DfsC - ok
21:28:28.0117 2864 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:28:28.0177 2864 Dhcp - ok
21:28:28.0237 2864 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
21:28:28.0297 2864 discache - ok
21:28:28.0337 2864 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:28:28.0347 2864 Disk - ok
21:28:28.0407 2864 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:28:28.0427 2864 Dnscache - ok
21:28:28.0467 2864 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
21:28:28.0537 2864 dot3svc - ok
21:28:28.0577 2864 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
21:28:28.0647 2864 DPS - ok
21:28:28.0707 2864 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:28:28.0757 2864 drmkaud - ok
21:28:28.0807 2864 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:28:28.0847 2864 DXGKrnl - ok
21:28:28.0917 2864 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
21:28:28.0987 2864 EapHost - ok
21:28:29.0117 2864 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
21:28:29.0227 2864 ebdrv - ok
21:28:29.0277 2864 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
21:28:29.0307 2864 EFS - ok
21:28:29.0387 2864 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:28:29.0437 2864 ehRecvr - ok
21:28:29.0477 2864 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
21:28:29.0517 2864 ehSched - ok
21:28:29.0587 2864 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:28:29.0617 2864 elxstor - ok
21:28:29.0637 2864 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:28:29.0667 2864 ErrDev - ok
21:28:29.0747 2864 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
21:28:29.0807 2864 EventSystem - ok
21:28:29.0847 2864 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
21:28:29.0907 2864 exfat - ok
21:28:29.0947 2864 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:28:30.0007 2864 fastfat - ok
21:28:30.0077 2864 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
21:28:30.0137 2864 Fax - ok
21:28:30.0177 2864 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:28:30.0217 2864 fdc - ok
21:28:30.0267 2864 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
21:28:30.0327 2864 fdPHost - ok
21:28:30.0347 2864 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
21:28:30.0397 2864 FDResPub - ok
21:28:30.0427 2864 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:28:30.0437 2864 FileInfo - ok
21:28:30.0447 2864 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:28:30.0517 2864 Filetrace - ok
21:28:30.0567 2864 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:28:30.0587 2864 flpydisk - ok
21:28:30.0627 2864 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:28:30.0647 2864 FltMgr - ok
21:28:30.0697 2864 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
21:28:30.0777 2864 FontCache - ok
21:28:30.0857 2864 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:28:30.0867 2864 FontCache3.0.0.0 - ok
21:28:30.0917 2864 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:28:30.0937 2864 FsDepends - ok
21:28:30.0977 2864 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:28:30.0987 2864 Fs_Rec - ok
21:28:31.0037 2864 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:28:31.0057 2864 fvevol - ok
21:28:31.0077 2864 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:28:31.0097 2864 gagp30kx - ok
21:28:31.0157 2864 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
21:28:31.0167 2864 ggflt - ok
21:28:31.0217 2864 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
21:28:31.0237 2864 ggsemc - ok
21:28:31.0287 2864 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
21:28:31.0363 2864 gpsvc - ok
21:28:31.0457 2864 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:28:31.0472 2864 gupdate - ok
21:28:31.0504 2864 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:28:31.0535 2864 gupdatem - ok
21:28:31.0566 2864 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:28:31.0597 2864 hcw85cir - ok
21:28:31.0660 2864 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:28:31.0691 2864 HdAudAddService - ok
21:28:31.0753 2864 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:28:31.0800 2864 HDAudBus - ok
21:28:31.0831 2864 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:28:31.0878 2864 HidBatt - ok
21:28:31.0909 2864 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:28:31.0956 2864 HidBth - ok
21:28:31.0987 2864 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:28:32.0018 2864 HidIr - ok
21:28:32.0065 2864 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
21:28:32.0128 2864 hidserv - ok
21:28:32.0190 2864 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:28:32.0237 2864 HidUsb - ok
21:28:32.0284 2864 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:28:32.0315 2864 hkmsvc - ok
21:28:32.0330 2864 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:28:32.0377 2864 HomeGroupListener - ok
21:28:32.0424 2864 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:28:32.0471 2864 HomeGroupProvider - ok
21:28:32.0533 2864 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:28:32.0549 2864 HpSAMD - ok
21:28:32.0596 2864 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:28:32.0642 2864 HTTP - ok
21:28:32.0689 2864 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:28:32.0705 2864 hwpolicy - ok
21:28:32.0752 2864 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:28:32.0783 2864 i8042prt - ok
21:28:32.0814 2864 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:28:32.0845 2864 iaStorV - ok
21:28:32.0908 2864 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:28:32.0970 2864 idsvc - ok
21:28:33.0017 2864 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:28:33.0048 2864 iirsp - ok
21:28:33.0095 2864 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
21:28:33.0173 2864 IKEEXT - ok
21:28:33.0220 2864 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
21:28:33.0235 2864 intelide - ok
21:28:33.0282 2864 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:28:33.0313 2864 intelppm - ok
21:28:33.0391 2864 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:28:33.0454 2864 IPBusEnum - ok
21:28:33.0485 2864 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:28:33.0532 2864 IpFilterDriver - ok
21:28:33.0610 2864 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:28:33.0656 2864 iphlpsvc - ok
21:28:33.0688 2864 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:28:33.0703 2864 IPMIDRV - ok
21:28:33.0750 2864 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:28:33.0797 2864 IPNAT - ok
21:28:33.0844 2864 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:28:33.0890 2864 IRENUM - ok
21:28:33.0906 2864 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:28:33.0922 2864 isapnp - ok
21:28:33.0937 2864 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:28:33.0953 2864 iScsiPrt - ok
21:28:33.0984 2864 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:28:34.0000 2864 kbdclass - ok
21:28:34.0031 2864 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:28:34.0046 2864 kbdhid - ok
21:28:34.0109 2864 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
21:28:34.0140 2864 KeyIso - ok
21:28:34.0187 2864 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:28:34.0202 2864 KSecDD - ok
21:28:34.0218 2864 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:28:34.0234 2864 KSecPkg - ok
21:28:34.0284 2864 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
21:28:34.0364 2864 KtmRm - ok
21:28:34.0424 2864 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
21:28:34.0474 2864 LanmanServer - ok
21:28:34.0514 2864 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:28:34.0554 2864 LanmanWorkstation - ok
21:28:34.0634 2864 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:28:34.0654 2864 lirsgt - ok
21:28:34.0724 2864 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:28:34.0784 2864 lltdio - ok
21:28:34.0834 2864 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:28:34.0894 2864 lltdsvc - ok
21:28:34.0914 2864 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
21:28:34.0984 2864 lmhosts - ok
21:28:35.0024 2864 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:28:35.0034 2864 LSI_FC - ok
21:28:35.0084 2864 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:28:35.0094 2864 LSI_SAS - ok
21:28:35.0114 2864 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:28:35.0134 2864 LSI_SAS2 - ok
21:28:35.0154 2864 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:28:35.0164 2864 LSI_SCSI - ok
21:28:35.0184 2864 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
21:28:35.0234 2864 luafv - ok
21:28:35.0284 2864 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:28:35.0294 2864 Mcx2Svc - ok
21:28:35.0304 2864 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:28:35.0324 2864 megasas - ok
21:28:35.0344 2864 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:28:35.0364 2864 MegaSR - ok
21:28:35.0404 2864 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
21:28:35.0434 2864 MMCSS - ok
21:28:35.0454 2864 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
21:28:35.0504 2864 Modem - ok
21:28:35.0534 2864 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:28:35.0574 2864 monitor - ok
21:28:35.0624 2864 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:28:35.0634 2864 mouclass - ok
21:28:35.0654 2864 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:28:35.0684 2864 mouhid - ok
21:28:35.0724 2864 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:28:35.0744 2864 mountmgr - ok
21:28:35.0824 2864 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:28:35.0844 2864 MozillaMaintenance - ok
21:28:35.0864 2864 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
21:28:35.0874 2864 mpio - ok
21:28:35.0914 2864 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:28:35.0984 2864 mpsdrv - ok
21:28:36.0104 2864 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:28:36.0204 2864 MpsSvc - ok
21:28:36.0224 2864 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:28:36.0264 2864 MRxDAV - ok
21:28:36.0334 2864 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:28:36.0394 2864 mrxsmb - ok
21:28:36.0454 2864 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:28:36.0474 2864 mrxsmb10 - ok
21:28:36.0514 2864 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:28:36.0544 2864 mrxsmb20 - ok
21:28:36.0594 2864 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
21:28:36.0614 2864 msahci - ok
21:28:36.0664 2864 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:28:36.0684 2864 msdsm - ok
21:28:36.0714 2864 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
21:28:36.0754 2864 MSDTC - ok
21:28:36.0794 2864 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:28:36.0864 2864 Msfs - ok
21:28:36.0884 2864 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:28:36.0964 2864 mshidkmdf - ok
21:28:37.0024 2864 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:28:37.0044 2864 msisadrv - ok
21:28:37.0144 2864 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:28:37.0194 2864 MSiSCSI - ok
21:28:37.0194 2864 msiserver - ok
21:28:37.0334 2864 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:28:37.0394 2864 MSKSSRV - ok
21:28:37.0434 2864 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:28:37.0494 2864 MSPCLOCK - ok
21:28:37.0514 2864 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:28:37.0544 2864 MSPQM - ok
21:28:37.0564 2864 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:28:37.0584 2864 MsRPC - ok
21:28:37.0624 2864 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:28:37.0634 2864 mssmbios - ok
21:28:37.0644 2864 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:28:37.0674 2864 MSTEE - ok
21:28:37.0694 2864 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:28:37.0734 2864 MTConfig - ok
21:28:37.0764 2864 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
21:28:37.0774 2864 Mup - ok
21:28:37.0824 2864 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
21:28:37.0864 2864 napagent - ok
21:28:37.0934 2864 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:28:37.0964 2864 NativeWifiP - ok
21:28:38.0024 2864 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:28:38.0074 2864 NDIS - ok
21:28:38.0084 2864 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:28:38.0124 2864 NdisCap - ok
21:28:38.0154 2864 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:28:38.0214 2864 NdisTapi - ok
21:28:38.0254 2864 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:28:38.0314 2864 Ndisuio - ok
21:28:38.0344 2864 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:28:38.0404 2864 NdisWan - ok
21:28:38.0424 2864 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:28:38.0494 2864 NDProxy - ok
21:28:38.0564 2864 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:28:38.0604 2864 NetBIOS - ok
21:28:38.0644 2864 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:28:38.0704 2864 NetBT - ok
21:28:38.0724 2864 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
21:28:38.0744 2864 Netlogon - ok
21:28:38.0814 2864 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
21:28:38.0874 2864 Netman - ok
21:28:38.0914 2864 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
21:28:38.0974 2864 netprofm - ok
21:28:39.0024 2864 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:28:39.0044 2864 NetTcpPortSharing - ok
21:28:39.0094 2864 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:28:39.0114 2864 nfrd960 - ok
21:28:39.0164 2864 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:28:39.0234 2864 NlaSvc - ok
21:28:39.0264 2864 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:28:39.0304 2864 Npfs - ok
21:28:39.0344 2864 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
21:28:39.0374 2864 nsi - ok
21:28:39.0414 2864 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:28:39.0484 2864 nsiproxy - ok
21:28:39.0554 2864 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:28:39.0634 2864 Ntfs - ok
21:28:39.0644 2864 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
21:28:39.0694 2864 Null - ok
21:28:39.0734 2864 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:28:39.0754 2864 nvraid - ok
21:28:39.0814 2864 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:28:39.0834 2864 nvstor - ok
21:28:39.0844 2864 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:28:39.0854 2864 nv_agp - ok
21:28:39.0894 2864 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:28:39.0934 2864 ohci1394 - ok
21:28:40.0014 2864 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:28:40.0044 2864 ose - ok
21:28:40.0204 2864 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:28:40.0354 2864 osppsvc - ok
21:28:40.0394 2864 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:28:40.0464 2864 p2pimsvc - ok
21:28:40.0494 2864 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
21:28:40.0524 2864 p2psvc - ok
21:28:40.0564 2864 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:28:40.0574 2864 Parport - ok
21:28:40.0624 2864 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:28:40.0634 2864 partmgr - ok
21:28:40.0654 2864 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
21:28:40.0684 2864 Parvdm - ok
21:28:40.0724 2864 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:28:40.0744 2864 PcaSvc - ok
21:28:40.0794 2864 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
21:28:40.0824 2864 pci - ok
21:28:40.0834 2864 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
21:28:40.0844 2864 pciide - ok
21:28:40.0884 2864 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:28:40.0904 2864 pcmcia - ok
21:28:40.0944 2864 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
21:28:40.0954 2864 pcw - ok
21:28:40.0984 2864 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:28:41.0044 2864 PEAUTH - ok
21:28:41.0114 2864 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
21:28:41.0224 2864 pla - ok
21:28:41.0274 2864 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:28:41.0304 2864 PlugPlay - ok
21:28:41.0334 2864 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:28:41.0374 2864 PNRPAutoReg - ok
21:28:41.0404 2864 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:28:41.0424 2864 PNRPsvc - ok
21:28:41.0474 2864 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:28:41.0504 2864 PolicyAgent - ok
21:28:41.0544 2864 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
21:28:41.0614 2864 Power - ok
21:28:41.0674 2864 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:28:41.0744 2864 PptpMiniport - ok
21:28:41.0754 2864 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:28:41.0794 2864 Processor - ok
21:28:41.0864 2864 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
21:28:41.0914 2864 ProfSvc - ok
21:28:41.0944 2864 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:28:41.0954 2864 ProtectedStorage - ok
21:28:41.0984 2864 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:28:42.0054 2864 Psched - ok
21:28:42.0134 2864 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
21:28:42.0154 2864 PSI - ok
21:28:42.0234 2864 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:28:42.0304 2864 ql2300 - ok
21:28:42.0314 2864 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:28:42.0334 2864 ql40xx - ok
21:28:42.0374 2864 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
21:28:42.0424 2864 QWAVE - ok
21:28:42.0444 2864 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:28:42.0464 2864 QWAVEdrv - ok
21:28:42.0474 2864 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:28:42.0524 2864 RasAcd - ok
21:28:42.0554 2864 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:28:42.0624 2864 RasAgileVpn - ok
21:28:42.0654 2864 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
21:28:42.0694 2864 RasAuto - ok
21:28:42.0714 2864 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:28:42.0744 2864 Rasl2tp - ok
21:28:42.0794 2864 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
21:28:42.0874 2864 RasMan - ok
21:28:42.0894 2864 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:28:42.0954 2864 RasPppoe - ok
21:28:43.0024 2864 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:28:43.0084 2864 RasSstp - ok
21:28:43.0134 2864 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:28:43.0184 2864 rdbss - ok
21:28:43.0204 2864 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:28:43.0224 2864 rdpbus - ok
21:28:43.0264 2864 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:28:43.0314 2864 RDPCDD - ok
21:28:43.0354 2864 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:28:43.0384 2864 RDPENCDD - ok
21:28:43.0394 2864 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:28:43.0424 2864 RDPREFMP - ok
21:28:43.0464 2864 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:28:43.0494 2864 RDPWD - ok
21:28:43.0554 2864 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:28:43.0584 2864 rdyboost - ok
21:28:43.0624 2864 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
21:28:43.0684 2864 RemoteAccess - ok
21:28:43.0734 2864 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:28:43.0794 2864 RemoteRegistry - ok
21:28:43.0834 2864 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:28:43.0864 2864 RpcEptMapper - ok
21:28:43.0904 2864 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
21:28:43.0924 2864 RpcLocator - ok
21:28:43.0944 2864 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
21:28:43.0984 2864 RpcSs - ok
21:28:44.0034 2864 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:28:44.0094 2864 rspndr - ok
21:28:44.0124 2864 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
21:28:44.0134 2864 SamSs - ok
21:28:44.0154 2864 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:28:44.0164 2864 sbp2port - ok
21:28:44.0204 2864 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:28:44.0254 2864 SCardSvr - ok
21:28:44.0284 2864 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:28:44.0344 2864 scfilter - ok
21:28:44.0384 2864 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
21:28:44.0454 2864 Schedule - ok
21:28:44.0484 2864 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:28:44.0514 2864 SCPolicySvc - ok
21:28:44.0554 2864 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:28:44.0584 2864 SDRSVC - ok
21:28:44.0644 2864 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:28:44.0694 2864 secdrv - ok
21:28:44.0734 2864 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
21:28:44.0794 2864 seclogon - ok
21:28:44.0892 2864 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
21:28:44.0938 2864 Secunia PSI Agent - ok
21:28:44.0970 2864 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
21:28:44.0985 2864 Secunia Update Agent - ok
21:28:45.0048 2864 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
21:28:45.0110 2864 SENS - ok
21:28:45.0157 2864 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:28:45.0219 2864 SensrSvc - ok
21:28:45.0235 2864 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:28:45.0266 2864 Serenum - ok
21:28:45.0313 2864 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:28:45.0360 2864 Serial - ok
21:28:45.0375 2864 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:28:45.0422 2864 sermouse - ok
21:28:45.0469 2864 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
21:28:45.0516 2864 SessionEnv - ok
21:28:45.0562 2864 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:28:45.0578 2864 sffdisk - ok
21:28:45.0609 2864 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:28:45.0625 2864 sffp_mmc - ok
21:28:45.0640 2864 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:28:45.0672 2864 sffp_sd - ok
21:28:45.0703 2864 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:28:45.0734 2864 sfloppy - ok
21:28:45.0796 2864 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:28:45.0874 2864 SharedAccess - ok
21:28:45.0890 2864 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:28:45.0921 2864 ShellHWDetection - ok
21:28:45.0937 2864 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:28:45.0952 2864 sisagp - ok
21:28:45.0999 2864 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:28:46.0015 2864 SiSRaid2 - ok
21:28:46.0030 2864 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:28:46.0046 2864 SiSRaid4 - ok
21:28:46.0140 2864 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:28:46.0155 2864 SkypeUpdate - ok
21:28:46.0171 2864 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:28:46.0233 2864 Smb - ok
21:28:46.0296 2864 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:28:46.0327 2864 SNMPTRAP - ok
21:28:46.0452 2864 [ 1A623F2B69E1F182F995F963C55DB935 ] Sony Ericsson PCCompanion C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe
21:28:46.0467 2864 Sony Ericsson PCCompanion - ok
21:28:46.0514 2864 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
21:28:46.0514 2864 spldr - ok
21:28:46.0576 2864 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
21:28:46.0639 2864 Spooler - ok
21:28:46.0717 2864 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
21:28:46.0842 2864 sppsvc - ok
21:28:46.0873 2864 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:28:46.0935 2864 sppuinotify - ok
21:28:46.0982 2864 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:28:47.0060 2864 srv - ok
21:28:47.0091 2864 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:28:47.0138 2864 srv2 - ok
21:28:47.0185 2864 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:28:47.0232 2864 srvnet - ok
21:28:47.0263 2864 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:28:47.0325 2864 SSDPSRV - ok
21:28:47.0388 2864 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
21:28:47.0403 2864 ssmdrv - ok
21:28:47.0403 2864 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:28:47.0450 2864 SstpSvc - ok
21:28:47.0497 2864 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:28:47.0497 2864 stexstor - ok
21:28:47.0544 2864 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
21:28:47.0606 2864 StiSvc - ok
21:28:47.0637 2864 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
21:28:47.0653 2864 swenum - ok
21:28:47.0700 2864 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
21:28:47.0746 2864 swprv - ok
21:28:47.0809 2864 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
21:28:47.0902 2864 SysMain - ok
21:28:47.0948 2864 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:28:47.0998 2864 TabletInputService - ok
21:28:48.0038 2864 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
21:28:48.0118 2864 TapiSrv - ok
21:28:48.0158 2864 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
21:28:48.0218 2864 TBS - ok
21:28:48.0318 2864 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:28:48.0388 2864 Tcpip - ok
21:28:48.0438 2864 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:28:48.0468 2864 TCPIP6 - ok
21:28:48.0528 2864 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:28:48.0588 2864 tcpipreg - ok
21:28:48.0648 2864 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:28:48.0678 2864 TDPIPE - ok
21:28:48.0718 2864 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:28:48.0728 2864 TDTCP - ok
21:28:48.0768 2864 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:28:48.0808 2864 tdx - ok
21:28:48.0818 2864 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:28:48.0838 2864 TermDD - ok
21:28:48.0888 2864 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
21:28:48.0948 2864 TermService - ok
21:28:49.0008 2864 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
21:28:49.0058 2864 Themes - ok
21:28:49.0078 2864 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
21:28:49.0108 2864 THREADORDER - ok
21:28:49.0138 2864 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
21:28:49.0198 2864 TrkWks - ok
21:28:49.0268 2864 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:28:49.0318 2864 TrustedInstaller - ok
21:28:49.0338 2864 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:28:49.0358 2864 tssecsrv - ok
21:28:49.0428 2864 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:28:49.0488 2864 TsUsbFlt - ok
21:28:49.0548 2864 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:28:49.0588 2864 tunnel - ok
21:28:49.0628 2864 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:28:49.0638 2864 uagp35 - ok
21:28:49.0658 2864 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:28:49.0708 2864 udfs - ok
21:28:49.0758 2864 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:28:49.0788 2864 UI0Detect - ok
21:28:49.0838 2864 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:28:49.0858 2864 uliagpkx - ok
21:28:49.0888 2864 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
21:28:49.0918 2864 umbus - ok
21:28:49.0978 2864 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:28:49.0998 2864 UmPass - ok
21:28:50.0048 2864 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
21:28:50.0128 2864 upnphost - ok
21:28:50.0168 2864 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:28:50.0198 2864 usbccgp - ok
21:28:50.0238 2864 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:28:50.0288 2864 usbcir - ok
21:28:50.0318 2864 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:28:50.0328 2864 usbehci - ok
21:28:50.0358 2864 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:28:50.0378 2864 usbhub - ok
21:28:50.0388 2864 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:28:50.0438 2864 usbohci - ok
21:28:50.0468 2864 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:28:50.0518 2864 usbprint - ok
21:28:50.0538 2864 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:28:50.0608 2864 USBSTOR - ok
21:28:50.0658 2864 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:28:50.0708 2864 usbuhci - ok
21:28:50.0778 2864 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:28:50.0828 2864 usbvideo - ok
21:28:50.0868 2864 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
21:28:50.0918 2864 UxSms - ok
21:28:50.0948 2864 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
21:28:50.0958 2864 VaultSvc - ok
21:28:50.0978 2864 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:28:50.0998 2864 vdrvroot - ok
21:28:51.0048 2864 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
21:28:51.0088 2864 vds - ok
21:28:51.0128 2864 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:28:51.0148 2864 vga - ok
21:28:51.0158 2864 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:28:51.0188 2864 VgaSave - ok
21:28:51.0218 2864 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:28:51.0238 2864 vhdmp - ok
21:28:51.0268 2864 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:28:51.0278 2864 viaagp - ok
21:28:51.0308 2864 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
21:28:51.0338 2864 ViaC7 - ok
21:28:51.0368 2864 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
21:28:51.0378 2864 viaide - ok
21:28:51.0398 2864 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:28:51.0408 2864 volmgr - ok
21:28:51.0458 2864 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:28:51.0478 2864 volmgrx - ok
21:28:51.0498 2864 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:28:51.0508 2864 volsnap - ok
21:28:51.0548 2864 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:28:51.0568 2864 vsmraid - ok
21:28:51.0618 2864 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
21:28:51.0718 2864 VSS - ok
21:28:51.0858 2864 [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
21:28:51.0888 2864 vToolbarUpdater12.2.6 - ok
21:28:51.0908 2864 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:28:51.0938 2864 vwifibus - ok
21:28:51.0978 2864 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:28:51.0998 2864 vwififlt - ok
21:28:52.0048 2864 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
21:28:52.0088 2864 W32Time - ok
21:28:52.0098 2864 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:28:52.0138 2864 WacomPen - ok
21:28:52.0168 2864 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:28:52.0198 2864 WANARP - ok
21:28:52.0208 2864 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:28:52.0228 2864 Wanarpv6 - ok
21:28:52.0348 2864 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
21:28:52.0418 2864 WatAdminSvc - ok
21:28:52.0448 2864 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
21:28:52.0508 2864 wbengine - ok
21:28:52.0548 2864 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:28:52.0568 2864 WbioSrvc - ok
21:28:52.0608 2864 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:28:52.0668 2864 wcncsvc - ok
21:28:52.0698 2864 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:28:52.0758 2864 WcsPlugInService - ok
21:28:52.0798 2864 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:28:52.0818 2864 Wd - ok
21:28:52.0848 2864 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:28:52.0868 2864 Wdf01000 - ok
21:28:52.0878 2864 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:28:52.0898 2864 WdiServiceHost - ok
21:28:52.0908 2864 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:28:52.0928 2864 WdiSystemHost - ok
21:28:52.0968 2864 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
21:28:52.0998 2864 WebClient - ok
21:28:53.0038 2864 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:28:53.0068 2864 Wecsvc - ok
21:28:53.0088 2864 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:28:53.0118 2864 wercplsupport - ok
21:28:53.0138 2864 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
21:28:53.0188 2864 WerSvc - ok
21:28:53.0248 2864 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:28:53.0288 2864 WfpLwf - ok
21:28:53.0308 2864 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:28:53.0318 2864 WIMMount - ok
21:28:53.0395 2864 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
21:28:53.0473 2864 WinDefend - ok
21:28:53.0488 2864 WinHttpAutoProxySvc - ok
21:28:53.0566 2864 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:28:53.0629 2864 Winmgmt - ok
21:28:53.0691 2864 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
21:28:53.0769 2864 WinRM - ok
21:28:53.0863 2864 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:28:53.0925 2864 Wlansvc - ok
21:28:53.0972 2864 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:28:54.0019 2864 WmiAcpi - ok
21:28:54.0054 2864 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:28:54.0104 2864 wmiApSrv - ok
21:28:54.0224 2864 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:28:54.0284 2864 WMPNetworkSvc - ok
21:28:54.0324 2864 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:28:54.0384 2864 WPCSvc - ok
21:28:54.0424 2864 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:28:54.0474 2864 WPDBusEnum - ok
21:28:54.0504 2864 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:28:54.0544 2864 ws2ifsl - ok
21:28:54.0584 2864 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
21:28:54.0624 2864 wscsvc - ok
21:28:54.0624 2864 WSearch - ok
21:28:54.0704 2864 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
21:28:54.0794 2864 wuauserv - ok
21:28:54.0804 2864 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:28:54.0864 2864 WudfPf - ok
21:28:54.0904 2864 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:28:54.0934 2864 WUDFRd - ok
21:28:54.0994 2864 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:28:55.0054 2864 wudfsvc - ok
21:28:55.0094 2864 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:28:55.0134 2864 WwanSvc - ok
21:28:55.0204 2864 [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
21:28:55.0224 2864 yukonw7 - ok
21:28:55.0234 2864 ================ Scan global ===============================
21:28:55.0284 2864 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
21:28:55.0334 2864 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
21:28:55.0354 2864 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
21:28:55.0404 2864 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
21:28:55.0434 2864 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
21:28:55.0434 2864 [Global] - ok
21:28:55.0434 2864 ================ Scan MBR ==================================
21:28:55.0454 2864 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:28:55.0854 2864 \Device\Harddisk0\DR0 - ok
21:28:55.0854 2864 ================ Scan VBR ==================================
21:28:55.0854 2864 [ 9E16E781107B13B581AD18D339F0CD57 ] \Device\Harddisk0\DR0\Partition1
21:28:55.0854 2864 \Device\Harddisk0\DR0\Partition1 - ok
21:28:55.0884 2864 [ F563F5D5679439447FAFCCDC6CA9AAA6 ] \Device\Harddisk0\DR0\Partition2
21:28:55.0884 2864 \Device\Harddisk0\DR0\Partition2 - ok
21:28:55.0884 2864 ============================================================
21:28:55.0884 2864 Scan finished
21:28:55.0884 2864 ============================================================
21:28:55.0944 3128 Detected object count: 1
21:28:55.0944 3128 Actual detected object count: 1
21:29:15.0725 3128 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
21:29:15.0725 3128 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
|
|
21.10.2012, 11:37
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet Fund von EXP/2012-4681.AD Ist auch unauffällig. Noch Probleme offen?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 20:45
| #25 |
| | Avira meldet Fund von EXP/2012-4681.AD Hallo Cosinus, noch zwei Dinge, die mir nicht klar sind. Beim Vollscan von Avira kam gestern, dass der Papierkorb beschädigt sei. Nachdem ich den Papierkorb geleert habe, kam dieser Fehler heute nicht mehr. Irgendwann während den Scans oder so sind auf dem Dektop zwei Desktop.ini Dateien aufgetaucht, die ich nicht zuordnen kann. Inhalt: [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21799 und [.ShellClassInfo] LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769 IconResource=%SystemRoot%\system32\imageres.dll,-183 Ansonsten fällt mir nichts ein. Vielen Dank für deine Hilfe. MFG |
|
22.10.2012, 10:16
| #26 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avira meldet Fund von EXP/2012-4681.ADZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avira meldet Fund von EXP/2012-4681.AD |
| akamai, avg secure search, avg security toolbar, avira, bho, cid, converter, document, error, exp/2012-4681.ad, fehler, festplatte, flash player, helper, home, iexplore.exe, install.exe, karte, logfile, mozilla, mp3, ntdll.dll, plug-in, problem, programm, registry, secunia psi, secure search, security, senden, svchost.exe, taskhost.exe, trojaner, vtoolbarupdater, windows, windows.old, wuauclt.exe |
Linear-Darstellung
