| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google öffnet FensterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.01.2013, 00:13
| #16 |
 |  Google öffnet Fenster Oooh, der hat das von selbst gespeichert...hab ich nicht bemerkt. Dann kommt das jetzt: Code:
ATTFilter 22:19:19.0719 2932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:19:20.0140 2932 ============================================================
22:19:20.0140 2932 Current date / time: 2013/01/10 22:19:20.0140
22:19:20.0140 2932 SystemInfo:
22:19:20.0140 2932
22:19:20.0140 2932 OS Version: 6.0.6002 ServicePack: 2.0
22:19:20.0140 2932 Product type: Workstation
22:19:20.0140 2932 ComputerName: KLANGFARBEN-PC
22:19:20.0140 2932 UserName: Klangfarben
22:19:20.0140 2932 Windows directory: C:\Windows
22:19:20.0140 2932 System windows directory: C:\Windows
22:19:20.0140 2932 Processor architecture: Intel x86
22:19:20.0140 2932 Number of processors: 2
22:19:20.0140 2932 Page size: 0x1000
22:19:20.0140 2932 Boot type: Normal boot
22:19:20.0140 2932 ============================================================
22:19:20.0998 2932 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:19:20.0998 2932 ============================================================
22:19:20.0998 2932 \Device\Harddisk0\DR0:
22:19:20.0998 2932 MBR partitions:
22:19:20.0998 2932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48EFD2F1
22:19:20.0998 2932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48EFD330, BlocksNum 0x19597E0
22:19:20.0998 2932 ============================================================
22:19:21.0029 2932 C: <-> \Device\Harddisk0\DR0\Partition1
22:19:21.0092 2932 D: <-> \Device\Harddisk0\DR0\Partition2
22:19:21.0092 2932 ============================================================
22:19:21.0092 2932 Initialize success
22:19:21.0092 2932 ============================================================
22:19:52.0822 3632 ============================================================
22:19:52.0822 3632 Scan started
22:19:52.0822 3632 Mode: Manual; SigCheck; TDLFS;
22:19:52.0822 3632 ============================================================
22:19:53.0493 3632 ================ Scan system memory ========================
22:19:53.0493 3632 System memory - ok
22:19:53.0493 3632 ================ Scan services =============================
22:19:53.0618 3632 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:19:53.0789 3632 ACPI - ok
22:19:53.0883 3632 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:19:53.0898 3632 AdobeARMservice - ok
22:19:53.0930 3632 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:19:53.0961 3632 adp94xx - ok
22:19:53.0992 3632 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:19:54.0023 3632 adpahci - ok
22:19:54.0039 3632 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:19:54.0054 3632 adpu160m - ok
22:19:54.0070 3632 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:19:54.0101 3632 adpu320 - ok
22:19:54.0117 3632 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:19:54.0195 3632 AeLookupSvc - ok
22:19:54.0242 3632 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:19:54.0288 3632 AFD - ok
22:19:54.0351 3632 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:19:54.0366 3632 agp440 - ok
22:19:54.0413 3632 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:19:54.0444 3632 aic78xx - ok
22:19:54.0647 3632 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
22:19:54.0647 3632 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:19:54.0647 3632 Akamai ( HiddenFile.Multi.Generic ) - warning
22:19:54.0663 3632 Akamai - detected HiddenFile.Multi.Generic (1)
22:19:54.0678 3632 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:19:54.0772 3632 ALG - ok
22:19:54.0788 3632 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:19:54.0819 3632 aliide - ok
22:19:54.0866 3632 [ AEFEEE2E852F2774A4491C8EFA6C3B6E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:19:54.0912 3632 AMD External Events Utility - ok
22:19:54.0928 3632 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:19:54.0944 3632 amdagp - ok
22:19:54.0975 3632 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:19:54.0990 3632 amdide - ok
22:19:55.0022 3632 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:19:55.0068 3632 AmdK7 - ok
22:19:55.0100 3632 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:19:55.0146 3632 AmdK8 - ok
22:19:55.0365 3632 [ D05CF4523E0C04EF82454ABFD84FDC1D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:19:55.0630 3632 amdkmdag - ok
22:19:55.0677 3632 [ 92DC2E0AE49148F83B24D89C737B0C97 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:19:55.0724 3632 amdkmdap - ok
22:19:55.0770 3632 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:19:55.0802 3632 Appinfo - ok
22:19:55.0833 3632 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:19:55.0848 3632 arc - ok
22:19:55.0895 3632 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:19:55.0911 3632 arcsas - ok
22:19:56.0051 3632 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:19:56.0098 3632 aspnet_state - ok
22:19:56.0129 3632 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:19:56.0145 3632 aswFsBlk - ok
22:19:56.0160 3632 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:19:56.0176 3632 aswMonFlt - ok
22:19:56.0223 3632 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
22:19:56.0254 3632 AswRdr - ok
22:19:56.0270 3632 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:19:56.0348 3632 aswSnx - ok
22:19:56.0394 3632 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:19:56.0426 3632 aswSP - ok
22:19:56.0441 3632 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:19:56.0457 3632 aswTdi - ok
22:19:56.0488 3632 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:19:56.0535 3632 AsyncMac - ok
22:19:56.0566 3632 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:19:56.0597 3632 atapi - ok
22:19:56.0613 3632 AtiHDAudioService - ok
22:19:56.0706 3632 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:19:56.0722 3632 atksgt - ok
22:19:56.0769 3632 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:19:56.0800 3632 AudioEndpointBuilder - ok
22:19:56.0831 3632 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:19:56.0862 3632 Audiosrv - ok
22:19:57.0065 3632 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe
22:19:57.0081 3632 avast! Antivirus - ok
22:19:57.0128 3632 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:19:57.0174 3632 Beep - ok
22:19:57.0206 3632 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:19:57.0299 3632 BFE - ok
22:19:57.0346 3632 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:19:57.0486 3632 BITS - ok
22:19:57.0502 3632 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:19:57.0580 3632 blbdrive - ok
22:19:57.0596 3632 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:19:57.0627 3632 bowser - ok
22:19:57.0658 3632 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:19:57.0720 3632 BrFiltLo - ok
22:19:57.0736 3632 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:19:57.0783 3632 BrFiltUp - ok
22:19:57.0814 3632 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:19:57.0861 3632 Browser - ok
22:19:57.0908 3632 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:19:58.0095 3632 Brserid - ok
22:19:58.0142 3632 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:19:58.0235 3632 BrSerWdm - ok
22:19:58.0251 3632 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:19:58.0329 3632 BrUsbMdm - ok
22:19:58.0360 3632 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:19:58.0422 3632 BrUsbSer - ok
22:19:58.0454 3632 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:19:58.0532 3632 BTHMODEM - ok
22:19:58.0594 3632 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:19:58.0641 3632 cdfs - ok
22:19:58.0688 3632 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:19:58.0703 3632 cdrom - ok
22:19:58.0750 3632 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:19:58.0781 3632 CertPropSvc - ok
22:19:58.0797 3632 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:19:58.0859 3632 circlass - ok
22:19:58.0890 3632 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:19:58.0906 3632 CLFS - ok
22:19:58.0953 3632 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:19:58.0968 3632 clr_optimization_v2.0.50727_32 - ok
22:19:59.0015 3632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:19:59.0031 3632 clr_optimization_v4.0.30319_32 - ok
22:19:59.0062 3632 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:19:59.0078 3632 cmdide - ok
22:19:59.0078 3632 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:19:59.0093 3632 Compbatt - ok
22:19:59.0109 3632 COMSysApp - ok
22:19:59.0202 3632 [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0 ] CPUCooLServer C:\Hauptprogramme\Programme\CPUCooL\CooLSrv.exe
22:19:59.0265 3632 CPUCooLServer ( UnsignedFile.Multi.Generic ) - warning
22:19:59.0265 3632 CPUCooLServer - detected UnsignedFile.Multi.Generic (1)
22:19:59.0280 3632 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:19:59.0280 3632 crcdisk - ok
22:19:59.0312 3632 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:19:59.0374 3632 Crusoe - ok
22:19:59.0452 3632 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:19:59.0483 3632 CryptSvc - ok
22:19:59.0530 3632 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:19:59.0624 3632 DcomLaunch - ok
22:19:59.0639 3632 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:19:59.0686 3632 DfsC - ok
22:19:59.0764 3632 [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\Dfsdks.exe
22:19:59.0811 3632 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
22:19:59.0811 3632 DfSdkS - detected UnsignedFile.Multi.Generic (1)
22:19:59.0889 3632 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:20:00.0029 3632 DFSR - ok
22:20:00.0060 3632 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:20:00.0107 3632 Dhcp - ok
22:20:00.0138 3632 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:20:00.0154 3632 disk - ok
22:20:00.0185 3632 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:20:00.0232 3632 Dnscache - ok
22:20:00.0263 3632 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:20:00.0310 3632 dot3svc - ok
22:20:00.0341 3632 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:20:00.0419 3632 DPS - ok
22:20:00.0450 3632 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:20:00.0513 3632 drmkaud - ok
22:20:00.0591 3632 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:20:00.0638 3632 DXGKrnl - ok
22:20:00.0684 3632 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:20:00.0762 3632 E1G60 - ok
22:20:00.0762 3632 EagleXNt - ok
22:20:00.0794 3632 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:20:00.0825 3632 EapHost - ok
22:20:00.0872 3632 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:20:00.0903 3632 Ecache - ok
22:20:01.0028 3632 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:20:01.0059 3632 ehRecvr - ok
22:20:01.0074 3632 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:20:01.0106 3632 ehSched - ok
22:20:01.0121 3632 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:20:01.0152 3632 ehstart - ok
22:20:01.0184 3632 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:20:01.0215 3632 elxstor - ok
22:20:01.0246 3632 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:20:01.0340 3632 EMDMgmt - ok
22:20:01.0386 3632 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:20:01.0433 3632 ErrDev - ok
22:20:01.0449 3632 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:20:01.0511 3632 EventSystem - ok
22:20:01.0527 3632 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:20:01.0589 3632 exfat - ok
22:20:01.0636 3632 [ 1D225A72413F32B5DB69E94FB574D929 ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
22:20:01.0667 3632 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
22:20:01.0667 3632 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
22:20:01.0730 3632 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:20:01.0761 3632 fastfat - ok
22:20:01.0776 3632 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:20:01.0823 3632 fdc - ok
22:20:01.0839 3632 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:20:01.0886 3632 fdPHost - ok
22:20:01.0901 3632 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:20:01.0995 3632 FDResPub - ok
22:20:02.0010 3632 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:20:02.0042 3632 FileInfo - ok
22:20:02.0057 3632 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:20:02.0120 3632 Filetrace - ok
22:20:02.0135 3632 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:20:02.0213 3632 flpydisk - ok
22:20:02.0229 3632 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:20:02.0260 3632 FltMgr - ok
22:20:02.0338 3632 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:20:02.0478 3632 FontCache - ok
22:20:02.0634 3632 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:20:02.0650 3632 FontCache3.0.0.0 - ok
22:20:02.0744 3632 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:20:02.0822 3632 Fs_Rec - ok
22:20:02.0868 3632 FXDRV - ok
22:20:02.0915 3632 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:20:02.0931 3632 gagp30kx - ok
22:20:02.0993 3632 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:20:03.0118 3632 gpsvc - ok
22:20:03.0196 3632 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:20:03.0243 3632 HdAudAddService - ok
22:20:03.0290 3632 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:20:03.0352 3632 HDAudBus - ok
22:20:03.0383 3632 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:20:03.0446 3632 HidBth - ok
22:20:03.0477 3632 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:20:03.0570 3632 HidIr - ok
22:20:03.0648 3632 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:20:03.0711 3632 hidserv - ok
22:20:03.0742 3632 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:20:03.0773 3632 HidUsb - ok
22:20:03.0836 3632 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:20:03.0914 3632 hkmsvc - ok
22:20:03.0960 3632 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:20:03.0976 3632 HpCISSs - ok
22:20:04.0116 3632 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:20:04.0226 3632 HTTP - ok
22:20:04.0257 3632 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:20:04.0288 3632 i2omp - ok
22:20:04.0319 3632 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:20:04.0382 3632 i8042prt - ok
22:20:04.0444 3632 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:20:04.0475 3632 iaStorV - ok
22:20:04.0553 3632 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:20:04.0569 3632 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:20:04.0569 3632 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:20:04.0881 3632 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:20:04.0943 3632 idsvc - ok
22:20:04.0974 3632 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:20:04.0990 3632 iirsp - ok
22:20:05.0115 3632 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:20:05.0177 3632 IKEEXT - ok
22:20:05.0333 3632 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:20:05.0520 3632 IntcAzAudAddService - ok
22:20:05.0552 3632 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:20:05.0583 3632 intelide - ok
22:20:05.0614 3632 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:20:05.0692 3632 intelppm - ok
22:20:05.0723 3632 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:20:05.0801 3632 IPBusEnum - ok
22:20:05.0832 3632 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:20:05.0910 3632 IpFilterDriver - ok
22:20:05.0942 3632 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:20:06.0004 3632 iphlpsvc - ok
22:20:06.0004 3632 IpInIp - ok
22:20:06.0020 3632 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:20:06.0066 3632 IPMIDRV - ok
22:20:06.0082 3632 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:20:06.0144 3632 IPNAT - ok
22:20:06.0160 3632 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:20:06.0191 3632 IRENUM - ok
22:20:06.0222 3632 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:20:06.0254 3632 isapnp - ok
22:20:06.0300 3632 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:20:06.0332 3632 iScsiPrt - ok
22:20:06.0394 3632 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Hauptprogramme\Programme\UltraISO\drivers\ISODrive.sys
22:20:06.0425 3632 ISODrive - ok
22:20:06.0441 3632 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:20:06.0472 3632 iteatapi - ok
22:20:06.0488 3632 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:20:06.0503 3632 iteraid - ok
22:20:06.0534 3632 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:20:06.0566 3632 kbdclass - ok
22:20:06.0597 3632 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:20:06.0675 3632 kbdhid - ok
22:20:06.0722 3632 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:20:06.0784 3632 KeyIso - ok
22:20:06.0924 3632 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:20:06.0956 3632 KSecDD - ok
22:20:07.0080 3632 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:20:07.0158 3632 KtmRm - ok
22:20:07.0221 3632 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:20:07.0283 3632 LanmanServer - ok
22:20:07.0330 3632 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:20:07.0377 3632 LanmanWorkstation - ok
22:20:07.0486 3632 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:20:07.0517 3632 LBTServ - ok
22:20:07.0564 3632 [ 717E6714BCA808F2A372E636AFF3D15A ] LEqdUsb C:\Windows\system32\Drivers\LEqdUsb.Sys
22:20:07.0580 3632 LEqdUsb - ok
22:20:07.0595 3632 [ 2786F7B4003ADFF88CE28BC1800B5407 ] LHidEqd C:\Windows\system32\Drivers\LHidEqd.Sys
22:20:07.0611 3632 LHidEqd - ok
22:20:07.0626 3632 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:20:07.0642 3632 LHidFilt - ok
22:20:07.0689 3632 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:20:07.0704 3632 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:20:07.0704 3632 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:20:07.0767 3632 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:20:07.0782 3632 lirsgt - ok
22:20:07.0876 3632 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:20:07.0970 3632 lltdio - ok
22:20:08.0079 3632 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:20:08.0172 3632 lltdsvc - ok
22:20:08.0188 3632 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:20:08.0266 3632 lmhosts - ok
22:20:08.0282 3632 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:20:08.0313 3632 LMouFilt - ok
22:20:08.0344 3632 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:20:08.0360 3632 LSI_FC - ok
22:20:08.0391 3632 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:20:08.0422 3632 LSI_SAS - ok
22:20:08.0453 3632 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:20:08.0484 3632 LSI_SCSI - ok
22:20:08.0500 3632 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:20:08.0562 3632 luafv - ok
22:20:08.0594 3632 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:20:08.0609 3632 MBAMProtector - ok
22:20:08.0640 3632 MBAMScheduler - ok
22:20:08.0656 3632 MBAMService - ok
22:20:08.0687 3632 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:20:08.0750 3632 Mcx2Svc - ok
22:20:08.0765 3632 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:20:08.0796 3632 megasas - ok
22:20:08.0859 3632 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:20:08.0906 3632 MegaSR - ok
22:20:08.0921 3632 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:20:08.0999 3632 MMCSS - ok
22:20:09.0015 3632 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:20:09.0077 3632 Modem - ok
22:20:09.0108 3632 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:20:09.0140 3632 monitor - ok
22:20:09.0155 3632 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:20:09.0171 3632 mouclass - ok
22:20:09.0186 3632 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:20:09.0233 3632 mouhid - ok
22:20:09.0249 3632 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:20:09.0264 3632 MountMgr - ok
22:20:09.0311 3632 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:20:09.0327 3632 mpio - ok
22:20:09.0342 3632 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:20:09.0420 3632 mpsdrv - ok
22:20:09.0623 3632 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:20:09.0717 3632 MpsSvc - ok
22:20:09.0732 3632 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:20:09.0764 3632 Mraid35x - ok
22:20:09.0795 3632 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:20:09.0873 3632 MRxDAV - ok
22:20:09.0888 3632 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:20:09.0935 3632 mrxsmb - ok
22:20:09.0966 3632 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:20:10.0029 3632 mrxsmb10 - ok
22:20:10.0044 3632 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:20:10.0076 3632 mrxsmb20 - ok
22:20:10.0107 3632 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
22:20:10.0122 3632 msahci - ok
22:20:10.0154 3632 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:20:10.0169 3632 msdsm - ok
22:20:10.0232 3632 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:20:10.0325 3632 MSDTC - ok
22:20:10.0341 3632 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:20:10.0388 3632 Msfs - ok
22:20:10.0403 3632 MSICDSetup - ok
22:20:10.0434 3632 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:20:10.0450 3632 msisadrv - ok
22:20:10.0481 3632 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:20:10.0559 3632 MSiSCSI - ok
22:20:10.0559 3632 msiserver - ok
22:20:10.0606 3632 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:20:10.0668 3632 MSKSSRV - ok
22:20:10.0700 3632 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:20:10.0731 3632 MSPCLOCK - ok
22:20:10.0778 3632 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:20:10.0824 3632 MSPQM - ok
22:20:10.0887 3632 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:20:10.0934 3632 MsRPC - ok
22:20:10.0949 3632 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:20:10.0980 3632 mssmbios - ok
22:20:11.0012 3632 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:20:11.0043 3632 MSTEE - ok
22:20:11.0105 3632 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:20:11.0121 3632 Mup - ok
22:20:11.0214 3632 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:20:11.0277 3632 napagent - ok
22:20:11.0308 3632 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:20:11.0339 3632 NativeWifiP - ok
22:20:11.0386 3632 NAVENG - ok
22:20:11.0402 3632 NAVEX15 - ok
22:20:11.0433 3632 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:20:11.0480 3632 NDIS - ok
22:20:11.0511 3632 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:20:11.0573 3632 NdisTapi - ok
22:20:11.0589 3632 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:20:11.0636 3632 Ndisuio - ok
22:20:11.0651 3632 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:20:11.0682 3632 NdisWan - ok
22:20:11.0698 3632 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:20:11.0745 3632 NDProxy - ok
22:20:11.0745 3632 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:20:11.0792 3632 NetBIOS - ok
22:20:11.0807 3632 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:20:11.0838 3632 netbt - ok
22:20:11.0854 3632 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:20:11.0870 3632 Netlogon - ok
22:20:11.0901 3632 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:20:11.0963 3632 Netman - ok
22:20:12.0010 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0026 3632 NetMsmqActivator - ok
22:20:12.0026 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0041 3632 NetPipeActivator - ok
22:20:12.0072 3632 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:20:12.0119 3632 netprofm - ok
22:20:12.0119 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0135 3632 NetTcpActivator - ok
22:20:12.0150 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0166 3632 NetTcpPortSharing - ok
22:20:12.0182 3632 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:20:12.0197 3632 nfrd960 - ok
22:20:12.0244 3632 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:20:12.0291 3632 NlaSvc - ok
22:20:12.0306 3632 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:20:12.0338 3632 Npfs - ok
22:20:12.0400 3632 npggsvc - ok
22:20:12.0416 3632 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:20:12.0478 3632 nsi - ok
22:20:12.0509 3632 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:20:12.0556 3632 nsiproxy - ok
22:20:12.0587 3632 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:20:12.0665 3632 Ntfs - ok
22:20:12.0743 3632 [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp C:\Windows\system32\drivers\ntiopnp.sys
22:20:12.0759 3632 ntiopnp - ok
22:20:12.0774 3632 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:20:12.0852 3632 ntrigdigi - ok
22:20:12.0868 3632 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:20:12.0915 3632 Null - ok
22:20:12.0946 3632 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:20:12.0977 3632 NVHDA - ok
22:20:13.0227 3632 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:20:13.0617 3632 nvlddmkm - ok
22:20:13.0648 3632 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:20:13.0664 3632 nvraid - ok
22:20:13.0679 3632 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:20:13.0695 3632 nvstor - ok
22:20:13.0773 3632 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:20:13.0820 3632 nvsvc - ok
22:20:13.0913 3632 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:20:14.0022 3632 nvUpdatusService - ok
22:20:14.0085 3632 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:20:14.0100 3632 nv_agp - ok
22:20:14.0116 3632 NwlnkFlt - ok
22:20:14.0132 3632 NwlnkFwd - ok
22:20:14.0147 3632 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:20:14.0210 3632 ohci1394 - ok
22:20:14.0272 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:20:14.0366 3632 p2pimsvc - ok
22:20:14.0381 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:20:14.0428 3632 p2psvc - ok
22:20:14.0459 3632 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:20:14.0522 3632 Parport - ok
22:20:14.0568 3632 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:20:14.0600 3632 partmgr - ok
22:20:14.0615 3632 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:20:14.0693 3632 Parvdm - ok
22:20:14.0724 3632 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:20:14.0756 3632 PcaSvc - ok
22:20:14.0849 3632 [ A88F42AD20418620D08A13AD1A70C083 ] PCDSRVC{4F253FFC-7957E8FC-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc.pkms
22:20:15.0021 3632 PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - ok
22:20:15.0052 3632 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:20:15.0068 3632 pci - ok
22:20:15.0083 3632 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:20:15.0114 3632 pciide - ok
22:20:15.0130 3632 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:20:15.0161 3632 pcmcia - ok
22:20:15.0208 3632 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:20:15.0333 3632 PEAUTH - ok
22:20:15.0395 3632 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:20:15.0504 3632 pla - ok
22:20:15.0536 3632 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:20:15.0567 3632 PlugPlay - ok
22:20:15.0598 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:20:15.0629 3632 PNRPAutoReg - ok
22:20:15.0660 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:20:15.0707 3632 PNRPsvc - ok
22:20:15.0770 3632 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:20:15.0848 3632 PolicyAgent - ok
22:20:15.0879 3632 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:20:15.0926 3632 PptpMiniport - ok
22:20:15.0941 3632 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:20:15.0988 3632 Processor - ok
22:20:16.0035 3632 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:20:16.0113 3632 ProfSvc - ok
22:20:16.0160 3632 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:20:16.0191 3632 ProtectedStorage - ok
22:20:16.0206 3632 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:20:16.0253 3632 PSched - ok
22:20:16.0300 3632 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:20:16.0362 3632 ql2300 - ok
22:20:16.0378 3632 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:20:16.0409 3632 ql40xx - ok
22:20:16.0456 3632 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:20:16.0487 3632 QWAVE - ok
22:20:16.0503 3632 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:20:16.0534 3632 QWAVEdrv - ok
22:20:16.0550 3632 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:20:16.0612 3632 RasAcd - ok
22:20:16.0628 3632 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:20:16.0690 3632 RasAuto - ok
22:20:16.0706 3632 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:20:16.0737 3632 Rasl2tp - ok
22:20:16.0752 3632 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:20:16.0815 3632 RasMan - ok
22:20:16.0815 3632 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:20:16.0846 3632 RasPppoe - ok
22:20:16.0877 3632 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:20:16.0893 3632 RasSstp - ok
22:20:16.0908 3632 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:20:16.0940 3632 rdbss - ok
22:20:16.0940 3632 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:20:16.0971 3632 RDPCDD - ok
22:20:17.0002 3632 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:20:17.0049 3632 rdpdr - ok
22:20:17.0049 3632 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:20:17.0080 3632 RDPENCDD - ok
22:20:17.0127 3632 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:20:17.0158 3632 RDPWD - ok
22:20:17.0189 3632 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:20:17.0236 3632 RemoteAccess - ok
22:20:17.0252 3632 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:20:17.0283 3632 RemoteRegistry - ok
22:20:17.0298 3632 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:20:17.0345 3632 RpcLocator - ok
22:20:17.0376 3632 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:20:17.0423 3632 RpcSs - ok
22:20:17.0454 3632 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:20:17.0517 3632 rspndr - ok
22:20:17.0548 3632 [ 247B0A8164069CD4FE6F3094C581B13B ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:20:17.0579 3632 RSUSBSTOR - ok
22:20:17.0610 3632 [ 53892CBD9735A80712EE9439268344B4 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:20:17.0673 3632 RTL8169 - ok
22:20:17.0704 3632 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:20:17.0720 3632 SamSs - ok
22:20:17.0751 3632 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:20:17.0766 3632 sbp2port - ok
22:20:17.0798 3632 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:20:17.0829 3632 SCardSvr - ok
22:20:17.0860 3632 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:20:17.0938 3632 Schedule - ok
22:20:17.0969 3632 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:20:18.0000 3632 SCPolicySvc - ok
22:20:18.0032 3632 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:20:18.0063 3632 SDRSVC - ok
22:20:18.0078 3632 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:20:18.0172 3632 secdrv - ok
22:20:18.0188 3632 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:20:18.0250 3632 seclogon - ok
22:20:18.0266 3632 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:20:18.0328 3632 SENS - ok
22:20:18.0344 3632 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:20:18.0437 3632 Serenum - ok
22:20:18.0453 3632 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:20:18.0546 3632 Serial - ok
22:20:18.0562 3632 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:20:18.0609 3632 sermouse - ok
22:20:18.0624 3632 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:20:18.0671 3632 SessionEnv - ok
22:20:18.0687 3632 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:20:18.0718 3632 sffdisk - ok
22:20:18.0734 3632 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:20:18.0780 3632 sffp_mmc - ok
22:20:18.0796 3632 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:20:18.0843 3632 sffp_sd - ok
22:20:18.0858 3632 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:20:18.0921 3632 sfloppy - ok
22:20:18.0952 3632 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:20:19.0030 3632 SharedAccess - ok
22:20:19.0046 3632 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:20:19.0092 3632 ShellHWDetection - ok
22:20:19.0124 3632 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:20:19.0139 3632 sisagp - ok
22:20:19.0155 3632 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:20:19.0186 3632 SiSRaid2 - ok
22:20:19.0202 3632 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:20:19.0217 3632 SiSRaid4 - ok
22:20:19.0264 3632 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:20:19.0280 3632 SkypeUpdate - ok
22:20:19.0373 3632 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:20:19.0529 3632 slsvc - ok
22:20:19.0560 3632 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:20:19.0607 3632 SLUINotify - ok
22:20:19.0623 3632 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:20:19.0670 3632 Smb - ok
22:20:19.0701 3632 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:20:19.0732 3632 SNMPTRAP - ok
22:20:19.0748 3632 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:20:19.0763 3632 spldr - ok
22:20:19.0779 3632 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:20:19.0810 3632 Spooler - ok
22:20:19.0826 3632 SRTSP - ok
22:20:19.0826 3632 SRTSPX - ok
22:20:19.0857 3632 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:20:19.0904 3632 srv - ok
22:20:19.0919 3632 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:20:19.0966 3632 srv2 - ok
22:20:20.0013 3632 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:20:20.0044 3632 srvnet - ok
22:20:20.0060 3632 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:20:20.0091 3632 SSDPSRV - ok
22:20:20.0138 3632 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:20:20.0169 3632 SstpSvc - ok
22:20:20.0200 3632 Steam Client Service - ok
22:20:20.0294 3632 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:20:20.0325 3632 Stereo Service - ok
22:20:20.0356 3632 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:20:20.0418 3632 stisvc - ok
22:20:20.0434 3632 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:20:20.0450 3632 swenum - ok
22:20:20.0481 3632 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:20:20.0543 3632 swprv - ok
22:20:20.0574 3632 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:20:20.0590 3632 Symc8xx - ok
22:20:20.0621 3632 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:20:20.0652 3632 Sym_hi - ok
22:20:20.0684 3632 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:20:20.0699 3632 Sym_u3 - ok
22:20:20.0730 3632 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:20:20.0808 3632 SysMain - ok
22:20:20.0840 3632 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:20:20.0871 3632 TabletInputService - ok
22:20:20.0886 3632 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:20:20.0949 3632 TapiSrv - ok
22:20:20.0964 3632 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:20:21.0027 3632 TBS - ok
22:20:21.0074 3632 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:20:21.0120 3632 Tcpip - ok
22:20:21.0167 3632 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:20:21.0214 3632 Tcpip6 - ok
22:20:21.0245 3632 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:20:21.0261 3632 tcpipreg - ok
22:20:21.0292 3632 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:20:21.0339 3632 TDPIPE - ok
22:20:21.0370 3632 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:20:21.0401 3632 TDTCP - ok
22:20:21.0448 3632 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:20:21.0495 3632 tdx - ok
22:20:21.0510 3632 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:20:21.0526 3632 TermDD - ok
22:20:21.0557 3632 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:20:21.0651 3632 TermService - ok
22:20:21.0666 3632 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:20:21.0698 3632 Themes - ok
22:20:21.0744 3632 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:20:21.0791 3632 THREADORDER - ok
22:20:21.0807 3632 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:20:21.0854 3632 TrkWks - ok
22:20:21.0885 3632 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:20:21.0932 3632 TrustedInstaller - ok
22:20:21.0947 3632 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:20:22.0010 3632 tssecsrv - ok
22:20:22.0025 3632 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:20:22.0072 3632 tunmp - ok
22:20:22.0103 3632 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:20:22.0134 3632 tunnel - ok
22:20:22.0150 3632 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:20:22.0181 3632 uagp35 - ok
22:20:22.0228 3632 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:20:22.0259 3632 udfs - ok
22:20:22.0306 3632 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:20:22.0353 3632 UI0Detect - ok
22:20:22.0368 3632 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:20:22.0400 3632 uliagpkx - ok
22:20:22.0415 3632 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:20:22.0446 3632 uliahci - ok
22:20:22.0478 3632 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:20:22.0493 3632 UlSata - ok
22:20:22.0524 3632 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:20:22.0556 3632 ulsata2 - ok
22:20:22.0571 3632 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:20:22.0602 3632 umbus - ok
22:20:22.0618 3632 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:20:22.0696 3632 upnphost - ok
22:20:22.0712 3632 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:20:22.0743 3632 usbccgp - ok
22:20:22.0774 3632 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:20:22.0821 3632 usbcir - ok
22:20:22.0868 3632 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:20:22.0899 3632 usbehci - ok
22:20:22.0899 3632 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:20:22.0930 3632 usbhub - ok
22:20:22.0946 3632 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:20:23.0008 3632 usbohci - ok
22:20:23.0024 3632 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:20:23.0070 3632 usbprint - ok
22:20:23.0086 3632 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:20:23.0117 3632 USBSTOR - ok
22:20:23.0133 3632 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:20:23.0164 3632 usbuhci - ok
22:20:23.0226 3632 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:20:23.0242 3632 usb_rndisx - ok
22:20:23.0273 3632 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:20:23.0336 3632 UxSms - ok
22:20:23.0351 3632 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:20:23.0398 3632 vds - ok
22:20:23.0414 3632 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:20:23.0476 3632 vga - ok
22:20:23.0492 3632 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:20:23.0538 3632 VgaSave - ok
22:20:23.0570 3632 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:20:23.0601 3632 viaagp - ok
22:20:23.0601 3632 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:20:23.0648 3632 ViaC7 - ok
22:20:23.0663 3632 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:20:23.0679 3632 viaide - ok
22:20:23.0679 3632 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:20:23.0710 3632 volmgr - ok
22:20:23.0726 3632 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:20:23.0757 3632 volmgrx - ok
22:20:23.0804 3632 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:20:23.0819 3632 volsnap - ok
22:20:23.0850 3632 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:20:23.0866 3632 vsmraid - ok
22:20:23.0913 3632 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:20:24.0038 3632 VSS - ok
22:20:24.0069 3632 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:20:24.0116 3632 W32Time - ok
22:20:24.0147 3632 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:20:24.0225 3632 WacomPen - ok
22:20:24.0256 3632 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:20:24.0318 3632 Wanarp - ok
22:20:24.0318 3632 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:20:24.0350 3632 Wanarpv6 - ok
22:20:24.0365 3632 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:20:24.0412 3632 wcncsvc - ok
22:20:24.0459 3632 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:20:24.0506 3632 WcsPlugInService - ok
22:20:24.0521 3632 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:20:24.0537 3632 Wd - ok
22:20:24.0552 3632 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:20:24.0584 3632 Wdf01000 - ok
22:20:24.0599 3632 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:20:24.0646 3632 WdiServiceHost - ok
22:20:24.0646 3632 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:20:24.0693 3632 WdiSystemHost - ok
22:20:24.0708 3632 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:20:24.0755 3632 WebClient - ok
22:20:24.0771 3632 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:20:24.0818 3632 Wecsvc - ok
22:20:24.0833 3632 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:20:24.0880 3632 wercplsupport - ok
22:20:24.0896 3632 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:20:24.0927 3632 WerSvc - ok
22:20:24.0974 3632 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:20:25.0005 3632 WinDefend - ok
22:20:25.0005 3632 WinHttpAutoProxySvc - ok
22:20:25.0067 3632 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:20:25.0098 3632 Winmgmt - ok
22:20:25.0145 3632 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:20:25.0254 3632 WinRM - ok
22:20:25.0301 3632 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:20:25.0364 3632 Wlansvc - ok
22:20:25.0520 3632 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:20:25.0613 3632 wlidsvc - ok
22:20:25.0660 3632 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:20:25.0707 3632 WmiAcpi - ok
22:20:25.0722 3632 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:20:25.0769 3632 wmiApSrv - ok
22:20:25.0832 3632 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:20:25.0910 3632 WMPNetworkSvc - ok
22:20:25.0941 3632 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:20:25.0972 3632 WPCSvc - ok
22:20:26.0034 3632 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:20:26.0066 3632 WPDBusEnum - ok
22:20:26.0237 3632 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:20:26.0268 3632 WPFFontCache_v0400 - ok
22:20:26.0315 3632 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:20:26.0393 3632 ws2ifsl - ok
22:20:26.0409 3632 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:20:26.0440 3632 wscsvc - ok
22:20:26.0440 3632 WSearch - ok
22:20:26.0814 3632 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:20:26.0939 3632 wuauserv - ok
22:20:27.0017 3632 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:20:27.0064 3632 WUDFRd - ok
22:20:27.0142 3632 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:20:27.0236 3632 wudfsvc - ok
22:20:27.0236 3632 XDva393 - ok
22:20:27.0267 3632 XDva394 - ok
22:20:27.0282 3632 XDva397 - ok
22:20:27.0298 3632 XDva400 - ok
22:20:27.0314 3632 XDva401 - ok
22:20:27.0329 3632 ================ Scan global ===============================
22:20:27.0345 3632 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:20:27.0516 3632 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:27.0548 3632 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:27.0610 3632 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:20:27.0626 3632 [Global] - ok
22:20:27.0626 3632 ================ Scan MBR ==================================
22:20:27.0641 3632 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
22:20:29.0123 3632 \Device\Harddisk0\DR0 - ok
22:20:29.0123 3632 ================ Scan VBR ==================================
22:20:29.0154 3632 [ 8982DF9AFE4277130D26BDFDE2B87BD3 ] \Device\Harddisk0\DR0\Partition1
22:20:29.0170 3632 \Device\Harddisk0\DR0\Partition1 - ok
22:20:29.0217 3632 [ 7791074807E20417641B034ECE23E62E ] \Device\Harddisk0\DR0\Partition2
22:20:29.0232 3632 \Device\Harddisk0\DR0\Partition2 - ok
22:20:29.0232 3632 ============================================================
22:20:29.0232 3632 Scan finished
22:20:29.0232 3632 ============================================================
22:20:29.0248 3804 Detected object count: 6
22:20:29.0248 3804 Actual detected object count: 6
Die beiden Programme habe ich übrigens noch nicht beendet, sind nach wie vor noch bereit für weitere Aktionen. |
|
11.01.2013, 00:25
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Google öffnet Fenster Log ist unvollständig! Die untere Zusammenfassung fehlt
__________________
__________________ |
|
11.01.2013, 00:34
| #18 |
| | Google öffnet Fenster Uff, da bin ich überfragt. In der Log TXT find ich nix weiteres, soll ich se dir als Anhang geben? Ich hab den TDSS-Killer noch bei Threats Detected und keine Aktion durchgeführt,also noch nicht auf Continue gedrückt, weil ich nicht weiss ob ich bei den Funden alles auf Skip lassen soll oder nicht doch was anderes.
__________________Ich gehe jetzt erstmal schlafen. Die beiden Programme lasse ich wie gehabt unangetastet am laufen (du musst mir dann noch sagen, ob ich beim TFSS-Killer auf Continue drücken soll oder nicht und wenn doch ob ich alles auf Skip gesetzt lassen soll oder was sonst). Danke erstmal und eine gute Nacht. Bis heut Nachmittag. |
|
11.01.2013, 11:08
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google öffnet Fenster Liegt doch direkt auf C: das Log! Und es ist da auch vollständig
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.01.2013, 17:13
| #20 | |
| | Google öffnet Fenster So, bin wieder daheim. Zitat:
Deshalb warte ich weiterhin darauf, wie ich nun mit dem TDSS-Killer weiter machen soll um dann eben auf Continue zu drücken. |
|
11.01.2013, 17:27
| #21 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google öffnet FensterZitat:
__________________ --> Google öffnet Fenster |
|
11.01.2013, 17:37
| #22 |
| | Google öffnet Fenster Erstmal Entschuldigung, wenn ich ein wenig anstrengend sein sollte. Du meinst das hier?: Code:
ATTFilter Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!
Das ist mir durchaus aufgefallen. Allerdings hab ich wohl das Wort "bemängelt" missverstanden bzw falsch interpretiert. Ich mach nun auf Skip und Continue... und hier nun, das hoffentlich komplette Log: Code:
ATTFilter 22:19:19.0719 2932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:19:20.0140 2932 ============================================================
22:19:20.0140 2932 Current date / time: 2013/01/10 22:19:20.0140
22:19:20.0140 2932 SystemInfo:
22:19:20.0140 2932
22:19:20.0140 2932 OS Version: 6.0.6002 ServicePack: 2.0
22:19:20.0140 2932 Product type: Workstation
22:19:20.0140 2932 ComputerName: KLANGFARBEN-PC
22:19:20.0140 2932 UserName: Klangfarben
22:19:20.0140 2932 Windows directory: C:\Windows
22:19:20.0140 2932 System windows directory: C:\Windows
22:19:20.0140 2932 Processor architecture: Intel x86
22:19:20.0140 2932 Number of processors: 2
22:19:20.0140 2932 Page size: 0x1000
22:19:20.0140 2932 Boot type: Normal boot
22:19:20.0140 2932 ============================================================
22:19:20.0998 2932 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x14301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
22:19:20.0998 2932 ============================================================
22:19:20.0998 2932 \Device\Harddisk0\DR0:
22:19:20.0998 2932 MBR partitions:
22:19:20.0998 2932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48EFD2F1
22:19:20.0998 2932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48EFD330, BlocksNum 0x19597E0
22:19:20.0998 2932 ============================================================
22:19:21.0029 2932 C: <-> \Device\Harddisk0\DR0\Partition1
22:19:21.0092 2932 D: <-> \Device\Harddisk0\DR0\Partition2
22:19:21.0092 2932 ============================================================
22:19:21.0092 2932 Initialize success
22:19:21.0092 2932 ============================================================
22:19:52.0822 3632 ============================================================
22:19:52.0822 3632 Scan started
22:19:52.0822 3632 Mode: Manual; SigCheck; TDLFS;
22:19:52.0822 3632 ============================================================
22:19:53.0493 3632 ================ Scan system memory ========================
22:19:53.0493 3632 System memory - ok
22:19:53.0493 3632 ================ Scan services =============================
22:19:53.0618 3632 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
22:19:53.0789 3632 ACPI - ok
22:19:53.0883 3632 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:19:53.0898 3632 AdobeARMservice - ok
22:19:53.0930 3632 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:19:53.0961 3632 adp94xx - ok
22:19:53.0992 3632 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:19:54.0023 3632 adpahci - ok
22:19:54.0039 3632 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
22:19:54.0054 3632 adpu160m - ok
22:19:54.0070 3632 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:19:54.0101 3632 adpu320 - ok
22:19:54.0117 3632 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:19:54.0195 3632 AeLookupSvc - ok
22:19:54.0242 3632 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
22:19:54.0288 3632 AFD - ok
22:19:54.0351 3632 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:19:54.0366 3632 agp440 - ok
22:19:54.0413 3632 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:19:54.0444 3632 aic78xx - ok
22:19:54.0647 3632 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
22:19:54.0647 3632 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
22:19:54.0647 3632 Akamai ( HiddenFile.Multi.Generic ) - warning
22:19:54.0663 3632 Akamai - detected HiddenFile.Multi.Generic (1)
22:19:54.0678 3632 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
22:19:54.0772 3632 ALG - ok
22:19:54.0788 3632 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
22:19:54.0819 3632 aliide - ok
22:19:54.0866 3632 [ AEFEEE2E852F2774A4491C8EFA6C3B6E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:19:54.0912 3632 AMD External Events Utility - ok
22:19:54.0928 3632 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:19:54.0944 3632 amdagp - ok
22:19:54.0975 3632 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
22:19:54.0990 3632 amdide - ok
22:19:55.0022 3632 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
22:19:55.0068 3632 AmdK7 - ok
22:19:55.0100 3632 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:19:55.0146 3632 AmdK8 - ok
22:19:55.0365 3632 [ D05CF4523E0C04EF82454ABFD84FDC1D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
22:19:55.0630 3632 amdkmdag - ok
22:19:55.0677 3632 [ 92DC2E0AE49148F83B24D89C737B0C97 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
22:19:55.0724 3632 amdkmdap - ok
22:19:55.0770 3632 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
22:19:55.0802 3632 Appinfo - ok
22:19:55.0833 3632 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
22:19:55.0848 3632 arc - ok
22:19:55.0895 3632 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:19:55.0911 3632 arcsas - ok
22:19:56.0051 3632 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:19:56.0098 3632 aspnet_state - ok
22:19:56.0129 3632 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:19:56.0145 3632 aswFsBlk - ok
22:19:56.0160 3632 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:19:56.0176 3632 aswMonFlt - ok
22:19:56.0223 3632 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
22:19:56.0254 3632 AswRdr - ok
22:19:56.0270 3632 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:19:56.0348 3632 aswSnx - ok
22:19:56.0394 3632 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:19:56.0426 3632 aswSP - ok
22:19:56.0441 3632 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:19:56.0457 3632 aswTdi - ok
22:19:56.0488 3632 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:19:56.0535 3632 AsyncMac - ok
22:19:56.0566 3632 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:19:56.0597 3632 atapi - ok
22:19:56.0613 3632 AtiHDAudioService - ok
22:19:56.0706 3632 [ F0D933B42CD0594048E4D5200AE9E417 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:19:56.0722 3632 atksgt - ok
22:19:56.0769 3632 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:19:56.0800 3632 AudioEndpointBuilder - ok
22:19:56.0831 3632 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:19:56.0862 3632 Audiosrv - ok
22:19:57.0065 3632 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe
22:19:57.0081 3632 avast! Antivirus - ok
22:19:57.0128 3632 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
22:19:57.0174 3632 Beep - ok
22:19:57.0206 3632 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
22:19:57.0299 3632 BFE - ok
22:19:57.0346 3632 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
22:19:57.0486 3632 BITS - ok
22:19:57.0502 3632 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
22:19:57.0580 3632 blbdrive - ok
22:19:57.0596 3632 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:19:57.0627 3632 bowser - ok
22:19:57.0658 3632 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
22:19:57.0720 3632 BrFiltLo - ok
22:19:57.0736 3632 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
22:19:57.0783 3632 BrFiltUp - ok
22:19:57.0814 3632 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
22:19:57.0861 3632 Browser - ok
22:19:57.0908 3632 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
22:19:58.0095 3632 Brserid - ok
22:19:58.0142 3632 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
22:19:58.0235 3632 BrSerWdm - ok
22:19:58.0251 3632 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
22:19:58.0329 3632 BrUsbMdm - ok
22:19:58.0360 3632 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
22:19:58.0422 3632 BrUsbSer - ok
22:19:58.0454 3632 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:19:58.0532 3632 BTHMODEM - ok
22:19:58.0594 3632 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:19:58.0641 3632 cdfs - ok
22:19:58.0688 3632 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:19:58.0703 3632 cdrom - ok
22:19:58.0750 3632 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
22:19:58.0781 3632 CertPropSvc - ok
22:19:58.0797 3632 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
22:19:58.0859 3632 circlass - ok
22:19:58.0890 3632 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
22:19:58.0906 3632 CLFS - ok
22:19:58.0953 3632 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:19:58.0968 3632 clr_optimization_v2.0.50727_32 - ok
22:19:59.0015 3632 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:19:59.0031 3632 clr_optimization_v4.0.30319_32 - ok
22:19:59.0062 3632 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:19:59.0078 3632 cmdide - ok
22:19:59.0078 3632 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:19:59.0093 3632 Compbatt - ok
22:19:59.0109 3632 COMSysApp - ok
22:19:59.0202 3632 [ F4FD82F5D6617A45CC3C4B9D4E7DF2C0 ] CPUCooLServer C:\Hauptprogramme\Programme\CPUCooL\CooLSrv.exe
22:19:59.0265 3632 CPUCooLServer ( UnsignedFile.Multi.Generic ) - warning
22:19:59.0265 3632 CPUCooLServer - detected UnsignedFile.Multi.Generic (1)
22:19:59.0280 3632 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:19:59.0280 3632 crcdisk - ok
22:19:59.0312 3632 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
22:19:59.0374 3632 Crusoe - ok
22:19:59.0452 3632 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:19:59.0483 3632 CryptSvc - ok
22:19:59.0530 3632 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:19:59.0624 3632 DcomLaunch - ok
22:19:59.0639 3632 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:19:59.0686 3632 DfsC - ok
22:19:59.0764 3632 [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\Dfsdks.exe
22:19:59.0811 3632 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
22:19:59.0811 3632 DfSdkS - detected UnsignedFile.Multi.Generic (1)
22:19:59.0889 3632 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
22:20:00.0029 3632 DFSR - ok
22:20:00.0060 3632 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
22:20:00.0107 3632 Dhcp - ok
22:20:00.0138 3632 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
22:20:00.0154 3632 disk - ok
22:20:00.0185 3632 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:20:00.0232 3632 Dnscache - ok
22:20:00.0263 3632 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:20:00.0310 3632 dot3svc - ok
22:20:00.0341 3632 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
22:20:00.0419 3632 DPS - ok
22:20:00.0450 3632 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:20:00.0513 3632 drmkaud - ok
22:20:00.0591 3632 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:20:00.0638 3632 DXGKrnl - ok
22:20:00.0684 3632 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
22:20:00.0762 3632 E1G60 - ok
22:20:00.0762 3632 EagleXNt - ok
22:20:00.0794 3632 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
22:20:00.0825 3632 EapHost - ok
22:20:00.0872 3632 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
22:20:00.0903 3632 Ecache - ok
22:20:01.0028 3632 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:20:01.0059 3632 ehRecvr - ok
22:20:01.0074 3632 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
22:20:01.0106 3632 ehSched - ok
22:20:01.0121 3632 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
22:20:01.0152 3632 ehstart - ok
22:20:01.0184 3632 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:20:01.0215 3632 elxstor - ok
22:20:01.0246 3632 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
22:20:01.0340 3632 EMDMgmt - ok
22:20:01.0386 3632 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:20:01.0433 3632 ErrDev - ok
22:20:01.0449 3632 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
22:20:01.0511 3632 EventSystem - ok
22:20:01.0527 3632 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
22:20:01.0589 3632 exfat - ok
22:20:01.0636 3632 [ 1D225A72413F32B5DB69E94FB574D929 ] ezSharedSvc C:\Windows\System32\ezsvc7.dll
22:20:01.0667 3632 ezSharedSvc ( UnsignedFile.Multi.Generic ) - warning
22:20:01.0667 3632 ezSharedSvc - detected UnsignedFile.Multi.Generic (1)
22:20:01.0730 3632 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:20:01.0761 3632 fastfat - ok
22:20:01.0776 3632 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:20:01.0823 3632 fdc - ok
22:20:01.0839 3632 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
22:20:01.0886 3632 fdPHost - ok
22:20:01.0901 3632 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
22:20:01.0995 3632 FDResPub - ok
22:20:02.0010 3632 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:20:02.0042 3632 FileInfo - ok
22:20:02.0057 3632 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:20:02.0120 3632 Filetrace - ok
22:20:02.0135 3632 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:20:02.0213 3632 flpydisk - ok
22:20:02.0229 3632 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:20:02.0260 3632 FltMgr - ok
22:20:02.0338 3632 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
22:20:02.0478 3632 FontCache - ok
22:20:02.0634 3632 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:20:02.0650 3632 FontCache3.0.0.0 - ok
22:20:02.0744 3632 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:20:02.0822 3632 Fs_Rec - ok
22:20:02.0868 3632 FXDRV - ok
22:20:02.0915 3632 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:20:02.0931 3632 gagp30kx - ok
22:20:02.0993 3632 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
22:20:03.0118 3632 gpsvc - ok
22:20:03.0196 3632 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:20:03.0243 3632 HdAudAddService - ok
22:20:03.0290 3632 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:20:03.0352 3632 HDAudBus - ok
22:20:03.0383 3632 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:20:03.0446 3632 HidBth - ok
22:20:03.0477 3632 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:20:03.0570 3632 HidIr - ok
22:20:03.0648 3632 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
22:20:03.0711 3632 hidserv - ok
22:20:03.0742 3632 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:20:03.0773 3632 HidUsb - ok
22:20:03.0836 3632 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:20:03.0914 3632 hkmsvc - ok
22:20:03.0960 3632 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
22:20:03.0976 3632 HpCISSs - ok
22:20:04.0116 3632 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:20:04.0226 3632 HTTP - ok
22:20:04.0257 3632 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
22:20:04.0288 3632 i2omp - ok
22:20:04.0319 3632 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:20:04.0382 3632 i8042prt - ok
22:20:04.0444 3632 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
22:20:04.0475 3632 iaStorV - ok
22:20:04.0553 3632 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:20:04.0569 3632 IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:20:04.0569 3632 IDriverT - detected UnsignedFile.Multi.Generic (1)
22:20:04.0881 3632 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:20:04.0943 3632 idsvc - ok
22:20:04.0974 3632 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:20:04.0990 3632 iirsp - ok
22:20:05.0115 3632 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
22:20:05.0177 3632 IKEEXT - ok
22:20:05.0333 3632 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:20:05.0520 3632 IntcAzAudAddService - ok
22:20:05.0552 3632 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
22:20:05.0583 3632 intelide - ok
22:20:05.0614 3632 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:20:05.0692 3632 intelppm - ok
22:20:05.0723 3632 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:20:05.0801 3632 IPBusEnum - ok
22:20:05.0832 3632 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:20:05.0910 3632 IpFilterDriver - ok
22:20:05.0942 3632 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:20:06.0004 3632 iphlpsvc - ok
22:20:06.0004 3632 IpInIp - ok
22:20:06.0020 3632 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
22:20:06.0066 3632 IPMIDRV - ok
22:20:06.0082 3632 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
22:20:06.0144 3632 IPNAT - ok
22:20:06.0160 3632 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:20:06.0191 3632 IRENUM - ok
22:20:06.0222 3632 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:20:06.0254 3632 isapnp - ok
22:20:06.0300 3632 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:20:06.0332 3632 iScsiPrt - ok
22:20:06.0394 3632 [ 2F03CEB28307983F3B36216D35FFA5AA ] ISODrive C:\Hauptprogramme\Programme\UltraISO\drivers\ISODrive.sys
22:20:06.0425 3632 ISODrive - ok
22:20:06.0441 3632 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
22:20:06.0472 3632 iteatapi - ok
22:20:06.0488 3632 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
22:20:06.0503 3632 iteraid - ok
22:20:06.0534 3632 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:20:06.0566 3632 kbdclass - ok
22:20:06.0597 3632 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:20:06.0675 3632 kbdhid - ok
22:20:06.0722 3632 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
22:20:06.0784 3632 KeyIso - ok
22:20:06.0924 3632 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:20:06.0956 3632 KSecDD - ok
22:20:07.0080 3632 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:20:07.0158 3632 KtmRm - ok
22:20:07.0221 3632 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
22:20:07.0283 3632 LanmanServer - ok
22:20:07.0330 3632 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:20:07.0377 3632 LanmanWorkstation - ok
22:20:07.0486 3632 [ 910344E2A984010435AE84783B25E5EB ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
22:20:07.0517 3632 LBTServ - ok
22:20:07.0564 3632 [ 717E6714BCA808F2A372E636AFF3D15A ] LEqdUsb C:\Windows\system32\Drivers\LEqdUsb.Sys
22:20:07.0580 3632 LEqdUsb - ok
22:20:07.0595 3632 [ 2786F7B4003ADFF88CE28BC1800B5407 ] LHidEqd C:\Windows\system32\Drivers\LHidEqd.Sys
22:20:07.0611 3632 LHidEqd - ok
22:20:07.0626 3632 [ 01CC7FB6E790EF044B411377F3A1FF41 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:20:07.0642 3632 LHidFilt - ok
22:20:07.0689 3632 [ DFEFF67508D3A9AEB1A85D7B0F513B24 ] LightScribeService c:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:20:07.0704 3632 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
22:20:07.0704 3632 LightScribeService - detected UnsignedFile.Multi.Generic (1)
22:20:07.0767 3632 [ F8A7212D0864EF5E9185FB95E6623F4D ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:20:07.0782 3632 lirsgt - ok
22:20:07.0876 3632 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:20:07.0970 3632 lltdio - ok
22:20:08.0079 3632 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:20:08.0172 3632 lltdsvc - ok
22:20:08.0188 3632 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:20:08.0266 3632 lmhosts - ok
22:20:08.0282 3632 [ A2E7EAE8898D7B4B8C302B8F4E836BB5 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:20:08.0313 3632 LMouFilt - ok
22:20:08.0344 3632 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:20:08.0360 3632 LSI_FC - ok
22:20:08.0391 3632 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:20:08.0422 3632 LSI_SAS - ok
22:20:08.0453 3632 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:20:08.0484 3632 LSI_SCSI - ok
22:20:08.0500 3632 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
22:20:08.0562 3632 luafv - ok
22:20:08.0594 3632 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:20:08.0609 3632 MBAMProtector - ok
22:20:08.0640 3632 MBAMScheduler - ok
22:20:08.0656 3632 MBAMService - ok
22:20:08.0687 3632 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:20:08.0750 3632 Mcx2Svc - ok
22:20:08.0765 3632 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
22:20:08.0796 3632 megasas - ok
22:20:08.0859 3632 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
22:20:08.0906 3632 MegaSR - ok
22:20:08.0921 3632 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
22:20:08.0999 3632 MMCSS - ok
22:20:09.0015 3632 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
22:20:09.0077 3632 Modem - ok
22:20:09.0108 3632 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:20:09.0140 3632 monitor - ok
22:20:09.0155 3632 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:20:09.0171 3632 mouclass - ok
22:20:09.0186 3632 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:20:09.0233 3632 mouhid - ok
22:20:09.0249 3632 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
22:20:09.0264 3632 MountMgr - ok
22:20:09.0311 3632 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
22:20:09.0327 3632 mpio - ok
22:20:09.0342 3632 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:20:09.0420 3632 mpsdrv - ok
22:20:09.0623 3632 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
22:20:09.0717 3632 MpsSvc - ok
22:20:09.0732 3632 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
22:20:09.0764 3632 Mraid35x - ok
22:20:09.0795 3632 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:20:09.0873 3632 MRxDAV - ok
22:20:09.0888 3632 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:20:09.0935 3632 mrxsmb - ok
22:20:09.0966 3632 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:20:10.0029 3632 mrxsmb10 - ok
22:20:10.0044 3632 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:20:10.0076 3632 mrxsmb20 - ok
22:20:10.0107 3632 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
22:20:10.0122 3632 msahci - ok
22:20:10.0154 3632 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:20:10.0169 3632 msdsm - ok
22:20:10.0232 3632 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
22:20:10.0325 3632 MSDTC - ok
22:20:10.0341 3632 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:20:10.0388 3632 Msfs - ok
22:20:10.0403 3632 MSICDSetup - ok
22:20:10.0434 3632 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:20:10.0450 3632 msisadrv - ok
22:20:10.0481 3632 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:20:10.0559 3632 MSiSCSI - ok
22:20:10.0559 3632 msiserver - ok
22:20:10.0606 3632 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:20:10.0668 3632 MSKSSRV - ok
22:20:10.0700 3632 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:20:10.0731 3632 MSPCLOCK - ok
22:20:10.0778 3632 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:20:10.0824 3632 MSPQM - ok
22:20:10.0887 3632 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:20:10.0934 3632 MsRPC - ok
22:20:10.0949 3632 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:20:10.0980 3632 mssmbios - ok
22:20:11.0012 3632 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:20:11.0043 3632 MSTEE - ok
22:20:11.0105 3632 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
22:20:11.0121 3632 Mup - ok
22:20:11.0214 3632 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
22:20:11.0277 3632 napagent - ok
22:20:11.0308 3632 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:20:11.0339 3632 NativeWifiP - ok
22:20:11.0386 3632 NAVENG - ok
22:20:11.0402 3632 NAVEX15 - ok
22:20:11.0433 3632 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:20:11.0480 3632 NDIS - ok
22:20:11.0511 3632 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:20:11.0573 3632 NdisTapi - ok
22:20:11.0589 3632 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:20:11.0636 3632 Ndisuio - ok
22:20:11.0651 3632 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:20:11.0682 3632 NdisWan - ok
22:20:11.0698 3632 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:20:11.0745 3632 NDProxy - ok
22:20:11.0745 3632 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:20:11.0792 3632 NetBIOS - ok
22:20:11.0807 3632 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
22:20:11.0838 3632 netbt - ok
22:20:11.0854 3632 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
22:20:11.0870 3632 Netlogon - ok
22:20:11.0901 3632 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
22:20:11.0963 3632 Netman - ok
22:20:12.0010 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0026 3632 NetMsmqActivator - ok
22:20:12.0026 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0041 3632 NetPipeActivator - ok
22:20:12.0072 3632 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
22:20:12.0119 3632 netprofm - ok
22:20:12.0119 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0135 3632 NetTcpActivator - ok
22:20:12.0150 3632 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:20:12.0166 3632 NetTcpPortSharing - ok
22:20:12.0182 3632 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:20:12.0197 3632 nfrd960 - ok
22:20:12.0244 3632 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:20:12.0291 3632 NlaSvc - ok
22:20:12.0306 3632 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:20:12.0338 3632 Npfs - ok
22:20:12.0400 3632 npggsvc - ok
22:20:12.0416 3632 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
22:20:12.0478 3632 nsi - ok
22:20:12.0509 3632 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:20:12.0556 3632 nsiproxy - ok
22:20:12.0587 3632 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:20:12.0665 3632 Ntfs - ok
22:20:12.0743 3632 [ 5850C28057DDEA04390B88F8CC482504 ] ntiopnp C:\Windows\system32\drivers\ntiopnp.sys
22:20:12.0759 3632 ntiopnp - ok
22:20:12.0774 3632 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
22:20:12.0852 3632 ntrigdigi - ok
22:20:12.0868 3632 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
22:20:12.0915 3632 Null - ok
22:20:12.0946 3632 [ 3D7FB57354703809B5F0C23287FAC1D6 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
22:20:12.0977 3632 NVHDA - ok
22:20:13.0227 3632 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:20:13.0617 3632 nvlddmkm - ok
22:20:13.0648 3632 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:20:13.0664 3632 nvraid - ok
22:20:13.0679 3632 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:20:13.0695 3632 nvstor - ok
22:20:13.0773 3632 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:20:13.0820 3632 nvsvc - ok
22:20:13.0913 3632 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:20:14.0022 3632 nvUpdatusService - ok
22:20:14.0085 3632 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:20:14.0100 3632 nv_agp - ok
22:20:14.0116 3632 NwlnkFlt - ok
22:20:14.0132 3632 NwlnkFwd - ok
22:20:14.0147 3632 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:20:14.0210 3632 ohci1394 - ok
22:20:14.0272 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
22:20:14.0366 3632 p2pimsvc - ok
22:20:14.0381 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
22:20:14.0428 3632 p2psvc - ok
22:20:14.0459 3632 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
22:20:14.0522 3632 Parport - ok
22:20:14.0568 3632 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:20:14.0600 3632 partmgr - ok
22:20:14.0615 3632 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:20:14.0693 3632 Parvdm - ok
22:20:14.0724 3632 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
22:20:14.0756 3632 PcaSvc - ok
22:20:14.0849 3632 [ A88F42AD20418620D08A13AD1A70C083 ] PCDSRVC{4F253FFC-7957E8FC-06000000}_0 c:\program files\pc-doctor for windows\pcdsrvc.pkms
22:20:15.0021 3632 PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - ok
22:20:15.0052 3632 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
22:20:15.0068 3632 pci - ok
22:20:15.0083 3632 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
22:20:15.0114 3632 pciide - ok
22:20:15.0130 3632 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:20:15.0161 3632 pcmcia - ok
22:20:15.0208 3632 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:20:15.0333 3632 PEAUTH - ok
22:20:15.0395 3632 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
22:20:15.0504 3632 pla - ok
22:20:15.0536 3632 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:20:15.0567 3632 PlugPlay - ok
22:20:15.0598 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
22:20:15.0629 3632 PNRPAutoReg - ok
22:20:15.0660 3632 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
22:20:15.0707 3632 PNRPsvc - ok
22:20:15.0770 3632 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:20:15.0848 3632 PolicyAgent - ok
22:20:15.0879 3632 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:20:15.0926 3632 PptpMiniport - ok
22:20:15.0941 3632 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
22:20:15.0988 3632 Processor - ok
22:20:16.0035 3632 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
22:20:16.0113 3632 ProfSvc - ok
22:20:16.0160 3632 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:20:16.0191 3632 ProtectedStorage - ok
22:20:16.0206 3632 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
22:20:16.0253 3632 PSched - ok
22:20:16.0300 3632 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:20:16.0362 3632 ql2300 - ok
22:20:16.0378 3632 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:20:16.0409 3632 ql40xx - ok
22:20:16.0456 3632 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
22:20:16.0487 3632 QWAVE - ok
22:20:16.0503 3632 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:20:16.0534 3632 QWAVEdrv - ok
22:20:16.0550 3632 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:20:16.0612 3632 RasAcd - ok
22:20:16.0628 3632 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
22:20:16.0690 3632 RasAuto - ok
22:20:16.0706 3632 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:20:16.0737 3632 Rasl2tp - ok
22:20:16.0752 3632 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
22:20:16.0815 3632 RasMan - ok
22:20:16.0815 3632 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:20:16.0846 3632 RasPppoe - ok
22:20:16.0877 3632 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:20:16.0893 3632 RasSstp - ok
22:20:16.0908 3632 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:20:16.0940 3632 rdbss - ok
22:20:16.0940 3632 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:20:16.0971 3632 RDPCDD - ok
22:20:17.0002 3632 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
22:20:17.0049 3632 rdpdr - ok
22:20:17.0049 3632 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:20:17.0080 3632 RDPENCDD - ok
22:20:17.0127 3632 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:20:17.0158 3632 RDPWD - ok
22:20:17.0189 3632 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:20:17.0236 3632 RemoteAccess - ok
22:20:17.0252 3632 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:20:17.0283 3632 RemoteRegistry - ok
22:20:17.0298 3632 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
22:20:17.0345 3632 RpcLocator - ok
22:20:17.0376 3632 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
22:20:17.0423 3632 RpcSs - ok
22:20:17.0454 3632 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:20:17.0517 3632 rspndr - ok
22:20:17.0548 3632 [ 247B0A8164069CD4FE6F3094C581B13B ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
22:20:17.0579 3632 RSUSBSTOR - ok
22:20:17.0610 3632 [ 53892CBD9735A80712EE9439268344B4 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
22:20:17.0673 3632 RTL8169 - ok
22:20:17.0704 3632 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
22:20:17.0720 3632 SamSs - ok
22:20:17.0751 3632 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:20:17.0766 3632 sbp2port - ok
22:20:17.0798 3632 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:20:17.0829 3632 SCardSvr - ok
22:20:17.0860 3632 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
22:20:17.0938 3632 Schedule - ok
22:20:17.0969 3632 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:20:18.0000 3632 SCPolicySvc - ok
22:20:18.0032 3632 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:20:18.0063 3632 SDRSVC - ok
22:20:18.0078 3632 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:20:18.0172 3632 secdrv - ok
22:20:18.0188 3632 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
22:20:18.0250 3632 seclogon - ok
22:20:18.0266 3632 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
22:20:18.0328 3632 SENS - ok
22:20:18.0344 3632 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:20:18.0437 3632 Serenum - ok
22:20:18.0453 3632 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
22:20:18.0546 3632 Serial - ok
22:20:18.0562 3632 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:20:18.0609 3632 sermouse - ok
22:20:18.0624 3632 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
22:20:18.0671 3632 SessionEnv - ok
22:20:18.0687 3632 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:20:18.0718 3632 sffdisk - ok
22:20:18.0734 3632 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:20:18.0780 3632 sffp_mmc - ok
22:20:18.0796 3632 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:20:18.0843 3632 sffp_sd - ok
22:20:18.0858 3632 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:20:18.0921 3632 sfloppy - ok
22:20:18.0952 3632 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:20:19.0030 3632 SharedAccess - ok
22:20:19.0046 3632 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:20:19.0092 3632 ShellHWDetection - ok
22:20:19.0124 3632 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:20:19.0139 3632 sisagp - ok
22:20:19.0155 3632 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
22:20:19.0186 3632 SiSRaid2 - ok
22:20:19.0202 3632 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:20:19.0217 3632 SiSRaid4 - ok
22:20:19.0264 3632 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:20:19.0280 3632 SkypeUpdate - ok
22:20:19.0373 3632 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
22:20:19.0529 3632 slsvc - ok
22:20:19.0560 3632 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
22:20:19.0607 3632 SLUINotify - ok
22:20:19.0623 3632 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:20:19.0670 3632 Smb - ok
22:20:19.0701 3632 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:20:19.0732 3632 SNMPTRAP - ok
22:20:19.0748 3632 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
22:20:19.0763 3632 spldr - ok
22:20:19.0779 3632 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
22:20:19.0810 3632 Spooler - ok
22:20:19.0826 3632 SRTSP - ok
22:20:19.0826 3632 SRTSPX - ok
22:20:19.0857 3632 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:20:19.0904 3632 srv - ok
22:20:19.0919 3632 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:20:19.0966 3632 srv2 - ok
22:20:20.0013 3632 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:20:20.0044 3632 srvnet - ok
22:20:20.0060 3632 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:20:20.0091 3632 SSDPSRV - ok
22:20:20.0138 3632 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:20:20.0169 3632 SstpSvc - ok
22:20:20.0200 3632 Steam Client Service - ok
22:20:20.0294 3632 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:20:20.0325 3632 Stereo Service - ok
22:20:20.0356 3632 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
22:20:20.0418 3632 stisvc - ok
22:20:20.0434 3632 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:20:20.0450 3632 swenum - ok
22:20:20.0481 3632 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
22:20:20.0543 3632 swprv - ok
22:20:20.0574 3632 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
22:20:20.0590 3632 Symc8xx - ok
22:20:20.0621 3632 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
22:20:20.0652 3632 Sym_hi - ok
22:20:20.0684 3632 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
22:20:20.0699 3632 Sym_u3 - ok
22:20:20.0730 3632 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
22:20:20.0808 3632 SysMain - ok
22:20:20.0840 3632 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:20:20.0871 3632 TabletInputService - ok
22:20:20.0886 3632 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:20:20.0949 3632 TapiSrv - ok
22:20:20.0964 3632 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
22:20:21.0027 3632 TBS - ok
22:20:21.0074 3632 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:20:21.0120 3632 Tcpip - ok
22:20:21.0167 3632 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
22:20:21.0214 3632 Tcpip6 - ok
22:20:21.0245 3632 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:20:21.0261 3632 tcpipreg - ok
22:20:21.0292 3632 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:20:21.0339 3632 TDPIPE - ok
22:20:21.0370 3632 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:20:21.0401 3632 TDTCP - ok
22:20:21.0448 3632 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:20:21.0495 3632 tdx - ok
22:20:21.0510 3632 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:20:21.0526 3632 TermDD - ok
22:20:21.0557 3632 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
22:20:21.0651 3632 TermService - ok
22:20:21.0666 3632 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
22:20:21.0698 3632 Themes - ok
22:20:21.0744 3632 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
22:20:21.0791 3632 THREADORDER - ok
22:20:21.0807 3632 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
22:20:21.0854 3632 TrkWks - ok
22:20:21.0885 3632 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:20:21.0932 3632 TrustedInstaller - ok
22:20:21.0947 3632 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:20:22.0010 3632 tssecsrv - ok
22:20:22.0025 3632 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
22:20:22.0072 3632 tunmp - ok
22:20:22.0103 3632 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:20:22.0134 3632 tunnel - ok
22:20:22.0150 3632 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:20:22.0181 3632 uagp35 - ok
22:20:22.0228 3632 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:20:22.0259 3632 udfs - ok
22:20:22.0306 3632 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:20:22.0353 3632 UI0Detect - ok
22:20:22.0368 3632 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:20:22.0400 3632 uliagpkx - ok
22:20:22.0415 3632 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
22:20:22.0446 3632 uliahci - ok
22:20:22.0478 3632 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
22:20:22.0493 3632 UlSata - ok
22:20:22.0524 3632 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
22:20:22.0556 3632 ulsata2 - ok
22:20:22.0571 3632 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:20:22.0602 3632 umbus - ok
22:20:22.0618 3632 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
22:20:22.0696 3632 upnphost - ok
22:20:22.0712 3632 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:20:22.0743 3632 usbccgp - ok
22:20:22.0774 3632 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:20:22.0821 3632 usbcir - ok
22:20:22.0868 3632 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:20:22.0899 3632 usbehci - ok
22:20:22.0899 3632 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:20:22.0930 3632 usbhub - ok
22:20:22.0946 3632 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:20:23.0008 3632 usbohci - ok
22:20:23.0024 3632 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:20:23.0070 3632 usbprint - ok
22:20:23.0086 3632 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:20:23.0117 3632 USBSTOR - ok
22:20:23.0133 3632 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:20:23.0164 3632 usbuhci - ok
22:20:23.0226 3632 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
22:20:23.0242 3632 usb_rndisx - ok
22:20:23.0273 3632 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
22:20:23.0336 3632 UxSms - ok
22:20:23.0351 3632 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
22:20:23.0398 3632 vds - ok
22:20:23.0414 3632 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:20:23.0476 3632 vga - ok
22:20:23.0492 3632 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
22:20:23.0538 3632 VgaSave - ok
22:20:23.0570 3632 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:20:23.0601 3632 viaagp - ok
22:20:23.0601 3632 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:20:23.0648 3632 ViaC7 - ok
22:20:23.0663 3632 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
22:20:23.0679 3632 viaide - ok
22:20:23.0679 3632 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:20:23.0710 3632 volmgr - ok
22:20:23.0726 3632 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:20:23.0757 3632 volmgrx - ok
22:20:23.0804 3632 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:20:23.0819 3632 volsnap - ok
22:20:23.0850 3632 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:20:23.0866 3632 vsmraid - ok
22:20:23.0913 3632 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
22:20:24.0038 3632 VSS - ok
22:20:24.0069 3632 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
22:20:24.0116 3632 W32Time - ok
22:20:24.0147 3632 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:20:24.0225 3632 WacomPen - ok
22:20:24.0256 3632 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:20:24.0318 3632 Wanarp - ok
22:20:24.0318 3632 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:20:24.0350 3632 Wanarpv6 - ok
22:20:24.0365 3632 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:20:24.0412 3632 wcncsvc - ok
22:20:24.0459 3632 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:20:24.0506 3632 WcsPlugInService - ok
22:20:24.0521 3632 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
22:20:24.0537 3632 Wd - ok
22:20:24.0552 3632 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:20:24.0584 3632 Wdf01000 - ok
22:20:24.0599 3632 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:20:24.0646 3632 WdiServiceHost - ok
22:20:24.0646 3632 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:20:24.0693 3632 WdiSystemHost - ok
22:20:24.0708 3632 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
22:20:24.0755 3632 WebClient - ok
22:20:24.0771 3632 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:20:24.0818 3632 Wecsvc - ok
22:20:24.0833 3632 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:20:24.0880 3632 wercplsupport - ok
22:20:24.0896 3632 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
22:20:24.0927 3632 WerSvc - ok
22:20:24.0974 3632 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:20:25.0005 3632 WinDefend - ok
22:20:25.0005 3632 WinHttpAutoProxySvc - ok
22:20:25.0067 3632 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:20:25.0098 3632 Winmgmt - ok
22:20:25.0145 3632 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
22:20:25.0254 3632 WinRM - ok
22:20:25.0301 3632 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:20:25.0364 3632 Wlansvc - ok
22:20:25.0520 3632 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:20:25.0613 3632 wlidsvc - ok
22:20:25.0660 3632 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:20:25.0707 3632 WmiAcpi - ok
22:20:25.0722 3632 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:20:25.0769 3632 wmiApSrv - ok
22:20:25.0832 3632 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:20:25.0910 3632 WMPNetworkSvc - ok
22:20:25.0941 3632 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:20:25.0972 3632 WPCSvc - ok
22:20:26.0034 3632 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:20:26.0066 3632 WPDBusEnum - ok
22:20:26.0237 3632 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:20:26.0268 3632 WPFFontCache_v0400 - ok
22:20:26.0315 3632 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:20:26.0393 3632 ws2ifsl - ok
22:20:26.0409 3632 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
22:20:26.0440 3632 wscsvc - ok
22:20:26.0440 3632 WSearch - ok
22:20:26.0814 3632 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:20:26.0939 3632 wuauserv - ok
22:20:27.0017 3632 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:20:27.0064 3632 WUDFRd - ok
22:20:27.0142 3632 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:20:27.0236 3632 wudfsvc - ok
22:20:27.0236 3632 XDva393 - ok
22:20:27.0267 3632 XDva394 - ok
22:20:27.0282 3632 XDva397 - ok
22:20:27.0298 3632 XDva400 - ok
22:20:27.0314 3632 XDva401 - ok
22:20:27.0329 3632 ================ Scan global ===============================
22:20:27.0345 3632 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
22:20:27.0516 3632 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:27.0548 3632 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
22:20:27.0610 3632 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
22:20:27.0626 3632 [Global] - ok
22:20:27.0626 3632 ================ Scan MBR ==================================
22:20:27.0641 3632 [ 03BA8F890B47C0BE359A4D5A636D214D ] \Device\Harddisk0\DR0
22:20:29.0123 3632 \Device\Harddisk0\DR0 - ok
22:20:29.0123 3632 ================ Scan VBR ==================================
22:20:29.0154 3632 [ 8982DF9AFE4277130D26BDFDE2B87BD3 ] \Device\Harddisk0\DR0\Partition1
22:20:29.0170 3632 \Device\Harddisk0\DR0\Partition1 - ok
22:20:29.0217 3632 [ 7791074807E20417641B034ECE23E62E ] \Device\Harddisk0\DR0\Partition2
22:20:29.0232 3632 \Device\Harddisk0\DR0\Partition2 - ok
22:20:29.0232 3632 ============================================================
22:20:29.0232 3632 Scan finished
22:20:29.0232 3632 ============================================================
22:20:29.0248 3804 Detected object count: 6
22:20:29.0248 3804 Actual detected object count: 6
17:35:49.0757 3804 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
17:35:49.0757 3804 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
17:35:49.0761 3804 CPUCooLServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:49.0762 3804 CPUCooLServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:49.0765 3804 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:49.0765 3804 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:49.0765 3804 ezSharedSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:49.0765 3804 ezSharedSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:49.0769 3804 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:49.0769 3804 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:35:49.0769 3804 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
17:35:49.0769 3804 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
11.01.2013, 17:49
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google öffnet Fenster Ja nun ist es auch komplett  Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.01.2013, 18:18
| #24 |
| | Google öffnet Fenster und hier kommt das Log: Code:
ATTFilter ComboFix 13-01-11.01 - Klangfarben 11.01.2013 17:58:22.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3069.1840 [GMT 1:00]
ausgeführt von:: c:\users\Klangfarben\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Klangfarben\AppData\Local\assembly\tmp
c:\windows\apppatch\AppLoc.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\IsUn0407.exe
c:\windows\system32\FirewallInstallHelper.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-11 bis 2013-01-11 ))))))))))))))))))))))))))))))
.
.
2013-01-11 12:40 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{11D8E035-AD0D-4129-ABE7-762FB863CFD2}\mpengine.dll
2013-01-09 19:08 . 2013-01-09 19:08 -------- d-----w- c:\program files\MSXML 4.0
2013-01-09 19:06 . 2012-11-23 01:35 2048000 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 19:05 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 19:05 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-06 22:18 . 2013-01-06 22:19 -------- d-----w- c:\users\Klangfarben\AppData\Roaming\Summer Athletics 2009
2013-01-06 22:17 . 2013-01-06 22:17 -------- d-----w- c:\programdata\Tages
2013-01-06 22:17 . 2013-01-06 22:17 281760 ----a-w- c:\windows\system32\drivers\atksgt.sys
2013-01-06 22:17 . 2013-01-06 22:17 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys
2013-01-01 20:37 . 2013-01-01 20:37 -------- d-----w- c:\users\Klangfarben\AppData\Local\LucasArts
2012-12-31 14:53 . 2012-12-31 14:53 -------- d-----w- c:\program files\Windows Media Components
2012-12-31 13:31 . 2009-06-07 15:25 77824 ----a-w- c:\windows\system32\xvid.ax
2012-12-31 13:31 . 2012-12-31 13:31 -------- d-----w- c:\program files\Xvid
2012-12-30 19:04 . 2012-12-30 19:09 -------- d-----w- c:\users\Klangfarben\AppData\Roaming\Command & Conquer 3 Kane's Wrath
2012-12-28 22:31 . 2012-12-28 22:38 -------- d-----w- c:\users\Klangfarben\AppData\Roaming\Red Alert 3
2012-12-27 14:34 . 2012-12-27 15:13 -------- d-----w- c:\users\Klangfarben\AppData\Roaming\FairyBloomRe
2012-12-21 12:44 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 12:44 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 21:47 . 2012-07-10 22:32 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 21:47 . 2012-07-10 22:32 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-14 15:49 . 2012-10-26 19:32 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 01:29 . 2012-12-11 20:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 10:42 . 2012-12-11 20:11 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-09 10:37 . 2012-12-11 20:10 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-09 10:36 . 2012-12-11 20:10 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-09 10:36 . 2012-12-11 20:10 71680 ----a-w- c:\windows\system32\iesetup.dll
2012-11-09 10:36 . 2012-12-11 20:10 109056 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-09 09:01 . 2012-12-11 20:10 385024 ----a-w- c:\windows\system32\html.iec
2012-11-09 07:13 . 2012-12-11 20:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-09 07:11 . 2012-12-11 20:10 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-02 14:49 . 2012-03-29 17:09 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-11-02 10:18 . 2012-12-11 20:10 376320 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 08:26 . 2012-12-11 20:10 23040 ----a-w- c:\windows\system32\dpnsvr.exe
2012-10-30 22:51 . 2012-04-25 16:59 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2012-04-25 16:58 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2012-04-25 16:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2012-04-25 16:58 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2012-04-25 16:58 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-30 22:51 . 2012-04-25 16:59 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2012-04-25 16:58 41224 ----a-w- c:\windows\avastSS.scr
2012-10-30 22:50 . 2012-04-25 16:58 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-29 13:56 . 2012-04-04 16:22 2118 ----a-w- c:\windows\system32\ealregsnapshot1.reg
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\hauptprogramme\Programme\Avast!\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Klangfarben\AppData\Local\Akamai\netsession_win.exe" [2012-10-09 4441920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\hauptprogramme\Programme\Avast!\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\hauptprogramme\Programme\mbar\mbar.exe" [2012-12-04 1342312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACSW14DE]
2011-11-16 23:36 1231472 ----a-w- c:\hauptprogramme\Programme\ACDSee\ACDSee\14.0\ACDSeeInTouch2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-04-04 05:53 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2011-10-07 09:40 1387288 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MediaFire Tray]
2012-07-02 15:30 2177608 ----a-w- c:\users\Klangfarben\AppData\Local\MediaFire Express\mf_systray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2012-10-02 19:28 3965288 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-10 21:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
2012-12-03 20:26 1354736 ----a-w- c:\hauptprogramme\Programme\Steam\steam.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 12:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
2008-12-03 20:15 218408 ----a-w- c:\program files\Cyberlink\LabelPrint\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdatePSTShortCut]
2009-02-02 12:05 210216 ----a-w- c:\program files\Cyberlink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 13801761
*NewlyCreated* - ASWMBR
*Deregistered* - 13801761
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-29 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-02-02 19:00]
.
2013-01-10 c:\windows\Tasks\User_Feed_Synchronization-{FC58CDD2-DB46-4A93-85AF-241A8A72AB49}.job
- c:\windows\system32\msfeedssync.exe [2012-12-11 07:12]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
IE: Free YouTube Download - c:\users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{DC163D2A-1E09-4DE4-8A23-D31D3EA68631}: NameServer = 213.191.92.86 62.109.123.7
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{c840e246-6b95-475e-9bd7-caa1c7eca9f2} - (no file)
WebBrowser-{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - (no file)
MSConfigStartUp-hpsysdrv - c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
MSConfigStartUp-Media Finder - c:\program files\Media Finder\Media Finder.exe
MSConfigStartUp-StartCCC - c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
AddRemove-Malwarebytes' Anti-Malware_is1 - g:\hauptprogramme\Programme\Malwarebytes' Anti-Malware\Installed\unins000.exe
AddRemove-{EFF6E91F-0009-4047-83BA-6DAD390D7B60}_is1 - g:\hauptprogramme\Spiele\Fussball Manager 12\Installed\unins000.exe
AddRemove-SOE-DC Universe Online Live - g:\hauptprogramme\Spiele\DC Universe Online\Uninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2013-01-11 18:04
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
.
c:\users\KLANGF~1\AppData\Local\Temp\catchme.dll 53248 bytes executable
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 1
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_ce5ba24.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCDSRVC{4F253FFC-7957E8FC-06000000}_0]
"ImagePath"="\??\c:\program files\pc-doctor for windows\pcdsrvc.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.032"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.abr"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ani"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.apd"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.arw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bay"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cr2"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.crw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cs1"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cur"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcx"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djv"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.djvu"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fff"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fpx"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-3080094577-148385331-3633397276-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icl"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.icn"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iff"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ilbm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.int"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.inta"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.iw4"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2c"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.j2k"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jbr"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jif"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jp2"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpc"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpk"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpx"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.kdc"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.lbm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mef"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mos"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nrw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pbr"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcd"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pct"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcx"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pgm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pic"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pict"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pix"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ppm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.psd"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.psp"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspbrush"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pspimage"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ras"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgb"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rgba"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rsb"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rw2"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rwl"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sgi"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srw"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.thm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14o\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14o"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14p\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14p"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v14pf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.v14pf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wbmp"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.wmf"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xbm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xif"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xmp"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.xpm"
.
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\Software\SecuROM\License information*]
"datasecu"=hex:db,e1,33,e0,5d,16,88,e1,d8,e0,1e,5a,d1,31,ec,95,ba,bd,de,83,72,
49,34,df,74,b5,2a,a8,48,13,a1,11,5e,ff,93,fc,3b,88,ef,ce,3a,e4,ed,f6,47,a7,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
Zeit der Fertigstellung: 2013-01-11 18:07:42
ComboFix-quarantined-files.txt 2013-01-11 17:07
.
Vor Suchlauf: 11 Verzeichnis(se), 11.700.707.328 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 11.675.893.760 Bytes frei
.
- - End Of File - - FE11BE74ED1E5BF177CE46594E9A28D4
|
|
11.01.2013, 19:56
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google öffnet Fenster adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.01.2013, 20:12
| #26 |
| | Google öffnet FensterCode:
ATTFilter # AdwCleaner v2.105 - Datei am 11/01/2013 um 20:10:54 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Klangfarben - KLANGFARBEN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Klangfarben\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gefunden : C:\Users\Klangfarben\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Klangfarben\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Klangfarben\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Klangfarben\AppData\Roaming\Media Finder
Ordner Gefunden : C:\Users\Klangfarben\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\MediaFinder
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKU\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19393
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [3010 octets] - [11/01/2013 20:10:54]
########## EOF - C:\AdwCleaner[R1].txt - [3070 octets] ##########
|
|
11.01.2013, 21:09
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Google öffnet Fenster adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
11.01.2013, 21:20
| #28 |
| | Google öffnet Fenster So, hier erstmal das Log vom adwCleaner: Code:
ATTFilter # AdwCleaner v2.105 - Datei am 11/01/2013 um 21:15:09 erstellt
# Aktualisiert am 08/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Klangfarben - KLANGFARBEN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Klangfarben\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Klangfarben\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Klangfarben\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Roaming\Media Finder
Ordner Gelöscht : C:\Users\Klangfarben\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\MediaFinder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.6001.19393
[OK] Die Registrierungsdatenbank ist sauber.
*************************
AdwCleaner[R1].txt - [3139 octets] - [11/01/2013 20:10:54]
AdwCleaner[S1].txt - [2911 octets] - [11/01/2013 21:15:09]
########## EOF - C:\AdwCleaner[S1].txt - [2971 octets] ##########
OTL Logs: Code:
ATTFilter OTL logfile created on: 11.01.2013 21:23:44 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Klangfarben\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19393) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,03% Memory free 6,19 Gb Paging File | 5,31 Gb Available in Paging File | 85,71% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 583,49 Gb Total Space | 8,62 Gb Free Space | 1,48% Space Free | Partition Type: NTFS Drive D: | 12,67 Gb Total Space | 1,79 Gb Free Space | 14,10% Space Free | Partition Type: NTFS Computer Name: KLANGFARBEN-PC | User Name: Klangfarben | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Klangfarben\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe (Adobe Systems Incorporated) PRC - C:\Hauptprogramme\Programme\Avast!\AvastUI.exe (AVAST Software) PRC - C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe (AVAST Software) PRC - C:\Users\Klangfarben\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Hauptprogramme\Programme\CPUCooL\CooLSRV.exe () PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Windows\explorer.exe (Microsoft Corporation) ========== Modules (No Company Name) ========== MOD - C:\Hauptprogramme\Programme\WinRAR\RarExt.dll () MOD - C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\ContextHandler.dll () ========== Services (SafeList) ========== SRV - (MBAMService) -- G:\Hauptprogramme\Programme\Malwarebytes' Anti-Malware\Installed\mbamservice.exe File not found SRV - (MBAMScheduler) -- G:\Hauptprogramme\Programme\Malwarebytes' Anti-Malware\Installed\mbamscheduler.exe File not found SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll () SRV - (avast! Antivirus) -- C:\Hauptprogramme\Programme\Avast!\AvastSvc.exe (AVAST Software) SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (CPUCooLServer) -- C:\Hauptprogramme\Programme\CPUCooL\CooLSRV.exe () SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.) SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (DfSdkS) -- C:\Hauptprogramme\Programme\Ashampoo WinOptimizer 6\DfSdkS.exe (mst software GmbH, Germany) SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS) SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (XDva401) -- C:\Windows\system32\XDva401.sys File not found DRV - (XDva400) -- C:\Windows\system32\XDva400.sys File not found DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found DRV - (XDva394) -- C:\Windows\system32\XDva394.sys File not found DRV - (XDva393) -- C:\Windows\system32\XDva393.sys File not found DRV - (SRTSPX) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSPX.SYS File not found DRV - (SRTSP) -- C:\Windows\system32\drivers\NIS\1000000.07D\SRTSP.SYS File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVEX15.SYS File not found DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\NAVENG.SYS File not found DRV - (MSICDSetup) -- E:\CDriver.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (FXDRV) -- E:\Fxdrv.sys File not found DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found DRV - (catchme) -- C:\Users\KLANGF~1\AppData\Local\Temp\catchme.sys File not found DRV - (AtiHDAudioService) -- system32\drivers\AtihdLH3.sys File not found DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys () DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys () DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software) DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software) DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software) DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software) DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software) DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.) DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (ntiopnp) -- C:\Windows\System32\drivers\ntiopnp.sys () DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV - (ISODrive) -- C:\Hauptprogramme\Programme\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.) DRV - (PCDSRVC{4F253FFC-7957E8FC-06000000}_0) -- c:\Program Files\PC-Doctor for Windows\pcdsrvc.pkms (PC-Doctor, Inc.) DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=Presario&pf=cndt IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de IE - HKLM\..\SearchScopes\{64CA87F3-9734-4C0D-935A-715D2ED6DECE}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKLM\..\SearchScopes\{927F84E5-58F8-4225-ADE9-0849A99714D7}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes,DefaultScope = {5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2} IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..\SearchScopes\{5A9C08EA-84BC-4F00-AAAB-F3C4A4E9F3E2}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de IE - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Klangfarben\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) [2012.07.26 15:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Extensions [2012.05.06 12:48:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Firefox\extensions [2012.05.06 12:48:50 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Klangfarben\AppData\Roaming\Mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} O1 HOSTS File: ([2013.01.11 18:04:43 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Hauptprogramme\Programme\Avast!\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Hauptprogramme\Programme\Avast!\aswWebRepIE.dll (AVAST Software) O4 - HKLM..\Run: [avast] C:\Hauptprogramme\Programme\Avast!\avastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000..\Run: [Akamai NetSession Interface] C:\Users\Klangfarben\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Free YouTube Download - C:\Users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Klangfarben\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites) O15 - HKU\S-1-5-21-3080094577-148385331-3633397276-1000\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab (MGLaunch_v1004 Class) O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC163D2A-1E09-4DE4-8A23-D31D3EA68631}: NameServer = 62.109.123.6 213.191.92.87 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Hauptprogramme\Pics\the_daydreamer_by_realitydream-d4ofaaa E.jpg O24 - Desktop BackupWallPaper: C:\Hauptprogramme\Pics\the_daydreamer_by_realitydream-d4ofaaa E.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2011.10.07 16:45:43 | 000,000,000 | R--D | M] - D:\autorun.inf -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.11 21:21:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Klangfarben\Desktop\OTL.exe [2013.01.11 18:07:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.01.11 18:07:44 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.01.11 18:07:44 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Local\temp [2013.01.11 17:57:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.01.11 17:57:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.01.11 17:57:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.01.11 17:56:58 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.01.11 17:56:55 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.01.11 17:56:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.01.11 17:54:45 | 005,020,603 | R--- | C] (Swearware) -- C:\Users\Klangfarben\Desktop\ComboFix.exe [2013.01.10 22:01:21 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Klangfarben\Desktop\tdsskiller.exe [2013.01.10 22:00:32 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Klangfarben\Desktop\aswMBR.exe [2013.01.09 20:08:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0 [2013.01.09 20:06:21 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 20:05:21 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.08 18:54:59 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NE Beta [2013.01.07 00:31:30 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.01.06 23:18:34 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Summer Athletics 2009 [2013.01.06 23:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages [2013.01.06 22:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaTrainer eXperience [2013.01.06 22:03:52 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Endless Space [2013.01.01 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\LucasArts [2013.01.01 21:37:58 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Local\LucasArts [2013.01.01 17:31:06 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Commander [2012.12.31 15:53:19 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages [2012.12.31 15:53:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media [2012.12.31 15:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components [2012.12.31 14:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.12.31 14:31:51 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012.12.30 20:22:36 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Command & Conquer 3 Kane's Wrath [2012.12.30 20:04:43 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Command & Conquer 3 Kane's Wrath [2012.12.28 23:40:03 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Red Alert 3 [2012.12.28 23:31:05 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\Red Alert 3 [2012.12.27 15:34:18 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\AppData\Roaming\FairyBloomRe [2012.12.26 22:22:34 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\AlienShooter2 Conscription Saves [2012.12.26 21:52:40 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Giana Sisters - Twisted Dreams [2012.12.21 13:44:48 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.21 13:44:48 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.13 21:12:37 | 000,000,000 | ---D | C] -- C:\Users\Klangfarben\Documents\Zombie Shooter 2 Saves [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.11 21:21:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Klangfarben\Desktop\OTL.exe [2013.01.11 21:16:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.11 21:16:59 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.11 21:16:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.11 21:16:49 | 3219,316,736 | -HS- | M] () -- C:\hiberfil.sys [2013.01.11 20:08:38 | 000,554,087 | ---- | M] () -- C:\Users\Klangfarben\Desktop\adwcleaner.exe [2013.01.11 18:04:43 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.01.11 17:54:58 | 005,020,603 | R--- | M] (Swearware) -- C:\Users\Klangfarben\Desktop\ComboFix.exe [2013.01.11 16:41:11 | 000,188,928 | ---- | M] () -- C:\Users\Klangfarben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.01.10 22:01:27 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Klangfarben\Desktop\tdsskiller.exe [2013.01.10 22:00:32 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Klangfarben\Desktop\aswMBR.exe [2013.01.10 21:07:05 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FC58CDD2-DB46-4A93-85AF-241A8A72AB49}.job [2013.01.09 22:47:34 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.09 22:47:34 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.01.09 22:38:52 | 000,000,861 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.01.09 20:27:38 | 000,293,112 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.09 20:21:24 | 000,671,212 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.09 20:21:24 | 000,631,942 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.09 20:21:24 | 000,144,380 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.09 20:21:24 | 000,118,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.08 18:15:13 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Age of Empires III.lnk [2013.01.06 23:17:36 | 000,281,760 | ---- | M] () -- C:\Windows\System32\drivers\atksgt.sys [2013.01.06 23:17:34 | 000,025,888 | ---- | M] () -- C:\Windows\System32\drivers\lirsgt.sys [2013.01.06 22:24:30 | 000,001,744 | ---- | M] () -- C:\Users\Klangfarben\Desktop\MegaTrainer eXperience.lnk [2013.01.06 20:53:16 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Endless Space.url [2013.01.04 19:13:12 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Star Wars Knights of the Old Republic II.url [2013.01.01 18:42:26 | 000,000,226 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Star Wars The Force Unleashed II.url [2012.12.31 14:49:02 | 000,000,226 | ---- | M] () -- C:\Users\Klangfarben\Desktop\The Guild II Renaissance.url [2012.12.28 23:31:01 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini [2012.12.27 14:59:12 | 000,000,227 | ---- | M] () -- C:\Users\Klangfarben\Desktop\Fairy Bloom Freesia.url [2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.11 20:08:35 | 000,554,087 | ---- | C] () -- C:\Users\Klangfarben\Desktop\adwcleaner.exe [2013.01.11 17:57:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.01.11 17:57:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.01.11 17:57:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.01.11 17:57:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.01.11 17:57:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.01.10 02:16:14 | 3219,316,736 | -HS- | C] () -- C:\hiberfil.sys [2013.01.08 18:15:13 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Age of Empires III.lnk [2013.01.06 23:17:36 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys [2013.01.06 23:17:34 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys [2013.01.06 22:24:30 | 000,001,744 | ---- | C] () -- C:\Users\Klangfarben\Desktop\MegaTrainer eXperience.lnk [2013.01.06 20:53:15 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Endless Space.url [2013.01.04 19:13:12 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Star Wars Knights of the Old Republic II.url [2013.01.01 18:42:26 | 000,000,226 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Star Wars The Force Unleashed II.url [2012.12.31 14:49:02 | 000,000,226 | ---- | C] () -- C:\Users\Klangfarben\Desktop\The Guild II Renaissance.url [2012.12.31 14:31:52 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2012.12.28 23:31:01 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini [2012.12.27 14:59:12 | 000,000,227 | ---- | C] () -- C:\Users\Klangfarben\Desktop\Fairy Bloom Freesia.url [2012.08.20 01:48:27 | 000,036,697 | ---- | C] () -- C:\Windows\System32\OggDSuninst.exe [2012.07.29 03:13:09 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.07.29 03:13:09 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll [2012.07.29 03:13:09 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.07.29 03:13:05 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2012.07.19 12:43:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.07.19 12:42:21 | 000,003,113 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012.07.19 12:34:56 | 000,000,680 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\d3d9caps.dat [2012.07.18 19:37:03 | 000,293,889 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2012.06.26 13:12:37 | 000,000,234 | ---- | C] () -- C:\Users\Klangfarben\.swfinfo [2012.05.29 10:09:24 | 000,000,393 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\HamsterVideoConverterSettings.cfg [2012.04.24 13:59:52 | 000,000,160 | ---- | C] () -- C:\Users\Klangfarben\AppData\Roaming\wklnhst.dat [2012.04.09 19:51:56 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2012.03.31 20:48:12 | 000,001,224 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Wave64 Codec.dat [2012.03.31 20:47:21 | 000,003,283 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Musepack Codec.dat [2012.03.31 20:46:41 | 000,003,153 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat [2012.03.31 20:45:46 | 000,002,649 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Midi Decoder.dat [2012.03.31 20:45:06 | 000,001,219 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Dalet Codec.dat [2012.03.31 20:44:17 | 000,001,739 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBPowerAMP Mp2 and BwfMp2 codec.dat [2012.03.31 20:43:41 | 000,003,226 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp m4a Codec.dat [2012.03.31 20:42:50 | 000,003,184 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat [2012.03.31 20:41:15 | 000,003,012 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp WavPack Codec.dat [2012.03.31 20:40:19 | 000,003,417 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp TTA Codec.dat [2012.03.31 20:37:43 | 000,003,411 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Shorten Codec.dat [2012.03.31 20:37:08 | 000,011,406 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBPowerAMP Real Audio (Helix) Encoder.dat [2012.03.31 20:35:55 | 000,088,576 | ---- | C] () -- C:\Windows\System32\OptimFROG.dll [2012.03.31 20:35:55 | 000,003,467 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp OptimFROG Codec.dat [2012.03.31 20:33:08 | 000,003,143 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat [2012.03.31 20:30:54 | 000,408,440 | ---- | C] () -- C:\Windows\System32\SpoonUninstall.exe [2012.03.31 20:30:54 | 000,017,680 | ---- | C] () -- C:\Windows\System32\SpoonUninstall-dBpoweramp Music Converter.dat [2012.03.29 21:59:36 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll [2012.03.29 20:42:59 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2012.03.29 20:42:04 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2012.03.29 17:59:17 | 000,188,928 | ---- | C] () -- C:\Users\Klangfarben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat [2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll [2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll [2011.01.26 23:11:58 | 000,023,040 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 22:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 22:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Files - Unicode (All) ========== [2012.12.20 23:53:38 | 000,000,000 | ---D | C](C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????) -- C:\Users\Klangfarben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\こどものこえ ========== Alternate Data Streams ========== @Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:123EB6EA @Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:14750D76 @Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:888AFB86 < End of report > Code:
ATTFilter OTL Extras logfile created on: 11.01.2013 21:23:44 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Klangfarben\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19393)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 67,03% Memory free
6,19 Gb Paging File | 5,31 Gb Available in Paging File | 85,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 583,49 Gb Total Space | 8,62 Gb Free Space | 1,48% Space Free | Partition Type: NTFS
Drive D: | 12,67 Gb Total Space | 1,79 Gb Free Space | 14,10% Space Free | Partition Type: NTFS
Computer Name: KLANGFARBEN-PC | User Name: Klangfarben | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee 14.Manage] -- "C:\Hauptprogramme\Programme\ACDSee\ACDSee\14.0\ACDSeeQV14.exe" "%1" (ACD Systems International Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022C92D4-1517-464A-B2F1-615399554839}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{324623BE-37BA-4CBF-AB18-1B6562D8FE30}" = lport=445 | protocol=6 | dir=in | app=system |
"{36BAC41E-1D18-4B3B-B13F-7EBFA112CA11}" = rport=139 | protocol=6 | dir=out | app=system |
"{46029841-B8CB-4F23-B038-F94806451D6A}" = lport=138 | protocol=17 | dir=in | app=system |
"{47BC26F3-C469-43DE-831B-8472998C4DC2}" = rport=138 | protocol=17 | dir=out | app=system |
"{57F20F23-18F8-4562-834B-7B5E121EF9CC}" = lport=139 | protocol=6 | dir=in | app=system |
"{5F60E9FF-C638-4865-9C14-A44481304356}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7E20BED1-D2A7-40FF-9EC2-5CCF1D2FDDA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{9CF91ACB-DAD2-456B-90C9-1527F5D863C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{F409964C-F6CD-4E34-90E4-9CF61FF7E015}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0321CEE3-923B-4C29-BE86-4A1FFECB4DD3}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{0649D5A9-5868-4E51-BD22-CA7C0A29471D}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\monopoly\monopolywin.exe |
"{06D31AEF-370C-485A-B0B1-EAF68C378C16}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{1F96F2D1-8989-47AB-8E49-3950C1464ECD}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{20D2F8D1-ECF9-470D-8C29-4C05C414C037}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcherloader.exe |
"{23295D20-C543-4C7B-88AE-97F383E11F7D}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{2931FF10-CBBD-4673-923F-B516A197B400}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcherloader.exe |
"{2B6D8F8C-38F2-46ED-A495-337485363EAA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2D1E56EE-E503-4FD1-9D41-B2AAC55BBF80}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2EBED1D8-23DD-4BFE-B450-072113E709BC}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\fairy bloom freesia\fairybloomfreesia.exe |
"{3049D571-627B-4F79-95FA-29200E19E535}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{3B6BA463-7D84-4059-8E51-084E151E9B8A}" = protocol=6 | dir=in | app=c:\users\klangfarben\appdata\local\akamai\netsession_win.exe |
"{3FCC2A49-A276-489A-917E-8CA96665F063}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\utorrent\utorrent.exe |
"{42ABBBDD-4DEC-48A4-BFF3-A6436818E506}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\cherry tree high comedy club\game.exe |
"{52C000E3-EB80-46E9-8D43-51D7D08E84F7}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{6A019DFC-81B4-4D75-B029-7612D7B72117}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F05B75F-4AFB-4FD6-B502-11124D3182BE}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\endless space\endlessspace.exe |
"{75676D09-77BB-49E5-8065-A8AC8B8902EA}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe |
"{78ADE2FD-A273-43F1-94F7-13D1BC04594E}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\utorrent\utorrent.exe |
"{78ED2C14-B636-4B78-B747-FD0DB0C33CF0}" = protocol=17 | dir=in | app=c:\users\klangfarben\appdata\local\akamai\netsession_win.exe |
"{7EE93292-CCD9-40FC-998A-36E4479A202B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{888F90BA-02AF-4DD2-A47E-F73811AE287C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{8D85C1DA-3ED5-49A9-82EB-5B358658B8D5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8DB63E41-5EEB-4B19-AE86-444A83D10474}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\vindictus\vindictus eu\en-eu\nmservice.exe |
"{93D445B3-E431-4335-B23E-4838961581BD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{9695D7D8-8B15-461C-A7D2-377A571721F7}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\fairy bloom freesia\fairybloomfreesia.exe |
"{9A0CECDF-93E0-41CB-B1CF-25E8A467A0DE}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\endless space\endlessspace.exe |
"{9B0338B7-939B-4EB7-B7F3-B266BED604C9}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\age of empires online\aoeonline.exe |
"{A12EA120-4CF7-4A3D-846D-F86D50FD019E}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\knights of the old republic ii\swkotor2.exe |
"{A5DE0E09-3010-4DB7-BF92-36E1918C0E57}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\monopoly\monopolywin.exe |
"{A792459B-12B2-4837-BEE8-612F38A76372}" = protocol=6 | dir=in | app=c:\hauptprogramme\spiele\age of empires iii\age3y.exe |
"{AAE9E0BF-F785-4846-B3A0-B6E9F9E7338C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{B2CA2BE7-D31B-46AD-B240-95BF18725317}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\wormsrevolution\wormsrevolution.exe |
"{B638896C-EE18-4E15-B317-411B882EC004}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstar.exe |
"{B97444A3-7568-4C5A-9589-E21148EB7338}" = protocol=17 | dir=in | app=c:\hauptprogramme\spiele\age of empires iii\age3y.exe |
"{BA28C643-33AF-483D-A6C0-B988D91509C5}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{C054D5E5-1D77-4AB3-AA0B-4E29D0EEDC9A}" = protocol=17 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\star wars the force unleashed 2\swtfu2.exe |
"{C471F30F-C173-444B-B460-D0E55C15796F}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\vindictus\vindictus eu\en-eu\nmservice.exe |
"{CDF6BCE2-596F-4F5D-A746-6BB43DE56D5A}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstar.exe |
"{D1C579F6-7F6A-44C3-AF4F-4204801A5561}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\cherry tree high comedy club\game.exe |
"{D8783578-B9AE-4A1F-891D-A51B3B9D4866}" = protocol=6 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcher.exe |
"{D9AD8783-1F40-4B78-993C-9D2CDAE5BD38}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DF1C798F-5F94-4D42-A989-4EAE1DC2B443}" = protocol=17 | dir=in | app=g:\hauptprogramme\spiele\golfstar online\installed\golfstarpatcher.exe |
"{DFEE809B-5DB4-449D-95FB-7E26CB8126EA}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\the guild 2 renaissance\guildii.exe |
"{EFC1AD8F-C391-44AD-8C2D-EDE8D6AC0238}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F92EF2F4-BB32-41E2-95FA-61224D4EF99C}" = protocol=6 | dir=in | app=c:\hauptprogramme\programme\steam\steamapps\common\age of empires online\aoeonline.exe |
"TCP Query User{3F2CFA7F-194C-4A7E-B35E-29B9A9BB8940}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{34587256-180C-4D86-A44E-12CD9EE11A65}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{394BE3D9-7F57-4638-A8D1-1D88671913B7}" = Microsoft AppLocale
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{417E8AF0-DAED-4807-82CD-0E4232EFA559}" = Rusty Hearts PWE
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D53090A-CE35-42BD-B377-831000018301}" = Fable III
"{5454083B-1308-4485-BF17-111000028701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000028702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038701}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-111000038702}" = Grand Theft Auto: Episodes from Liberty City
"{5454083B-1308-4485-BF17-1110000B8301}" = Grand Theft Auto IV
"{6DF6A7ED-3B51-8E41-B1C9-41DAD97CC08A}" = Catalyst Control Center InstallProxy
"{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}" = ACDSee 14
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7EE9145D-C430-44E6-B5ED-61FF9C332100}_is1" = Battle of the Immortals
"{7EE9145D-C430-44E6-B5ED-61FF9C332101}_is1" = War of the Immortals
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE1746-9EFF-3C9C-8755-81EA8903AC34}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 296.16
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B76DFCA6-5DEF-4083-B157-8982C176D83C}" = 3DDreamBowl
"{B7E2A724-2774-4AC2-9F0A-B58C7319B6E6}" = Sony Vegas Pro 8.0
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CCB32E0F-8951-4E73-A521-069FD1260524}" = スマイルプリチュパ!
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb" = Microsoft Windows Application Compatibility Database
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F916C6DF-2601-4385-9500-C45FF398D4CB}" = Install(GE)
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Age of Empires 2.0" = Microsoft Age of Empires II
"Age of Empires II: The Conquerors Expansion 1.0" = Microsoft Age of Empires II: The Conquerors Expansion
"Age of Vampires" = Age of Vampires 5.0
"Akamai" = Akamai NetSession Interface Service
"Ashampoo Burning Studio 2012 CBE_is1" = Ashampoo Burning Studio 2012 CBE v.11.0.4
"Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.60
"avast" = avast! Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CCleaner" = CCleaner
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"CPUCooL" = CPUCooL (remove only)
"dBpoweramp Dalet Codec" = dBpoweramp Dalet Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Midi Decoder" = dBpoweramp Midi Decoder
"dBpoweramp Monkeys Audio Codec" = dBpoweramp Monkeys Audio Codec
"dBPowerAMP Mp2 and BwfMp2 codec" = dBPowerAMP Mp2 and BwfMp2 codec
"dBpoweramp mp3 (Fraunhofer IIS) Codec" = dBpoweramp mp3 (Fraunhofer IIS) Codec
"dBpoweramp Musepack Codec" = dBpoweramp Musepack Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp OptimFROG Codec" = dBpoweramp OptimFROG Codec
"dBPowerAMP Real Audio (Helix) Encoder" = dBPowerAMP Real Audio (Helix) Encoder
"dBpoweramp Shorten Codec" = dBpoweramp Shorten Codec
"dBpoweramp TTA Codec" = dBpoweramp TTA Codec
"dBpoweramp Wave64 Codec" = dBpoweramp Wave64 Codec
"dBpoweramp WavPack Codec" = dBpoweramp WavPack Codec
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"Dune II_is1" = Dune II
"Empire Earth Gold Edition_is1" = Empire Earth Gold Edition
"eMule" = eMule
"ESET Online Scanner" = ESET Online Scanner v3
"Fatal Hearts Strategy Guide_is1" = Fatal Hearts Strategy Guide version 1.1
"Free Studio_is1" = Free Studio version 5.3.5
"Free YouTube Download_is1" = Free YouTube Download version 3.1.38.1005
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"GOGPACKPRIMORDIA_is1" = Primordia
"InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}" = Sid Meier's Pirates!
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}" = Age of Empires III
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.1.0
"MediaFire Express 0.13.3.3927" = MediaFire Express
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.5.5
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mp3tag" = Mp3tag v2.52
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OggDS" = Direct Show Ogg Vorbis Filter (remove only)
"PC-Doctor for Windows" = Hardware Diagnose Tools
"Pirates Pack_is1" = Pirates Pack
"pywin32-py2.6" = Python 2.6 pywin32-212
"Raptor" = Raptor
"sp6" = Logitech SetPoint 6.32
"Steam App 105430" = Age of Empires Online
"Steam App 200170" = Worms Revolution
"Steam App 208140" = Endless Space
"Steam App 208580" = Star Wars: Knights of the Old Republic II
"Steam App 214590" = Fairy Bloom Freesia
"Steam App 214610" = Cherry Tree High Comedy Club
"Steam App 221300" = Monopoly
"Steam App 32500" = Star Wars: The Force Unleashed II
"Steam App 39680" = The Guild II: Renaissance
"SystemRequirementsLab" = System Requirements Lab
"UltraISO_is1" = UltraISO Premium V9.52
"uTorrent" = µTorrent
"Vindictus EU" = Vindictus EU
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinRAR archiver" = WinRAR 4.11 (32-Bit)
"Xvid_is1" = Xvid 1.2.2 final uninstall
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3080094577-148385331-3633397276-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"203a975b1d3cc563" = Pcsx2 Cheat converter
"Akamai" = Akamai NetSession Interface
"NE Open Beta" = NE Open Beta
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.01.2013 16:48:57 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 06.01.2013 16:50:34 | Computer Name = Klangfarben-PC | Source = System Restore | ID = 8193
Description =
Error - 06.01.2013 19:32:01 | Computer Name = Klangfarben-PC | Source = EventSystem | ID = 4609
Description =
Error - 06.01.2013 19:35:06 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
Error - 06.01.2013 19:40:25 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
Error - 08.01.2013 13:09:21 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 08.01.2013 13:20:40 | Computer Name = Klangfarben-PC | Source = VSS | ID = 8194
Description =
Error - 08.01.2013 23:44:02 | Computer Name = Klangfarben-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel
0x49e01da5, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000006, Fehleroffset 0x000394c2, Prozess-ID 0xbc, Anwendungsstartzeit
01cdec66fa818b48.
Error - 08.01.2013 23:44:03 | Computer Name = Klangfarben-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit
der gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern;
oder der Datenträger fehlt. Das Programm Windows-Explorer wurde wegen dieses Fehlers
geschlossen. Programm: Windows-Explorer Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche
Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation
ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das
Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen
können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig
in der Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: C000026E Datenträgertyp:
0
Error - 09.01.2013 15:28:24 | Computer Name = Klangfarben-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 12.05.2012 05:04:37 | Computer Name = Klangfarben-PC | Source = DCOM | ID = 10016
Description =
Error - 12.05.2012 05:04:38 | Computer Name = Klangfarben-PC | Source = DCOM | ID = 10016
Description =
Error - 14.05.2012 08:17:27 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 21.05.2012 03:44:28 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 26.05.2012 02:30:11 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 28.05.2012 13:57:36 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 29.05.2012 19:19:39 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 31.05.2012 07:16:38 | Computer Name = Klangfarben-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 31.05.2012 um 13:14:40 unerwartet heruntergefahren.
Error - 31.05.2012 07:18:19 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 02.06.2012 08:13:15 | Computer Name = Klangfarben-PC | Source = Service Control Manager | ID = 7031
Description =
< End of report >
Geändert von Schilf (11.01.2013 um 21:38 Uhr) |
|
| Themen zu Google öffnet Fenster |
| dahinter, datei, einfacher, eingebe, entferne, entfernen, fake, fenster, frage, fragen, google, installiert, log, meldungen, mögliche, natürlich, nenne, poste, quick, scan, steckt, virus, voll, würde, öffnet |
Linear-Darstellung
