| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Skype schreibt automatisch Sachen wie "wassws"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.12.2012, 16:45
| #1 |
| |  Skype schreibt automatisch Sachen wie "wassws" Hallo Trojaner-Board Team, langsam bin ich mit meinem Latein am Ende und denke, dass noch nie jemand hier dieses Problem hatte. Ich habe u.a. gegoogelt und habe nichts Ähnliches gefunden, aber ich denke, ich sollte erstmal mein Problem schildern. Vor ziemlich genau einen Monat chattete ich mit einem Freund per Skype. Ich hatte gerade die Hände an der Kaffeetasse, da bemerkte ich, dass mein Computer von selbst mit meinem Freund schreibt. Die Inhalte davon waren Sachen, aus einem Spiel (Minecraft), wie z.B. "wdwdaswdswddwst" oder irgendwelche Befehle in diesem. Ich weiß auch noch ganz genau, wann ich diese Befehle genutzt hatte und dies war zwei Wochen vor dem her. Das Ganze fand ich ein bisschen komisch, denn ich hatte sonst nie irgendwelche Probleme, Viren oder Ungereimtheiten. Mein Virenscanner hat nie herumgemeckert. Also nehme ich mir meine "c't Desinfekt" und die Kaspersky 2012 Notfall CD und lass die beide mal nach Viren, Trojaner, etc. suchen. Alles ohne Erfolg und somit mache ich mir keine weiteren Gedanken. Heute aber, als ich wieder mit dem selben Freund schreibe, geschieht das Gleiche wieder. Der "PC" tippt in ziemlich langsamen Tempo, im Verhältnis zu Zehn-Finger-Schreiben, diese Sachen ("wasssaaswsas") ein. Ich habe mal gehört, das Skype genauso Befehle mit "/" verwendet wie in Minecraft und klicke deshalb einfach mal in die Kurznotitz. "Er" tippt weiter, ohne als wenn etwas gewesen wäre. Alles insgesamt kommt mir extrem faul vor, denn angenommern ein Keylogger wäre auf meinem Pc, welchen Sinn hätte dieser, wenn er es bei Skype hinein schreiben würde?! Ich kann mir einfach nichts zusammenreimen. Ich hoffe, dass ich mein Problem verständlich und genau beschrieben habe, dass euch das Thema interresiert und ihr mir helfen könnt. Danke schonmal im Voraus, mfg Jonas |
|
11.12.2012, 10:27
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Skype schreibt automatisch Sachen wie "wassws" Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
ATTFilter msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ |
|
12.12.2012, 22:21
| #3 |
| | Skype schreibt automatisch Sachen wie "wassws" Sorry!
__________________Doppelpost! Geändert von chewbaccaa (12.12.2012 um 22:24 Uhr) Grund: Doppelpost |
|
12.12.2012, 22:23
| #4 |
| | Skype schreibt automatisch Sachen wie "wassws" Eine Vermutung von mir wäre vielleicht noch, dass meine Tastatur (Microsoft SideWinder X4 Tastatur) Makros erstellen kann und die somit auch 1:1 abrufen kann. Es wäre eine Möglichkeit, dass wenn ich etwas bestimmtes an meinen Freund schreibe, ich dieses Makro aktiviere. Aber hier die Logfile: OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.12.2012 22:07:13 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Skywalk3r\Downloads 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 15,87 Gb Total Physical Memory | 13,48 Gb Available Physical Memory | 84,97% Memory free 31,73 Gb Paging File | 29,11 Gb Available in Paging File | 91,73% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 439,67 Gb Total Space | 293,69 Gb Free Space | 66,80% Space Free | Partition Type: NTFS Drive E: | 329,75 Gb Total Space | 139,95 Gb Free Space | 42,44% Space Free | Partition Type: NTFS Drive F: | 100,00 Mb Total Space | 71,86 Mb Free Space | 71,87% Space Free | Partition Type: NTFS Drive G: | 293,41 Gb Total Space | 157,67 Gb Free Space | 53,74% Space Free | Partition Type: NTFS Computer Name: BOMBERCHEN | User Name: Skywalk3r | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.12.12 21:36:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Skywalk3r\Downloads\OTL.exe PRC - [2012.11.28 12:45:16 | 001,868,432 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe PRC - [2012.11.01 08:52:54 | 000,875,728 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe PRC - [2012.11.01 08:52:52 | 000,877,264 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe PRC - [2012.11.01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe PRC - [2012.10.31 19:19:06 | 001,234,848 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe PRC - [2012.10.31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe PRC - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe ========== Modules (No Company Name) ========== MOD - [2011.09.27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011.09.27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV:64bit: - [2012.09.28 02:38:16 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.12.12 17:58:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.09 15:08:43 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.11.28 12:45:16 | 001,868,432 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater) SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.11.07 23:37:40 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent) SRV - [2012.11.01 08:52:52 | 000,070,352 | ---- | M] (Comodo Security Solutions Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe -- (CLPSLauncher) SRV - [2012.10.31 15:46:38 | 001,467,088 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe -- (GeekBuddyRSP) SRV - [2012.04.10 11:17:16 | 000,097,552 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2012.03.19 12:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.07.22 09:17:44 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.30 04:02:56 | 057,617,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SRV - [2009.03.30 04:01:06 | 000,427,880 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SRV - [2008.07.10 05:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.11.13 19:11:29 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd) DRV:64bit: - [2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP) DRV:64bit: - [2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap) DRV:64bit: - [2012.11.07 23:37:58 | 000,022,736 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd) DRV:64bit: - [2012.09.28 03:21:20 | 010,697,216 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.09.28 02:12:52 | 000,460,288 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.05.14 07:12:30 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.03.15 16:25:50 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.10.03 16:41:58 | 000,146,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt) DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt) DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt) DRV:64bit: - [2011.09.02 07:30:02 | 000,032,536 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042Kbd.sys -- (L8042Kbd) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.10.22 02:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2010.10.22 02:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2010.03.09 11:21:42 | 000,123,408 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.07.24 19:28:52 | 000,036,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nx6000.sys -- (MSHUSBVideo) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.03.18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi) DRV:64bit: - [2006.11.06 08:56:30 | 000,030,528 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\brpar64a.sys -- (BrPar) DRV - [2012.12.04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD) DRV - [2012.04.10 11:17:14 | 000,164,528 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Suche IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED E4 A7 24 C5 9F CC 01 [binary data] IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647 IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul" FF - prefs.js..extensions.enabledAddons: %7B64161300-e22b-11db-8314-0800200c9a66%7D:0.9.6.10 FF - prefs.js..extensions.enabledAddons: %7B6AC85730-7D0F-4de0-B3FA-21142DD85326%7D:2.8 FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:7.6.0.2 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33 FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.09 15:08:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.08 11:04:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.11.01 07:37:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Extensions [2012.12.12 16:54:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions [2012.08.03 12:57:20 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012.11.17 15:35:42 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\Firefox\Profiles\ybcw8bdb.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2012.10.11 07:58:38 | 000,281,285 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2012.12.12 16:54:06 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012.11.23 14:01:49 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011.12.13 19:49:56 | 000,000,931 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\mozilla\firefox\profiles\ybcw8bdb.default\searchplugins\conduit.xml [2012.12.09 15:08:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012.12.09 15:08:24 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012.12.09 15:08:44 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.06.23 12:24:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 10:31:45 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.06.23 12:24:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.06.23 12:24:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.23 12:24:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.23 12:24:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.06.09 18:28:09 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime File not found O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [tvncontrol] "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave File not found O4 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found O4 - Startup: C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0 O7 - HKU\S-1-5-21-3963389296-900692964-1275611924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: NameServer = 8.26.56.26,156.154.70.22 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2038F4DF-E548-4D18-B317-D250937CD209}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BE25285-F889-4403-8F03-A27A71328216}: NameServer = 8.26.56.26,156.154.70.22 O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml - No CLSID value found O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO) O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.03.25 19:20:34 | 000,000,066 | ---- | M] () - G:\autostart.bat -- [ NTFS ] O33 - MountPoints2\{dfff32e5-03f5-11e1-ab7c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{dfff32e5-03f5-11e1-ab7c-806e6f6e6963}\Shell\AutoRun\command - "" = D:\duden.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scanner Finder.lnk - C:\PROGRA~2\SCANWI~1\SCANNE~1.EXE - () MsConfig:64bit - StartUpFolder: C:^Users^Skywalk3r^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Shutdown Assistent.exe - - File not found MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: BrStsWnd - hkey= - key= - File not found MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Malwarebytes' Anti-Malware - hkey= - key= - File not found MsConfig:64bit - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) MsConfig:64bit - StartUpReg: SandboxieControl - hkey= - key= - C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) MsConfig:64bit - StartUpReg: WatchMyCam - hkey= - key= - File not found NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PEVSystemStart - Service SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: procexp90.Sys - Driver SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PEVSystemStart - Service SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: procexp90.Sys - Driver SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PEVSystemStart - Service SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: procexp90.Sys - Driver SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.12.09 15:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center [2012.12.09 15:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center [2012.12.09 15:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.12.09 12:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012.12.09 12:49:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012.12.07 18:45:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.12.07 18:44:58 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012.12.04 09:41:28 | 000,037,976 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys [2012.12.03 16:40:09 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POV-Ray for Windows v3.62 [2012.12.03 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Pictures\Documents\POV-Ray [2012.12.03 16:39:32 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray [2012.12.03 16:27:30 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Desktop\Neuer Ordner (2) [2012.12.02 18:37:20 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers [2012.12.02 18:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [2012.12.02 18:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2012.12.02 18:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2012.11.29 09:59:38 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\Desktop\Neuer Ordner [2012.11.21 07:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus [2012.11.17 15:45:50 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin [2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution [2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 10 [2012.11.17 15:45:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audials [2012.11.17 15:44:42 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Local\RapidSolution [2012.11.17 11:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Comodo [2012.11.17 11:07:15 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA [2012.11.15 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO [2012.11.15 20:18:51 | 000,000,000 | -H-D | C] -- C:\VritualRoot [2012.11.13 20:02:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo [2012.11.13 20:02:45 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO [2012.11.13 20:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [2012.11.13 20:02:38 | 000,000,000 | ---D | C] -- C:\Users\Skywalk3r\AppData\Local\Comodo [2012.11.13 20:02:31 | 000,054,024 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll [2012.11.13 20:02:31 | 000,045,832 | ---- | C] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2012.11.13 20:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo [2012.11.13 19:11:29 | 000,047,240 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2012.11.13 19:11:20 | 000,037,480 | ---- | C] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys ========== Files - Modified Within 30 Days ========== [2012.12.12 22:03:59 | 001,148,816 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat [2012.12.12 21:58:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.12.12 21:27:41 | 000,001,637 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\IRZMJ.nxc [2012.12.12 21:21:43 | 000,041,134 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik.sym [2012.12.12 21:21:40 | 000,001,366 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik.bak [2012.12.12 21:21:40 | 000,001,366 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\mitmusik - Kopie.nxc [2012.12.12 19:37:55 | 001,647,500 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial Marchalt.wav [2012.12.12 19:21:42 | 000,001,222 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.nxc [2012.12.12 19:21:36 | 000,001,221 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.bak [2012.12.12 19:13:28 | 000,028,669 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Untitled1.sym [2012.12.12 16:51:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.12.12 16:51:39 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.12.12 16:44:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.12.12 16:44:00 | 4187,316,222 | -HS- | M] () -- C:\hiberfil.sys [2012.12.09 12:49:38 | 000,054,024 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll [2012.12.09 12:49:38 | 000,045,832 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll [2012.12.08 19:00:35 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2012.12.08 10:57:03 | 000,541,018 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.xcf [2012.12.08 10:57:03 | 000,001,463 | ---- | M] () -- C:\Users\Skywalk3r\.recently-used.xbel [2012.12.07 18:45:46 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.12.07 18:41:33 | 000,340,761 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.png [2012.12.07 18:39:19 | 000,051,542 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Maerchen-auf-Eis-und-orientalischer-Wintermarkt_ArtikelQuer.jpg [2012.12.04 09:41:28 | 000,037,976 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CFRMD.sys [2012.12.03 16:40:09 | 000,002,317 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\POV-Ray for Windows v3.62.lnk [2012.12.03 16:25:32 | 000,000,347 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Unbenannzzzzt.png [2012.12.03 16:19:50 | 000,001,268 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012.12.02 18:45:36 | 001,800,066 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.12.02 18:45:36 | 000,763,004 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.12.02 18:45:36 | 000,718,322 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.12.02 18:45:36 | 000,173,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.12.02 18:45:36 | 000,146,344 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.12.02 18:37:16 | 000,001,239 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\DVDVideoSoft Free Studio.lnk [2012.12.02 18:37:15 | 000,001,302 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Free YouTube Download.lnk [2012.11.29 17:45:53 | 015,729,534 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Desktop001.tif [2012.11.26 17:55:57 | 1724,933,310 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Desktop002.tif [2012.11.26 17:53:07 | 000,088,296 | ---- | M] () -- C:\Windows\SM_25_W2400.id14 [2012.11.26 17:53:07 | 000,088,296 | ---- | M] () -- C:\Windows\SM_25_D2400.id14 [2012.11.26 17:52:32 | 000,003,822 | ---- | M] () -- C:\Windows\SM_25_W73.id14 [2012.11.26 17:52:32 | 000,003,822 | ---- | M] () -- C:\Windows\SM_25_D73.id14 [2012.11.26 17:46:39 | 000,003,678 | ---- | M] () -- C:\Windows\SM_25_W72.id14 [2012.11.26 17:46:39 | 000,003,678 | ---- | M] () -- C:\Windows\SM_25_D72.id14 [2012.11.26 15:03:24 | 015,246,783 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Bakterienanzahl.exe [2012.11.23 14:19:48 | 015,523,884 | ---- | M] () -- C:\Users\Skywalk3r\Pictures\Documents\imp.wav [2012.11.23 14:18:29 | 000,006,070 | ---- | M] () -- C:\Users\Skywalk3r\imp.mscz [2012.11.23 14:07:16 | 000,004,142 | ---- | M] () -- C:\Users\Skywalk3r\imp.midi [2012.11.23 14:05:33 | 000,018,748 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Star_Wars__Imperial_March.mid [2012.11.21 07:16:13 | 000,001,504 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Lazarus.lnk [2012.11.17 15:45:48 | 000,000,950 | ---- | M] () -- C:\Users\Skywalk3r\Desktop\Audials.lnk [2012.11.17 11:09:07 | 000,002,043 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2012.11.17 11:04:30 | 004,996,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.15 21:20:23 | 005,188,040 | ---- | M] () -- C:\Users\Skywalk3r\02 Duel of the Fates.mp3 [2012.11.13 19:11:29 | 000,047,240 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\tbhsd.sys [2012.11.13 19:11:20 | 000,037,480 | ---- | M] (RapidSolution Software AG) -- C:\Windows\SysNative\drivers\rrnetcap.sys ========== Files Created - No Company Name ========== [2012.12.12 21:22:59 | 000,001,366 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik - Kopie.nxc [2012.12.12 19:46:03 | 000,041,134 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik.sym [2012.12.12 19:21:57 | 000,001,637 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\IRZMJ.nxc [2012.12.12 19:21:57 | 000,001,366 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\mitmusik.bak [2012.12.12 17:02:12 | 000,028,669 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.sym [2012.12.12 16:50:49 | 000,001,222 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.nxc [2012.12.12 16:50:49 | 000,001,221 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Untitled1.bak [2012.12.08 10:57:03 | 000,001,463 | ---- | C] () -- C:\Users\Skywalk3r\.recently-used.xbel [2012.12.07 18:55:15 | 000,541,018 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Unbenannt.xcf [2012.12.07 18:45:46 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.12.03 16:40:09 | 000,002,317 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\POV-Ray for Windows v3.62.lnk [2012.12.03 16:25:29 | 000,000,347 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Unbenannzzzzt.png [2012.12.02 18:37:16 | 000,001,239 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\DVDVideoSoft Free Studio.lnk [2012.12.02 18:37:15 | 000,001,302 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Free YouTube Download.lnk [2012.11.29 12:51:24 | 001,647,500 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial Marchalt.wav [2012.11.29 12:46:57 | 003,063,238 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\01-The Imperial March.mp3 [2012.11.26 17:52:55 | 1724,933,310 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Desktop002.tif [2012.11.26 17:47:19 | 015,729,534 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Desktop001.tif [2012.11.26 17:46:39 | 000,003,678 | ---- | C] () -- C:\Windows\SM_25_W72.id14 [2012.11.26 17:46:39 | 000,003,678 | ---- | C] () -- C:\Windows\SM_25_D72.id14 [2012.11.26 15:05:04 | 015,246,783 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Bakterienanzahl.exe [2012.11.23 14:18:29 | 000,006,070 | ---- | C] () -- C:\Users\Skywalk3r\imp.mscz [2012.11.23 14:18:07 | 015,523,884 | ---- | C] () -- C:\Users\Skywalk3r\Pictures\Documents\imp.wav [2012.11.23 14:07:15 | 000,004,142 | ---- | C] () -- C:\Users\Skywalk3r\imp.midi [2012.11.23 14:05:32 | 000,018,748 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Star_Wars__Imperial_March.mid [2012.11.21 07:16:13 | 000,001,504 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Lazarus.lnk [2012.11.17 15:45:48 | 000,000,950 | ---- | C] () -- C:\Users\Skywalk3r\Desktop\Audials.lnk [2012.11.17 11:09:07 | 000,002,043 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2012.11.16 01:10:55 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.16 01:00:03 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.11.15 21:19:54 | 005,188,040 | ---- | C] () -- C:\Users\Skywalk3r\02 Duel of the Fates.mp3 [2012.11.13 20:04:33 | 001,148,816 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat [2012.10.02 10:13:58 | 000,006,817 | ---- | C] () -- C:\Users\Skywalk3r\Linkin Park - Numb.mscz [2012.09.30 09:28:47 | 000,011,391 | ---- | C] () -- C:\Users\Skywalk3r\Alex Clare - Too Close.mid [2012.09.30 00:34:49 | 000,011,436 | ---- | C] () -- C:\Users\Skywalk3r\Linkin Park - Numb.mid [2012.09.30 00:32:23 | 000,085,972 | ---- | C] () -- C:\Users\Skywalk3r\TheKen - In The End.pdf [2012.09.30 00:30:47 | 000,117,596 | ---- | C] () -- C:\Users\Skywalk3r\Too Close (cc design).pdf [2012.09.10 11:35:38 | 003,896,797 | ---- | C] () -- C:\Users\Skywalk3r\Too Close .mp3 [2012.09.02 20:05:05 | 051,159,149 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft.rar [2012.08.31 14:32:01 | 000,000,632 | ---- | C] () -- C:\Windows\Qiii.INI [2012.08.22 11:37:46 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI [2012.08.10 19:54:17 | 000,000,975 | ---- | C] () -- C:\Users\Skywalk3r\InterActual Player.lnk [2012.08.05 18:07:28 | 000,003,248 | ---- | C] () -- C:\Users\Skywalk3r\What i've done jtheiner.mscz [2012.08.05 00:15:32 | 000,004,879 | ---- | C] () -- C:\Users\Skywalk3r\Blue_Rhapsody.mscz [2012.08.05 00:11:30 | 000,028,013 | ---- | C] () -- C:\Users\Skywalk3r\What_Ive_Done_-_Linkin_Park.mscz [2012.07.20 17:49:50 | 000,000,739 | ---- | C] () -- C:\Windows\Debug.ini [2012.07.20 17:42:09 | 000,001,003 | ---- | C] () -- C:\Users\Skywalk3r\PriMusStandard.lnk [2012.07.18 17:23:09 | 000,002,368 | ---- | C] () -- C:\Users\Skywalk3r\What I've Done.mscz [2012.07.18 17:18:13 | 000,001,084 | ---- | C] () -- C:\Users\Skywalk3r\MuseScore.lnk [2012.07.13 13:42:22 | 000,000,004 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Roaming\steam_md5.dat [2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.06.09 18:09:11 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.06.09 18:09:11 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.06.09 18:09:11 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.06.09 18:09:11 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.06.09 18:09:11 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.05.30 20:25:31 | 002,433,307 | ---- | C] () -- C:\Users\Skywalk3r\The Complete Navigation.pdf [2012.05.14 20:19:18 | 000,393,463 | ---- | C] () -- C:\Users\Skywalk3r\space100.pdf [2012.05.13 11:24:29 | 000,001,678 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2012.04.02 16:20:33 | 000,003,584 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.03.25 17:49:06 | 000,001,126 | ---- | C] () -- C:\Users\Skywalk3r\TmNationsForever spielen.lnk [2012.03.08 19:06:02 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2012.03.08 19:06:02 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2012.03.08 19:05:41 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.03.08 19:05:19 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3040CN.INI [2012.03.08 19:05:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2012.03.08 19:05:17 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2012.03.08 19:04:24 | 000,000,399 | ---- | C] () -- C:\Windows\Brownie.ini [2012.03.06 14:34:18 | 000,000,289 | ---- | C] () -- C:\Windows\{19789B73-7489-4EE0-8040-6C4DD5C1AF52}_WiseFW.ini [2012.02.15 19:46:00 | 000,000,035 | ---- | C] () -- C:\Windows\Ulead32.INI [2012.01.28 20:09:34 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe [2011.11.13 13:28:48 | 000,007,602 | ---- | C] () -- C:\Users\Skywalk3r\AppData\Local\Resmon.ResmonCfg [2011.11.11 21:43:02 | 000,001,916 | ---- | C] () -- C:\Users\Skywalk3r\Meine Bilder.lnk [2011.11.11 21:42:32 | 000,285,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsio.sys [2011.11.11 21:42:32 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\drivers\Onsreged.sys [2011.11.10 17:34:45 | 001,777,024 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.11.01 07:33:25 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\SysWow64\wbem\wbemess.dll ========== LOP Check ========== [2012.11.28 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft [2012.05.08 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.Nitrous [2012.08.21 09:10:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.purple [2012.04.06 12:22:24 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AntMe [2012.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC [2012.12.12 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Audacity [2012.02.03 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\BL-Soft [2012.01.21 11:41:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Blender Foundation [2012.09.02 09:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\CoffeeCup Software [2012.07.20 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Columbus Soft [2012.02.05 22:29:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.03.15 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DAEMON Tools Lite [2012.12.12 16:45:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox [2012.12.02 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoft [2012.12.02 18:37:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers [2011.11.22 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\EvaBox [2012.11.11 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FileZilla [2011.11.11 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FreePDF [2012.12.08 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\gtk-2.0 [2012.09.12 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IcoFX2X [2012.08.11 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IGC [2012.03.06 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ImgBurn [2012.09.23 13:40:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\JoCar Consulting [2011.11.19 13:09:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Leadertech [2012.02.03 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MAXON [2012.03.06 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\mirabyte [2012.07.18 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MusE [2012.09.21 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Notepad++ [2011.12.19 15:42:16 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\OpenOffice.org [2012.12.03 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray [2012.02.03 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\RDecke [2012.04.04 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.04.19 18:26:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TeamViewer [2012.10.10 20:56:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Teeworlds [2011.11.15 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Thunderbird [2012.10.17 08:06:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\tipptrainer2 [2012.07.20 19:08:09 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TS3Client [2012.02.19 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ts3overlay [2011.11.16 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\VOS [2011.11.18 14:40:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\XnView [2012.02.13 15:56:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\yWorks ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.07.06 18:23:45 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012.07.31 22:03:36 | 000,000,000 | ---D | M] -- C:\AMD [2012.06.09 18:34:22 | 000,000,000 | --SD | M] -- C:\ComboFix [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011.10.31 20:32:09 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2011.11.11 21:42:30 | 000,000,000 | ---D | M] -- C:\Kpcms [2012.11.21 07:16:13 | 000,000,000 | ---D | M] -- C:\lazarus [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.10.19 12:56:15 | 000,000,000 | ---D | M] -- C:\plugins [2012.12.09 15:09:18 | 000,000,000 | R--D | M] -- C:\Program Files [2012.12.09 16:18:11 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.12.07 18:44:58 | 000,000,000 | ---D | M] -- C:\ProgramData [2011.10.31 20:32:10 | 000,000,000 | -HSD | M] -- C:\Programme [2012.06.09 18:09:07 | 000,000,000 | ---D | M] -- C:\Qoobox [2011.10.31 20:32:10 | 000,000,000 | ---D | M] -- C:\Recovery [2012.05.29 00:36:23 | 000,000,000 | R--D | M] -- C:\Sandbox [2012.12.12 22:08:38 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.07.29 16:18:50 | 000,000,000 | ---D | M] -- C:\tmp [2011.10.31 20:32:19 | 000,000,000 | R--D | M] -- C:\Users [2012.11.15 20:18:51 | 000,000,000 | -H-D | M] -- C:\VritualRoot [2012.10.21 13:22:14 | 000,000,000 | ---D | M] -- C:\VXIPNP [2012.11.26 17:46:39 | 000,000,000 | ---D | M] -- C:\Windows < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012.11.28 19:39:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.minecraft [2012.05.08 15:26:51 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.Nitrous [2012.08.21 09:10:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\.purple [2012.05.13 12:47:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Adobe [2012.04.06 12:22:24 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AntMe [2011.11.17 15:51:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Apple Computer [2011.11.01 16:06:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ATI [2012.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC [2012.12.12 20:36:07 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Audacity [2012.02.03 19:12:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\BL-Soft [2012.01.21 11:41:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Blender Foundation [2012.03.08 19:07:12 | 000,000,000 | R--D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Brother [2012.09.02 09:26:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\CoffeeCup Software [2012.07.20 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Columbus Soft [2012.02.05 22:29:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012.03.15 16:37:35 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DAEMON Tools Lite [2012.12.12 16:45:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox [2012.04.30 22:05:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\dvdcss [2012.12.02 18:37:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoft [2012.12.02 18:37:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\DVDVideoSoftIEHelpers [2011.11.22 15:09:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\EvaBox [2012.11.11 22:53:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FileZilla [2011.11.11 22:39:42 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\FreePDF [2012.06.04 14:11:12 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Google [2012.12.08 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\gtk-2.0 [2012.03.30 18:13:01 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Hamachi [2012.09.12 20:57:59 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IcoFX2X [2011.10.31 20:32:33 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Identities [2012.08.11 21:15:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\IGC [2012.03.06 20:07:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ImgBurn [2012.09.23 13:40:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\JoCar Consulting [2011.11.19 13:09:46 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Leadertech [2011.11.19 13:08:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Logishrd [2011.11.19 13:09:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Logitech [2011.11.01 11:10:38 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Macromedia [2012.05.04 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Malwarebytes [2012.02.03 19:29:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MAXON [2011.04.12 08:54:56 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Media Center Programs [2012.09.02 15:28:40 | 000,000,000 | --SD | M] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft [2012.08.13 11:50:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft Corporation [2012.03.06 14:35:04 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\mirabyte [2011.11.01 07:44:05 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Mozilla [2012.07.18 17:18:14 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\MusE [2012.09.21 14:19:44 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Notepad++ [2011.12.19 15:42:16 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\OpenOffice.org [2012.12.03 16:39:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray [2012.02.03 19:33:20 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\RDecke [2012.12.12 19:59:29 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Skype [2012.04.04 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.04.19 18:26:30 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TeamViewer [2012.10.10 20:56:49 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Teeworlds [2011.11.15 20:14:22 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\Thunderbird [2012.10.17 08:06:02 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\tipptrainer2 [2012.07.20 19:08:09 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\TS3Client [2012.02.19 18:38:31 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\ts3overlay [2012.04.11 09:13:01 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\vlc [2011.11.16 15:27:25 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\VOS [2011.12.15 16:45:32 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\WinRAR [2011.11.18 14:40:27 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\XnView [2012.02.13 15:56:18 | 000,000,000 | ---D | M] -- C:\Users\Skywalk3r\AppData\Roaming\yWorks < %APPDATA%\*.exe /s > [2012.03.21 22:04:30 | 003,401,385 | ---- | M] ( ) -- C:\Users\Skywalk3r\AppData\Roaming\AtoCC\AtoCC Setup.exe [2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012.05.24 19:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe [2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Dropbox\bin\Uninstall.exe [2012.02.05 22:28:27 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe [2011.12.03 20:01:13 | 000,010,134 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\Foren.exe [2011.12.03 20:01:13 | 000,000,766 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{20B1B020-DEAE-48D1-9960-D4C3185D758B}\htmledit.exe [2011.11.19 13:09:45 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe [2012.10.17 08:04:57 | 000,025,214 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\ARPPRODUCTICON.exe [2012.10.17 08:04:57 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\NewShortcut2_7036A07AFE2A4920A94419B73D16F106_1.exe [2012.10.17 08:04:57 | 000,057,344 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{7036A07A-FE2A-4920-A944-19B73D16F106}\NewShortcut8_7036A07AFE2A4920A94419B73D16F106.exe [2012.07.31 21:45:49 | 000,088,102 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{B106B636-CAE2-B7BC-2988-3FD21DB1E0C7}\ARPPRODUCTICON.exe [2012.12.03 16:40:08 | 000,121,334 | R--- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\ARPPRODUCTICON.exe [2012.12.03 16:40:09 | 000,159,744 | R--- | M] (Macrovision Corporation) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\NewShortcut2_D0CE053E0E5E4C129BAED0F36021E911.exe [2012.12.03 16:40:08 | 000,159,744 | R--- | M] (Macrovision Corporation) -- C:\Users\Skywalk3r\AppData\Roaming\Microsoft\Installer\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}\PVEngine.ProgramMe_D0CE053E0E5E4C129BAED0F36021E911.exe [2009.05.31 19:33:06 | 003,728,200 | ---- | M] (Persistence of Vision Raytracer Pty. Ltd.) -- C:\Users\Skywalk3r\AppData\Roaming\POV-Ray\v3.6\bin\pvengine64.exe [2011.09.30 01:05:07 | 000,531,456 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Launcher.exe [2011.09.30 01:07:07 | 001,307,136 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Loader.exe [2011.09.30 01:08:09 | 000,896,000 | ---- | M] (Microsoft) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\PackageEditor.exe [2011.09.30 01:10:23 | 002,009,088 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Packager.exe [2011.09.30 01:13:28 | 002,818,560 | ---- | M] (Cameyo (cameyo.com)) -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\Packager64.exe [2011.09.30 01:05:06 | 000,877,056 | ---- | M] () -- C:\Users\Skywalk3r\AppData\Roaming\VOS\Cameyo\%Program Files%\Cameyo\PkgEdit.exe < %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles > < %SYSTEMROOT%\System32\config\*.sav > < %SYSTEMROOT%\*. /mp /s > < %SYSTEMROOT%\system32\*.dll /lockedfiles > ========== Alternate Data Streams ========== @Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:DED17083 < End of report >  |
|
13.12.2012, 15:16
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws"Code:
ATTFilter 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03BBD8F3-6B44-4B97-938E-19B208229B71}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2038F4DF-E548-4D18-B317-D250937CD209}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BE25285-F889-4403-8F03-A27A71328216}: NameServer = 8.26.56.26,156.154.70.22
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
13.12.2012, 18:08
| #6 |
| | Skype schreibt automatisch Sachen wie "wassws" Ich brauchte nicht die ganzen Sachen, die in Home Premium enthalten sind. Warum dann nicht gleich Professional?! Und nein, es ist kein Firmenrechner. |
|
13.12.2012, 19:24
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws"Zitat:
Du weißt schon, dass Professional die teurere Version ist weil sie mehr Features hat, die von Firmen meist zwingend benötigt werden?!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.12.2012, 14:19
| #8 |
| | Skype schreibt automatisch Sachen wie "wassws" Falls du andeuten willst, dass das eine nicht legal erworbene Lizenz ist, lautet die Antwort zu 100% nein! |
|
14.12.2012, 15:09
| #9 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws" Ich will einfach nur eine klare Aussage darüber, warum du ein Prefessional hast und diese hab ich immer noch nicht bekommen! Warum also hast du auf deinem angeblich reinen Privat-PC eine Professional Edition? Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.12.2012, 16:20
| #10 |
| | Skype schreibt automatisch Sachen wie "wassws" Also, um das jetzt klarzustellen. Die meisten fertigen Computer haben schon vorinstalliertes Windows HP. Ich habe meinen selber zusammengestellt. Mein alter PC hatte noch XP und deshalb musste ich mir ein Neues zulegen. Schwupp war Weihnachten und mein Dad hat gesagt:" Dann kaufe ich dir 7.". So, dass er Professional nimmt, war mir natürlich egal, denn ich hatte keinen Plan von den Unterschieden. Zu meiner Frage, warum er denn nicht das günstigere genommen hat, meinte er, auf HP seien so viele Sachen drauf, die ich garnicht benötige... und ich denke, er hat 7 noch nicht ganz so vertraut, dass alle alten XP Programme wirklich bei mir dann laufen würden. Ich persönlich hätte mir jetzt auch HP gekauft, nur weil es günstiger ist und wirklich fast alle Programme dort funktionieren. Aber wenn ich zu dem Zeitpunkt kein Plan davon hatte.  Du hast mich darauf erst aufmerksam gemacht, mich darüber richtig mal zu informieren, nachdem du nochmal nachgefragt hast. So viel zum Thema Professional. Könnten wir uns aber jetzt, wenn möglich auf mein Problem konzentrieren?!  Geändert von chewbaccaa (14.12.2012 um 16:25 Uhr) Grund: s |
|
14.12.2012, 16:23
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws"Zitat:
1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.12.2012, 18:47
| #12 |
| | Skype schreibt automatisch Sachen wie "wassws" MBR: Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-14 18:38:18
-----------------------------
18:38:18.402 OS Version: Windows x64 6.1.7601 Service Pack 1
18:38:18.403 Number of processors: 4 586 0x2502
18:38:18.403 ComputerName: BOMBERCHEN UserName: Skywalk3r
18:38:48.520 Initialize success
18:39:01.241 AVAST engine defs: 12121400
18:39:56.959 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4
18:39:56.962 Disk 0 Vendor: ST1500DL003-9VT16L CC31 Size: 1430799MB BusType: 3
18:39:56.966 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T1L0-8
18:39:56.969 Disk 1 Vendor: WDC_WD10EVDS-63U8B0 01.00A01 Size: 953869MB BusType: 3
18:39:57.000 Disk 1 MBR read successfully
18:39:57.004 Disk 1 MBR scan
18:39:57.013 Disk 1 unknown MBR code
18:39:57.017 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 503643 MB offset 2048
18:39:57.044 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 450220 MB offset 1031469390
18:39:57.080 Disk 1 scanning C:\Windows\system32\drivers
18:40:06.678 Service scanning
18:40:32.361 Modules scanning
18:40:32.372 Disk 1 trace - called modules:
18:40:32.744 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
18:40:32.751 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa800dcb6060]
18:40:32.758 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800daa5580]
18:40:32.766 5 ACPI.sys[fffff88000f227a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T1L0-8[0xfffffa800dabc680]
18:40:32.772 Scan finished successfully
18:40:45.696 Disk 1 MBR has been saved successfully to "C:\Users\Skywalk3r\Desktop\MBR.dat"
18:40:45.704 The log file has been saved successfully to "C:\Users\Skywalk3r\Desktop\aswMBR.txt"
Code:
ATTFilter 18:41:56.0389 2124 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:41:56.0585 2124 ============================================================
18:41:56.0585 2124 Current date / time: 2012/12/14 18:41:56.0585
18:41:56.0585 2124 SystemInfo:
18:41:56.0585 2124
18:41:56.0585 2124 OS Version: 6.1.7601 ServicePack: 1.0
18:41:56.0585 2124 Product type: Workstation
18:41:56.0585 2124 ComputerName: BOMBERCHEN
18:41:56.0586 2124 UserName: Skywalk3r
18:41:56.0586 2124 Windows directory: C:\Windows
18:41:56.0586 2124 System windows directory: C:\Windows
18:41:56.0586 2124 Running under WOW64
18:41:56.0586 2124 Processor architecture: Intel x64
18:41:56.0586 2124 Number of processors: 4
18:41:56.0586 2124 Page size: 0x1000
18:41:56.0586 2124 Boot type: Normal boot
18:41:56.0586 2124 ============================================================
18:42:03.0212 2124 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:03.0261 2124 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:03.0277 2124 ============================================================
18:42:03.0277 2124 \Device\Harddisk1\DR1:
18:42:03.0277 2124 MBR partitions:
18:42:03.0277 2124 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D7AD800
18:42:03.0277 2124 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D7AF94E, BlocksNum 0x36F56073
18:42:03.0277 2124 \Device\Harddisk0\DR0:
18:42:03.0277 2124 MBR partitions:
18:42:03.0277 2124 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:42:03.0277 2124 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24ACF800
18:42:03.0306 2124 ============================================================
18:42:03.0402 2124 C: <-> \Device\Harddisk1\DR1\Partition2
18:42:03.0473 2124 E: <-> \Device\Harddisk1\DR1\Partition1
18:42:03.0502 2124 F: <-> \Device\Harddisk0\DR0\Partition1
18:42:03.0523 2124 G: <-> \Device\Harddisk0\DR0\Partition2
18:42:03.0523 2124 ============================================================
18:42:03.0523 2124 Initialize success
18:42:03.0523 2124 ============================================================
18:42:16.0343 5028 ============================================================
18:42:16.0343 5028 Scan started
18:42:16.0343 5028 Mode: Manual; SigCheck; TDLFS;
18:42:16.0343 5028 ============================================================
18:42:20.0105 5028 ================ Scan system memory ========================
18:42:20.0105 5028 System memory - ok
18:42:20.0107 5028 ================ Scan services =============================
18:42:20.0462 5028 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:42:20.0588 5028 1394ohci - ok
18:42:20.0604 5028 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:42:20.0622 5028 ACPI - ok
18:42:20.0649 5028 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:42:20.0731 5028 AcpiPmi - ok
18:42:20.0887 5028 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:42:20.0917 5028 AdobeFlashPlayerUpdateSvc - ok
18:42:20.0976 5028 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:42:21.0014 5028 adp94xx - ok
18:42:21.0075 5028 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:42:21.0107 5028 adpahci - ok
18:42:21.0136 5028 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:42:21.0150 5028 adpu320 - ok
18:42:21.0180 5028 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:42:21.0330 5028 AeLookupSvc - ok
18:42:21.0393 5028 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:42:21.0481 5028 AFD - ok
18:42:21.0506 5028 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:42:21.0521 5028 agp440 - ok
18:42:21.0542 5028 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:42:21.0608 5028 ALG - ok
18:42:21.0623 5028 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:42:21.0636 5028 aliide - ok
18:42:21.0718 5028 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:42:21.0807 5028 AMD External Events Utility - ok
18:42:21.0840 5028 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:42:21.0866 5028 amdide - ok
18:42:21.0915 5028 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:42:21.0957 5028 AmdK8 - ok
18:42:23.0703 5028 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:42:24.0008 5028 amdkmdag - ok
18:42:24.0232 5028 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:42:24.0323 5028 amdkmdap - ok
18:42:24.0339 5028 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:42:24.0413 5028 AmdPPM - ok
18:42:24.0521 5028 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:42:24.0550 5028 amdsata - ok
18:42:24.0641 5028 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:42:24.0677 5028 amdsbs - ok
18:42:24.0778 5028 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:42:24.0802 5028 amdxata - ok
18:42:24.0874 5028 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:42:26.0181 5028 AppID - ok
18:42:26.0217 5028 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:42:26.0306 5028 AppIDSvc - ok
18:42:26.0339 5028 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:42:26.0399 5028 Appinfo - ok
18:42:26.0562 5028 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:42:26.0597 5028 Apple Mobile Device - ok
18:42:26.0660 5028 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:42:26.0715 5028 AppMgmt - ok
18:42:26.0747 5028 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:42:26.0774 5028 arc - ok
18:42:26.0800 5028 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:42:26.0813 5028 arcsas - ok
18:42:26.0933 5028 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:42:26.0987 5028 aspnet_state - ok
18:42:27.0016 5028 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:27.0093 5028 AsyncMac - ok
18:42:27.0109 5028 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:42:27.0121 5028 atapi - ok
18:42:27.0171 5028 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:42:27.0198 5028 AtiHDAudioService - ok
18:42:27.0243 5028 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
18:42:27.0257 5028 AtiHdmiService - ok
18:42:27.0307 5028 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:27.0370 5028 AudioEndpointBuilder - ok
18:42:27.0379 5028 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:42:27.0418 5028 AudioSrv - ok
18:42:27.0468 5028 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
18:42:27.0492 5028 avmeject - ok
18:42:27.0523 5028 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:42:27.0620 5028 AxInstSV - ok
18:42:27.0665 5028 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:42:27.0733 5028 b06bdrv - ok
18:42:27.0756 5028 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:42:27.0800 5028 b57nd60a - ok
18:42:27.0845 5028 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:42:27.0901 5028 BDESVC - ok
18:42:27.0915 5028 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:42:27.0956 5028 Beep - ok
18:42:28.0048 5028 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:42:28.0143 5028 BFE - ok
18:42:28.0227 5028 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:42:28.0346 5028 BITS - ok
18:42:28.0374 5028 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:28.0412 5028 blbdrive - ok
18:42:28.0584 5028 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:42:28.0611 5028 Bonjour Service - ok
18:42:28.0677 5028 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:42:28.0748 5028 bowser - ok
18:42:28.0792 5028 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:42:28.0844 5028 BrFiltLo - ok
18:42:28.0857 5028 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:42:28.0875 5028 BrFiltUp - ok
18:42:28.0929 5028 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:42:29.0013 5028 BridgeMP - ok
18:42:29.0083 5028 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:42:29.0173 5028 Browser - ok
18:42:29.0226 5028 [ 91EB9C1FC4A4221CA3CCBD864F815C30 ] BrPar C:\Windows\System32\drivers\BrPar64a.sys
18:42:29.0249 5028 BrPar - ok
18:42:29.0265 5028 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:42:29.0344 5028 Brserid - ok
18:42:29.0350 5028 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:29.0380 5028 BrSerWdm - ok
18:42:29.0383 5028 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:29.0440 5028 BrUsbMdm - ok
18:42:29.0444 5028 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:29.0467 5028 BrUsbSer - ok
18:42:29.0498 5028 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:42:29.0517 5028 BTHMODEM - ok
18:42:29.0549 5028 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:42:29.0592 5028 bthserv - ok
18:42:29.0686 5028 catchme - ok
18:42:29.0714 5028 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:42:29.0792 5028 cdfs - ok
18:42:29.0836 5028 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:42:29.0882 5028 cdrom - ok
18:42:29.0903 5028 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:42:29.0959 5028 CertPropSvc - ok
18:42:29.0973 5028 CFRMD - ok
18:42:29.0987 5028 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:42:30.0003 5028 circlass - ok
18:42:30.0025 5028 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:42:30.0043 5028 CLFS - ok
18:42:30.0138 5028 [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
18:42:30.0165 5028 CLPSLauncher - ok
18:42:30.0301 5028 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:30.0336 5028 clr_optimization_v2.0.50727_32 - ok
18:42:30.0405 5028 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:42:30.0436 5028 clr_optimization_v2.0.50727_64 - ok
18:42:30.0556 5028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:30.0854 5028 clr_optimization_v4.0.30319_32 - ok
18:42:30.0878 5028 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:42:30.0938 5028 clr_optimization_v4.0.30319_64 - ok
18:42:30.0965 5028 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:42:31.0011 5028 CmBatt - ok
18:42:31.0254 5028 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
18:42:31.0314 5028 cmdAgent - ok
18:42:31.0363 5028 [ 2D6DC31AA55BFF702519235DEF0DA68E ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
18:42:31.0387 5028 cmderd - ok
18:42:31.0536 5028 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
18:42:31.0575 5028 cmdGuard - ok
18:42:31.0603 5028 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
18:42:31.0614 5028 cmdHlp - ok
18:42:31.0662 5028 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:42:31.0687 5028 cmdide - ok
18:42:31.0773 5028 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:42:31.0836 5028 CNG - ok
18:42:31.0844 5028 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:42:31.0860 5028 Compbatt - ok
18:42:31.0885 5028 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:42:31.0915 5028 CompositeBus - ok
18:42:31.0932 5028 COMSysApp - ok
18:42:31.0943 5028 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:42:31.0959 5028 crcdisk - ok
18:42:31.0993 5028 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:42:32.0059 5028 CryptSvc - ok
18:42:32.0114 5028 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
18:42:32.0166 5028 CSC - ok
18:42:32.0202 5028 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
18:42:32.0256 5028 CscService - ok
18:42:32.0420 5028 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:42:32.0528 5028 DcomLaunch - ok
18:42:32.0598 5028 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:42:32.0660 5028 defragsvc - ok
18:42:32.0684 5028 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:42:32.0732 5028 DfsC - ok
18:42:32.0766 5028 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:42:32.0823 5028 Dhcp - ok
18:42:32.0837 5028 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:42:32.0908 5028 discache - ok
18:42:32.0932 5028 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:42:32.0952 5028 Disk - ok
18:42:32.0979 5028 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:42:33.0086 5028 dmvsc - ok
18:42:33.0132 5028 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:42:33.0235 5028 Dnscache - ok
18:42:33.0283 5028 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:42:33.0378 5028 dot3svc - ok
18:42:33.0397 5028 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:42:33.0451 5028 DPS - ok
18:42:33.0946 5028 [ 364F0E1D4510E05DC01A1A5E0E957F36 ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
18:42:33.0994 5028 DragonUpdater - ok
18:42:34.0060 5028 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:42:34.0101 5028 drmkaud - ok
18:42:34.0225 5028 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:42:34.0250 5028 dtsoftbus01 - ok
18:42:34.0294 5028 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:42:34.0330 5028 DXGKrnl - ok
18:42:34.0364 5028 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:42:34.0451 5028 EapHost - ok
18:42:34.0556 5028 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:42:34.0688 5028 ebdrv - ok
18:42:34.0720 5028 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:42:34.0786 5028 EFS - ok
18:42:34.0807 5028 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:42:34.0844 5028 elxstor - ok
18:42:34.0874 5028 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:42:34.0912 5028 ErrDev - ok
18:42:34.0942 5028 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:42:35.0009 5028 EventSystem - ok
18:42:35.0061 5028 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:42:35.0134 5028 exfat - ok
18:42:35.0154 5028 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:42:35.0200 5028 fastfat - ok
18:42:35.0235 5028 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:42:35.0305 5028 Fax - ok
18:42:35.0319 5028 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:42:35.0337 5028 fdc - ok
18:42:35.0358 5028 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:42:35.0431 5028 fdPHost - ok
18:42:35.0444 5028 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:42:35.0530 5028 FDResPub - ok
18:42:35.0543 5028 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:42:35.0556 5028 FileInfo - ok
18:42:35.0590 5028 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:42:35.0694 5028 Filetrace - ok
18:42:35.0714 5028 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:42:35.0727 5028 flpydisk - ok
18:42:35.0812 5028 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:42:35.0849 5028 FltMgr - ok
18:42:35.0965 5028 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
18:42:36.0060 5028 FontCache - ok
18:42:36.0093 5028 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:42:36.0106 5028 FontCache3.0.0.0 - ok
18:42:36.0131 5028 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:42:36.0151 5028 FsDepends - ok
18:42:36.0193 5028 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:42:36.0219 5028 Fs_Rec - ok
18:42:36.0236 5028 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:42:36.0253 5028 fvevol - ok
18:42:36.0295 5028 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
18:42:36.0355 5028 FWLANUSB - ok
18:42:36.0371 5028 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:42:36.0384 5028 gagp30kx - ok
18:42:36.0432 5028 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:42:36.0452 5028 GEARAspiWDM - ok
18:42:36.0513 5028 [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
18:42:36.0556 5028 GeekBuddyRSP - ok
18:42:36.0698 5028 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:42:36.0758 5028 gpsvc - ok
18:42:36.0823 5028 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:42:36.0846 5028 hamachi - ok
18:42:36.0861 5028 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:42:36.0906 5028 hcw85cir - ok
18:42:36.0951 5028 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:42:36.0999 5028 HdAudAddService - ok
18:42:37.0031 5028 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:42:37.0083 5028 HDAudBus - ok
18:42:37.0107 5028 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:42:37.0146 5028 HidBatt - ok
18:42:37.0167 5028 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:42:37.0208 5028 HidBth - ok
18:42:37.0231 5028 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:42:37.0248 5028 HidIr - ok
18:42:37.0298 5028 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:42:37.0382 5028 hidserv - ok
18:42:37.0414 5028 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:42:37.0427 5028 HidUsb - ok
18:42:37.0468 5028 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:42:37.0564 5028 hkmsvc - ok
18:42:37.0658 5028 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:42:37.0722 5028 HomeGroupListener - ok
18:42:37.0765 5028 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:42:37.0815 5028 HomeGroupProvider - ok
18:42:37.0833 5028 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:42:37.0861 5028 HpSAMD - ok
18:42:38.0048 5028 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:42:38.0139 5028 HTTP - ok
18:42:38.0157 5028 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:42:38.0169 5028 hwpolicy - ok
18:42:38.0187 5028 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:42:38.0200 5028 i8042prt - ok
18:42:38.0252 5028 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:42:38.0288 5028 iaStorV - ok
18:42:38.0469 5028 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:42:38.0531 5028 IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:42:38.0531 5028 IDriverT - detected UnsignedFile.Multi.Generic (1)
18:42:38.0709 5028 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:42:38.0735 5028 idsvc - ok
18:42:38.0759 5028 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:42:38.0771 5028 iirsp - ok
18:42:38.0838 5028 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:42:38.0959 5028 IKEEXT - ok
18:42:39.0037 5028 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
18:42:39.0063 5028 inspect - ok
18:42:39.0199 5028 [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:42:39.0252 5028 IntcAzAudAddService - ok
18:42:39.0273 5028 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:42:39.0285 5028 intelide - ok
18:42:39.0312 5028 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:42:39.0350 5028 intelppm - ok
18:42:39.0371 5028 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:42:39.0448 5028 IPBusEnum - ok
18:42:39.0468 5028 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:42:39.0502 5028 IpFilterDriver - ok
18:42:39.0653 5028 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:42:39.0722 5028 iphlpsvc - ok
18:42:39.0737 5028 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:42:39.0780 5028 IPMIDRV - ok
18:42:39.0795 5028 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:42:39.0847 5028 IPNAT - ok
18:42:39.0940 5028 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:42:39.0976 5028 iPod Service - ok
18:42:40.0000 5028 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:42:40.0026 5028 IRENUM - ok
18:42:40.0043 5028 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:42:40.0055 5028 isapnp - ok
18:42:40.0162 5028 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:42:40.0208 5028 iScsiPrt - ok
18:42:40.0253 5028 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:42:40.0277 5028 kbdclass - ok
18:42:40.0315 5028 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:42:40.0353 5028 kbdhid - ok
18:42:40.0398 5028 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:42:40.0425 5028 KeyIso - ok
18:42:40.0456 5028 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:42:40.0486 5028 KSecDD - ok
18:42:40.0513 5028 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:42:40.0529 5028 KSecPkg - ok
18:42:40.0532 5028 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:42:40.0582 5028 ksthunk - ok
18:42:40.0695 5028 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:42:40.0772 5028 KtmRm - ok
18:42:40.0835 5028 [ 7D80A55B6D0C2A54728158E846F4696D ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
18:42:40.0860 5028 L8042Kbd - ok
18:42:40.0917 5028 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:42:40.0998 5028 LanmanServer - ok
18:42:41.0079 5028 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:42:41.0162 5028 LanmanWorkstation - ok
18:42:41.0199 5028 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:42:41.0220 5028 LHidFilt - ok
18:42:41.0244 5028 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:42:41.0302 5028 lltdio - ok
18:42:41.0333 5028 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:42:41.0388 5028 lltdsvc - ok
18:42:41.0450 5028 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:42:41.0528 5028 lmhosts - ok
18:42:41.0541 5028 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:42:41.0552 5028 LMouFilt - ok
18:42:41.0586 5028 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:42:41.0599 5028 LSI_FC - ok
18:42:41.0625 5028 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:42:41.0638 5028 LSI_SAS - ok
18:42:41.0646 5028 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:42:41.0658 5028 LSI_SAS2 - ok
18:42:41.0669 5028 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:42:41.0683 5028 LSI_SCSI - ok
18:42:41.0703 5028 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:42:41.0753 5028 luafv - ok
18:42:41.0808 5028 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
18:42:41.0832 5028 LUsbFilt - ok
18:42:42.0001 5028 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:42:42.0032 5028 MDM - ok
18:42:42.0075 5028 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:42:42.0102 5028 megasas - ok
18:42:42.0128 5028 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:42:42.0144 5028 MegaSR - ok
18:42:42.0174 5028 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:42:42.0246 5028 MMCSS - ok
18:42:42.0284 5028 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:42:42.0359 5028 Modem - ok
18:42:42.0398 5028 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:42:42.0435 5028 monitor - ok
18:42:42.0449 5028 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:42:42.0464 5028 mouclass - ok
18:42:42.0484 5028 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:42:42.0515 5028 mouhid - ok
18:42:42.0532 5028 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:42:42.0547 5028 mountmgr - ok
18:42:42.0592 5028 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:42:42.0616 5028 MozillaMaintenance - ok
18:42:42.0633 5028 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:42:42.0651 5028 mpio - ok
18:42:42.0667 5028 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:42:42.0711 5028 mpsdrv - ok
18:42:42.0854 5028 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:42:42.0929 5028 MpsSvc - ok
18:42:42.0971 5028 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:42:43.0034 5028 MRxDAV - ok
18:42:43.0089 5028 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:42:43.0176 5028 mrxsmb - ok
18:42:43.0192 5028 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:42:43.0229 5028 mrxsmb10 - ok
18:42:43.0258 5028 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:42:43.0274 5028 mrxsmb20 - ok
18:42:43.0301 5028 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:42:43.0313 5028 msahci - ok
18:42:43.0335 5028 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:42:43.0365 5028 msdsm - ok
18:42:43.0383 5028 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:42:43.0413 5028 MSDTC - ok
18:42:43.0436 5028 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:42:43.0500 5028 Msfs - ok
18:42:43.0533 5028 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:42:43.0568 5028 mshidkmdf - ok
18:42:43.0603 5028 [ 0BBE794E0C54621CFA8ED9B5850BAAAE ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
18:42:43.0625 5028 MSHUSBVideo - ok
18:42:43.0639 5028 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:42:43.0652 5028 msisadrv - ok
18:42:43.0685 5028 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:42:43.0743 5028 MSiSCSI - ok
18:42:43.0746 5028 msiserver - ok
18:42:43.0792 5028 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:42:43.0861 5028 MSKSSRV - ok
18:42:43.0913 5028 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:42:43.0983 5028 MSPCLOCK - ok
18:42:44.0013 5028 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:42:44.0055 5028 MSPQM - ok
18:42:44.0144 5028 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:42:44.0177 5028 MsRPC - ok
18:42:44.0181 5028 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:42:44.0194 5028 mssmbios - ok
18:42:44.0286 5028 MSSQL$SQLEXPRESS - ok
18:42:44.0389 5028 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
18:42:44.0424 5028 MSSQLServerADHelper100 - ok
18:42:44.0449 5028 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:42:44.0508 5028 MSTEE - ok
18:42:44.0531 5028 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:42:44.0543 5028 MTConfig - ok
18:42:44.0564 5028 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:42:44.0576 5028 Mup - ok
18:42:44.0730 5028 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:42:44.0795 5028 napagent - ok
18:42:44.0854 5028 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:42:44.0917 5028 NativeWifiP - ok
18:42:44.0980 5028 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:42:45.0048 5028 NDIS - ok
18:42:45.0084 5028 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:42:45.0118 5028 NdisCap - ok
18:42:45.0138 5028 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:42:45.0172 5028 NdisTapi - ok
18:42:45.0189 5028 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:42:45.0223 5028 Ndisuio - ok
18:42:45.0236 5028 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:42:45.0285 5028 NdisWan - ok
18:42:45.0310 5028 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:42:45.0367 5028 NDProxy - ok
18:42:45.0396 5028 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:42:45.0471 5028 NetBIOS - ok
18:42:45.0529 5028 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:42:45.0601 5028 NetBT - ok
18:42:45.0620 5028 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:42:45.0633 5028 Netlogon - ok
18:42:45.0684 5028 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:42:45.0757 5028 Netman - ok
18:42:45.0810 5028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:45.0850 5028 NetMsmqActivator - ok
18:42:45.0865 5028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:45.0877 5028 NetPipeActivator - ok
18:42:45.0897 5028 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:42:45.0951 5028 netprofm - ok
18:42:45.0955 5028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:45.0966 5028 NetTcpActivator - ok
18:42:45.0980 5028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:42:45.0990 5028 NetTcpPortSharing - ok
18:42:46.0010 5028 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:42:46.0022 5028 nfrd960 - ok
18:42:46.0055 5028 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:42:46.0088 5028 NlaSvc - ok
18:42:46.0126 5028 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:42:46.0177 5028 Npfs - ok
18:42:46.0200 5028 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:42:46.0257 5028 nsi - ok
18:42:46.0270 5028 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:42:46.0350 5028 nsiproxy - ok
18:42:46.0450 5028 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:42:46.0530 5028 Ntfs - ok
18:42:46.0549 5028 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:42:46.0599 5028 Null - ok
18:42:46.0640 5028 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:42:46.0667 5028 nvraid - ok
18:42:46.0734 5028 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:42:46.0781 5028 nvstor - ok
18:42:46.0819 5028 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:42:46.0846 5028 nv_agp - ok
18:42:46.0865 5028 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:42:46.0890 5028 ohci1394 - ok
18:42:46.0939 5028 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:42:46.0962 5028 ose - ok
18:42:46.0989 5028 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:42:47.0048 5028 p2pimsvc - ok
18:42:47.0108 5028 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:42:47.0161 5028 p2psvc - ok
18:42:47.0198 5028 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:42:47.0229 5028 Parport - ok
18:42:47.0273 5028 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:42:47.0298 5028 partmgr - ok
18:42:47.0308 5028 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:42:47.0354 5028 PcaSvc - ok
18:42:47.0414 5028 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:42:47.0459 5028 pci - ok
18:42:47.0484 5028 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:42:47.0498 5028 pciide - ok
18:42:47.0542 5028 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:42:47.0596 5028 pcmcia - ok
18:42:47.0625 5028 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:42:47.0639 5028 pcw - ok
18:42:47.0706 5028 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:42:47.0805 5028 PEAUTH - ok
18:42:48.0180 5028 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:42:48.0278 5028 PeerDistSvc - ok
18:42:48.0353 5028 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:42:48.0412 5028 PerfHost - ok
18:42:48.0492 5028 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:42:48.0609 5028 pla - ok
18:42:48.0670 5028 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:42:48.0743 5028 PlugPlay - ok
18:42:48.0758 5028 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:42:48.0809 5028 PNRPAutoReg - ok
18:42:48.0834 5028 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:42:48.0855 5028 PNRPsvc - ok
18:42:48.0878 5028 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:42:48.0931 5028 PolicyAgent - ok
18:42:48.0969 5028 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:42:49.0016 5028 Power - ok
18:42:49.0060 5028 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:42:49.0135 5028 PptpMiniport - ok
18:42:49.0166 5028 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:42:49.0221 5028 Processor - ok
18:42:49.0266 5028 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:42:49.0339 5028 ProfSvc - ok
18:42:49.0354 5028 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:42:49.0374 5028 ProtectedStorage - ok
18:42:49.0389 5028 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:42:49.0454 5028 Psched - ok
18:42:49.0718 5028 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:42:49.0789 5028 ql2300 - ok
18:42:49.0811 5028 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:42:49.0824 5028 ql40xx - ok
18:42:49.0887 5028 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:42:49.0936 5028 QWAVE - ok
18:42:49.0969 5028 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:42:49.0996 5028 QWAVEdrv - ok
18:42:50.0011 5028 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:42:50.0049 5028 RasAcd - ok
18:42:50.0082 5028 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:42:50.0133 5028 RasAgileVpn - ok
18:42:50.0152 5028 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:42:50.0198 5028 RasAuto - ok
18:42:50.0202 5028 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:42:50.0236 5028 Rasl2tp - ok
18:42:50.0328 5028 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:42:50.0408 5028 RasMan - ok
18:42:50.0433 5028 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:42:50.0493 5028 RasPppoe - ok
18:42:50.0537 5028 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:42:50.0610 5028 RasSstp - ok
18:42:50.0687 5028 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:42:50.0741 5028 rdbss - ok
18:42:50.0762 5028 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:42:50.0805 5028 rdpbus - ok
18:42:50.0826 5028 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:42:50.0868 5028 RDPCDD - ok
18:42:50.0928 5028 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:42:50.0990 5028 RDPDR - ok
18:42:51.0015 5028 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:42:51.0081 5028 RDPENCDD - ok
18:42:51.0137 5028 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:42:51.0194 5028 RDPREFMP - ok
18:42:51.0269 5028 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:42:51.0327 5028 RDPWD - ok
18:42:51.0356 5028 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:42:51.0381 5028 rdyboost - ok
18:42:51.0406 5028 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:42:51.0478 5028 RemoteAccess - ok
18:42:51.0506 5028 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:42:51.0543 5028 RemoteRegistry - ok
18:42:51.0563 5028 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:42:51.0615 5028 RpcEptMapper - ok
18:42:51.0646 5028 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:42:51.0671 5028 RpcLocator - ok
18:42:51.0709 5028 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:42:51.0764 5028 RpcSs - ok
18:42:51.0833 5028 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
18:42:51.0855 5028 RRNetCap - ok
18:42:51.0876 5028 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
18:42:51.0891 5028 RRNetCapMP - ok
18:42:51.0948 5028 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
18:42:51.0976 5028 RsFx0103 - ok
18:42:51.0987 5028 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:42:52.0024 5028 rspndr - ok
18:42:52.0074 5028 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:42:52.0107 5028 RTL8167 - ok
18:42:52.0123 5028 RTL8192cu - ok
18:42:52.0138 5028 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:42:52.0170 5028 s3cap - ok
18:42:52.0187 5028 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:42:52.0206 5028 SamSs - ok
18:42:52.0307 5028 [ 0FE05DD9BBF0782E2BBF0977F2034616 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
18:42:52.0336 5028 SbieDrv - ok
18:42:52.0356 5028 [ C970C7B2FD2E811525D4578D50B535F5 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
18:42:52.0369 5028 SbieSvc - ok
18:42:52.0385 5028 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:42:52.0399 5028 sbp2port - ok
18:42:52.0433 5028 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:42:52.0479 5028 SCardSvr - ok
18:42:52.0518 5028 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:42:52.0613 5028 scfilter - ok
18:42:52.0855 5028 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:42:52.0930 5028 Schedule - ok
18:42:52.0980 5028 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:42:53.0024 5028 SCPolicySvc - ok
18:42:53.0127 5028 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:42:53.0181 5028 SDRSVC - ok
18:42:53.0218 5028 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:42:53.0270 5028 secdrv - ok
18:42:53.0310 5028 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:42:53.0352 5028 seclogon - ok
18:42:53.0433 5028 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:42:53.0536 5028 SENS - ok
18:42:53.0592 5028 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:42:53.0666 5028 SensrSvc - ok
18:42:53.0680 5028 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:42:53.0740 5028 Serenum - ok
18:42:53.0757 5028 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:42:53.0806 5028 Serial - ok
18:42:53.0810 5028 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:42:53.0839 5028 sermouse - ok
18:42:53.0864 5028 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:42:53.0924 5028 SessionEnv - ok
18:42:53.0927 5028 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:42:53.0942 5028 sffdisk - ok
18:42:53.0971 5028 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:42:54.0036 5028 sffp_mmc - ok
18:42:54.0048 5028 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:42:54.0103 5028 sffp_sd - ok
18:42:54.0107 5028 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:42:54.0131 5028 sfloppy - ok
18:42:54.0185 5028 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:42:54.0271 5028 SharedAccess - ok
18:42:54.0338 5028 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:42:54.0394 5028 ShellHWDetection - ok
18:42:54.0419 5028 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:42:54.0431 5028 SiSRaid2 - ok
18:42:54.0482 5028 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:42:54.0509 5028 SiSRaid4 - ok
18:42:54.0610 5028 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:42:54.0635 5028 SkypeUpdate - ok
18:42:54.0676 5028 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:42:54.0749 5028 Smb - ok
18:42:54.0792 5028 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:42:54.0828 5028 SNMPTRAP - ok
18:42:54.0842 5028 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:42:54.0855 5028 spldr - ok
18:42:54.0904 5028 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:42:54.0966 5028 Spooler - ok
18:42:55.0154 5028 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:42:55.0337 5028 sppsvc - ok
18:42:55.0353 5028 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:42:55.0389 5028 sppuinotify - ok
18:42:55.0429 5028 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
18:42:55.0457 5028 SQLAgent$SQLEXPRESS - ok
18:42:55.0524 5028 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:42:55.0554 5028 SQLBrowser - ok
18:42:55.0722 5028 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:42:55.0748 5028 SQLWriter - ok
18:42:55.0918 5028 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:42:55.0994 5028 srv - ok
18:42:56.0075 5028 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:42:56.0124 5028 srv2 - ok
18:42:56.0155 5028 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:42:56.0180 5028 srvnet - ok
18:42:56.0210 5028 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:42:56.0253 5028 SSDPSRV - ok
18:42:56.0344 5028 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:42:56.0443 5028 SstpSvc - ok
18:42:56.0534 5028 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:42:56.0561 5028 stexstor - ok
18:42:56.0635 5028 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:42:56.0703 5028 stisvc - ok
18:42:56.0740 5028 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:42:56.0767 5028 storflt - ok
18:42:56.0790 5028 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
18:42:56.0847 5028 StorSvc - ok
18:42:56.0860 5028 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:42:56.0876 5028 storvsc - ok
18:42:56.0890 5028 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:42:56.0902 5028 swenum - ok
18:42:56.0926 5028 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:42:56.0967 5028 swprv - ok
18:42:57.0222 5028 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:42:57.0349 5028 SysMain - ok
18:42:57.0394 5028 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:42:57.0418 5028 TabletInputService - ok
18:42:57.0433 5028 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:42:57.0483 5028 TapiSrv - ok
18:42:57.0535 5028 [ 048CFE7569D6ADCAB9349BB1A566A79E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
18:42:57.0555 5028 tbhsd - ok
18:42:57.0621 5028 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:42:57.0676 5028 TBS - ok
18:42:58.0168 5028 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:42:58.0246 5028 Tcpip - ok
18:42:58.0288 5028 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:42:58.0323 5028 TCPIP6 - ok
18:42:58.0369 5028 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:42:58.0395 5028 tcpipreg - ok
18:42:58.0483 5028 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:42:58.0549 5028 TDPIPE - ok
18:42:58.0586 5028 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:42:58.0627 5028 TDTCP - ok
18:42:58.0655 5028 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:42:58.0699 5028 tdx - ok
18:42:59.0180 5028 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
18:42:59.0237 5028 TeamViewer7 - ok
18:42:59.0293 5028 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:42:59.0321 5028 TermDD - ok
18:42:59.0560 5028 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:42:59.0650 5028 TermService - ok
18:42:59.0677 5028 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:42:59.0719 5028 Themes - ok
18:42:59.0763 5028 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:42:59.0803 5028 THREADORDER - ok
18:42:59.0931 5028 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:43:00.0039 5028 TrkWks - ok
18:43:00.0103 5028 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:43:00.0175 5028 TrustedInstaller - ok
18:43:00.0194 5028 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:00.0273 5028 tssecsrv - ok
18:43:00.0301 5028 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:43:00.0359 5028 TsUsbFlt - ok
18:43:00.0405 5028 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:43:00.0489 5028 TsUsbGD - ok
18:43:00.0523 5028 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:43:00.0574 5028 tunnel - ok
18:43:00.0620 5028 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:43:00.0646 5028 uagp35 - ok
18:43:00.0757 5028 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:43:00.0866 5028 udfs - ok
18:43:00.0963 5028 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:43:01.0012 5028 UI0Detect - ok
18:43:01.0035 5028 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:43:01.0052 5028 uliagpkx - ok
18:43:01.0076 5028 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:43:01.0108 5028 umbus - ok
18:43:01.0126 5028 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:43:01.0169 5028 UmPass - ok
18:43:01.0189 5028 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
18:43:01.0234 5028 UmRdpService - ok
18:43:01.0260 5028 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:43:01.0375 5028 upnphost - ok
18:43:01.0466 5028 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:43:01.0483 5028 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
18:43:01.0483 5028 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
18:43:01.0536 5028 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:43:01.0568 5028 usbaudio - ok
18:43:01.0620 5028 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:43:01.0696 5028 usbccgp - ok
18:43:01.0733 5028 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:43:01.0762 5028 usbcir - ok
18:43:01.0835 5028 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:43:01.0879 5028 usbehci - ok
18:43:01.0923 5028 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:43:01.0967 5028 usbhub - ok
18:43:01.0986 5028 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:43:02.0004 5028 usbohci - ok
18:43:02.0042 5028 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:43:02.0074 5028 usbprint - ok
18:43:02.0114 5028 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:43:02.0145 5028 usbscan - ok
18:43:02.0183 5028 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:43:02.0238 5028 USBSTOR - ok
18:43:02.0250 5028 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:43:02.0283 5028 usbuhci - ok
18:43:02.0329 5028 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:43:02.0380 5028 usbvideo - ok
18:43:02.0450 5028 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:43:02.0516 5028 UxSms - ok
18:43:02.0565 5028 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:43:02.0594 5028 VaultSvc - ok
18:43:02.0676 5028 [ 6372EAA7CC0E8A2FC4BE7B3F2DE1ED62 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
18:43:02.0698 5028 VBoxDrv - ok
18:43:02.0787 5028 [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
18:43:02.0803 5028 VBoxNetAdp - ok
18:43:02.0813 5028 [ 89835A2F779979F1D545E40F36D737E0 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
18:43:02.0825 5028 VBoxNetFlt - ok
18:43:02.0855 5028 [ F9BD6CFF0376D1DADDB1CB2F794D9BC7 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:43:02.0867 5028 VBoxUSBMon - ok
18:43:02.0911 5028 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:43:02.0923 5028 vdrvroot - ok
18:43:03.0014 5028 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:43:03.0072 5028 vds - ok
18:43:03.0106 5028 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:43:03.0122 5028 vga - ok
18:43:03.0138 5028 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:43:03.0197 5028 VgaSave - ok
18:43:03.0237 5028 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:43:03.0292 5028 vhdmp - ok
18:43:03.0322 5028 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:43:03.0335 5028 viaide - ok
18:43:03.0458 5028 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:43:03.0508 5028 vmbus - ok
18:43:03.0541 5028 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:43:03.0593 5028 VMBusHID - ok
18:43:03.0626 5028 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:43:03.0686 5028 volmgr - ok
18:43:03.0815 5028 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:43:03.0890 5028 volmgrx - ok
18:43:03.0960 5028 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:43:03.0992 5028 volsnap - ok
18:43:04.0066 5028 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:43:04.0091 5028 vsmraid - ok
18:43:04.0278 5028 [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100 C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
18:43:04.0307 5028 VSPerfDrv100 - ok
18:43:04.0603 5028 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:43:04.0764 5028 VSS - ok
18:43:04.0800 5028 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:43:04.0861 5028 vwifibus - ok
18:43:04.0890 5028 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:43:04.0953 5028 vwififlt - ok
18:43:05.0149 5028 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:43:05.0191 5028 W32Time - ok
18:43:05.0229 5028 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:43:05.0288 5028 WacomPen - ok
18:43:05.0328 5028 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:43:05.0378 5028 WANARP - ok
18:43:05.0383 5028 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:43:05.0422 5028 Wanarpv6 - ok
18:43:05.0496 5028 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:43:05.0548 5028 wbengine - ok
18:43:05.0562 5028 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:43:05.0583 5028 WbioSrvc - ok
18:43:05.0608 5028 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:43:05.0657 5028 wcncsvc - ok
18:43:05.0676 5028 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:43:05.0719 5028 WcsPlugInService - ok
18:43:05.0734 5028 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:43:05.0746 5028 Wd - ok
18:43:05.0934 5028 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:43:05.0974 5028 Wdf01000 - ok
18:43:06.0016 5028 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:43:06.0122 5028 WdiServiceHost - ok
18:43:06.0127 5028 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:43:06.0147 5028 WdiSystemHost - ok
18:43:06.0217 5028 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:43:06.0312 5028 WebClient - ok
18:43:06.0378 5028 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:43:06.0499 5028 Wecsvc - ok
18:43:06.0542 5028 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:43:06.0621 5028 wercplsupport - ok
18:43:06.0651 5028 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:43:06.0703 5028 WerSvc - ok
18:43:06.0724 5028 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:43:06.0765 5028 WfpLwf - ok
18:43:06.0788 5028 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:43:06.0804 5028 WIMMount - ok
18:43:06.0827 5028 WinDefend - ok
18:43:06.0834 5028 WinHttpAutoProxySvc - ok
18:43:06.0943 5028 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:43:07.0002 5028 Winmgmt - ok
18:43:07.0398 5028 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:43:07.0471 5028 WinRM - ok
18:43:07.0559 5028 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:43:07.0605 5028 WinUsb - ok
18:43:07.0668 5028 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:43:07.0727 5028 Wlansvc - ok
18:43:07.0732 5028 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:43:07.0745 5028 WmiAcpi - ok
18:43:07.0792 5028 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:43:07.0848 5028 wmiApSrv - ok
18:43:07.0864 5028 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:43:07.0888 5028 WPCSvc - ok
18:43:07.0908 5028 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:43:07.0943 5028 WPDBusEnum - ok
18:43:07.0973 5028 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:43:08.0007 5028 ws2ifsl - ok
18:43:08.0056 5028 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:43:08.0111 5028 wscsvc - ok
18:43:08.0153 5028 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
18:43:08.0204 5028 WSDPrintDevice - ok
18:43:08.0211 5028 WSearch - ok
18:43:08.0447 5028 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:43:08.0504 5028 wuauserv - ok
18:43:08.0542 5028 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:43:08.0623 5028 WudfPf - ok
18:43:08.0658 5028 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:43:08.0683 5028 WUDFRd - ok
18:43:08.0718 5028 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:43:08.0748 5028 wudfsvc - ok
18:43:08.0816 5028 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:43:08.0864 5028 WwanSvc - ok
18:43:08.0910 5028 ================ Scan global ===============================
18:43:08.0920 5028 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:43:08.0961 5028 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
18:43:08.0975 5028 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
18:43:09.0004 5028 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:43:09.0045 5028 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:43:09.0050 5028 [Global] - ok
18:43:09.0051 5028 ================ Scan MBR ==================================
18:43:09.0079 5028 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk1\DR1
18:43:09.0280 5028 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
18:43:09.0280 5028 \Device\Harddisk1\DR1 - detected TDSS File System (1)
18:43:09.0286 5028 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:43:09.0512 5028 \Device\Harddisk0\DR0 - ok
18:43:09.0513 5028 ================ Scan VBR ==================================
18:43:09.0517 5028 [ 6C2738E7F7F3B3B7C5F11C0D131734BD ] \Device\Harddisk1\DR1\Partition1
18:43:09.0519 5028 \Device\Harddisk1\DR1\Partition1 - ok
18:43:09.0535 5028 [ 26502E5E709C356C1AF11BBC182DBB12 ] \Device\Harddisk1\DR1\Partition2
18:43:09.0538 5028 \Device\Harddisk1\DR1\Partition2 - ok
18:43:09.0541 5028 [ 79623ABDFBB438E94400FA1022207885 ] \Device\Harddisk0\DR0\Partition1
18:43:09.0543 5028 \Device\Harddisk0\DR0\Partition1 - ok
18:43:09.0547 5028 [ 2DC892443313CE58F1088D5C027A2571 ] \Device\Harddisk0\DR0\Partition2
18:43:09.0549 5028 \Device\Harddisk0\DR0\Partition2 - ok
18:43:09.0550 5028 ============================================================
18:43:09.0550 5028 Scan finished
18:43:09.0550 5028 ============================================================
18:43:09.0562 1576 Detected object count: 3
18:43:09.0562 1576 Actual detected object count: 3
18:44:11.0958 1576 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:11.0958 1576 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:11.0959 1576 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:11.0959 1576 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:11.0959 1576 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
18:44:11.0959 1576 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
18:44:25.0458 2508 Deinitialize success
|
|
16.12.2012, 14:24
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws"Code:
ATTFilter \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
Um das zu tun musst du den TDSS-Killer neu starten und einen neuen Scan machen. Wenn du danach die Ergebnisse siehst, stellst du bitte diesen Eintrag auf CURE bzw. DELETE (je nachdem was dir angeboten wird, alle anderen bitte auf SKIP lassen! ) und klickst dann unten rechts auf continue Starte Windows danach neu und mach wieder ein komplett neues Log mit dem TDSS-Killer. Wie immer wieder in CODE-Tags posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.12.2012, 17:53
| #14 |
| | Skype schreibt automatisch Sachen wie "wassws" Was bedeutet das? Code:
ATTFilter 17:48:37.0712 0776 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:48:37.0924 0776 ============================================================
17:48:37.0924 0776 Current date / time: 2012/12/18 17:48:37.0924
17:48:37.0924 0776 SystemInfo:
17:48:37.0924 0776
17:48:37.0924 0776 OS Version: 6.1.7601 ServicePack: 1.0
17:48:37.0924 0776 Product type: Workstation
17:48:37.0924 0776 ComputerName: BOMBERCHEN
17:48:37.0925 0776 UserName: Skywalk3r
17:48:37.0925 0776 Windows directory: C:\Windows
17:48:37.0925 0776 System windows directory: C:\Windows
17:48:37.0925 0776 Running under WOW64
17:48:37.0925 0776 Processor architecture: Intel x64
17:48:37.0925 0776 Number of processors: 4
17:48:37.0925 0776 Page size: 0x1000
17:48:37.0925 0776 Boot type: Normal boot
17:48:37.0925 0776 ============================================================
17:48:39.0211 0776 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:39.0230 0776 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:39.0238 0776 ============================================================
17:48:39.0238 0776 \Device\Harddisk1\DR1:
17:48:39.0238 0776 MBR partitions:
17:48:39.0238 0776 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3D7AD800
17:48:39.0238 0776 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x3D7AF94E, BlocksNum 0x36F56073
17:48:39.0238 0776 \Device\Harddisk0\DR0:
17:48:39.0238 0776 MBR partitions:
17:48:39.0238 0776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:48:39.0238 0776 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x24ACF800
17:48:39.0285 0776 ============================================================
17:48:39.0322 0776 C: <-> \Device\Harddisk1\DR1\Partition2
17:48:39.0341 0776 E: <-> \Device\Harddisk1\DR1\Partition1
17:48:39.0370 0776 F: <-> \Device\Harddisk0\DR0\Partition1
17:48:39.0376 0776 G: <-> \Device\Harddisk0\DR0\Partition2
17:48:39.0376 0776 ============================================================
17:48:39.0377 0776 Initialize success
17:48:39.0377 0776 ============================================================
17:48:46.0278 4680 ============================================================
17:48:46.0278 4680 Scan started
17:48:46.0278 4680 Mode: Manual; SigCheck; TDLFS;
17:48:46.0278 4680 ============================================================
17:48:47.0610 4680 ================ Scan system memory ========================
17:48:47.0611 4680 System memory - ok
17:48:47.0611 4680 ================ Scan services =============================
17:48:47.0726 4680 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:48:47.0854 4680 1394ohci - ok
17:48:47.0870 4680 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:48:47.0888 4680 ACPI - ok
17:48:47.0908 4680 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:48:48.0040 4680 AcpiPmi - ok
17:48:48.0303 4680 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:48:48.0328 4680 AdobeFlashPlayerUpdateSvc - ok
17:48:48.0401 4680 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:48:48.0439 4680 adp94xx - ok
17:48:48.0468 4680 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:48:48.0485 4680 adpahci - ok
17:48:48.0492 4680 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:48:48.0507 4680 adpu320 - ok
17:48:48.0524 4680 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:48:48.0679 4680 AeLookupSvc - ok
17:48:48.0739 4680 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:48:48.0806 4680 AFD - ok
17:48:48.0825 4680 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:48:48.0842 4680 agp440 - ok
17:48:48.0847 4680 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:48:48.0892 4680 ALG - ok
17:48:48.0898 4680 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:48:48.0910 4680 aliide - ok
17:48:48.0961 4680 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:48:49.0023 4680 AMD External Events Utility - ok
17:48:49.0027 4680 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:48:49.0039 4680 amdide - ok
17:48:49.0042 4680 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:48:49.0069 4680 AmdK8 - ok
17:48:49.0296 4680 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:48:49.0580 4680 amdkmdag - ok
17:48:49.0624 4680 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:48:49.0683 4680 amdkmdap - ok
17:48:49.0688 4680 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:48:49.0723 4680 AmdPPM - ok
17:48:49.0757 4680 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:48:49.0773 4680 amdsata - ok
17:48:49.0796 4680 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:48:49.0813 4680 amdsbs - ok
17:48:49.0822 4680 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:48:49.0835 4680 amdxata - ok
17:48:49.0852 4680 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:48:49.0997 4680 AppID - ok
17:48:50.0028 4680 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:48:50.0064 4680 AppIDSvc - ok
17:48:50.0072 4680 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:48:50.0129 4680 Appinfo - ok
17:48:50.0228 4680 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:48:50.0250 4680 Apple Mobile Device - ok
17:48:50.0293 4680 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:48:50.0332 4680 AppMgmt - ok
17:48:50.0352 4680 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:48:50.0374 4680 arc - ok
17:48:50.0383 4680 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:48:50.0400 4680 arcsas - ok
17:48:50.0535 4680 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:48:50.0600 4680 aspnet_state - ok
17:48:50.0627 4680 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:50.0709 4680 AsyncMac - ok
17:48:50.0731 4680 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:48:50.0742 4680 atapi - ok
17:48:50.0783 4680 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:48:50.0798 4680 AtiHDAudioService - ok
17:48:50.0821 4680 [ 7E2F5A758F63F80F8B03F889B4E6B19F ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:48:50.0833 4680 AtiHdmiService - ok
17:48:50.0873 4680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:48:50.0939 4680 AudioEndpointBuilder - ok
17:48:50.0947 4680 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:48:50.0986 4680 AudioSrv - ok
17:48:51.0011 4680 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
17:48:51.0022 4680 avmeject - ok
17:48:51.0045 4680 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:48:51.0133 4680 AxInstSV - ok
17:48:51.0171 4680 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:48:51.0237 4680 b06bdrv - ok
17:48:51.0257 4680 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:48:51.0309 4680 b57nd60a - ok
17:48:51.0334 4680 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:48:51.0382 4680 BDESVC - ok
17:48:51.0393 4680 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:48:51.0432 4680 Beep - ok
17:48:51.0481 4680 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:48:51.0555 4680 BFE - ok
17:48:51.0604 4680 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:48:51.0688 4680 BITS - ok
17:48:51.0699 4680 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:48:51.0723 4680 blbdrive - ok
17:48:51.0817 4680 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:48:51.0842 4680 Bonjour Service - ok
17:48:51.0865 4680 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:48:51.0895 4680 bowser - ok
17:48:51.0911 4680 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:48:51.0945 4680 BrFiltLo - ok
17:48:51.0966 4680 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:48:51.0981 4680 BrFiltUp - ok
17:48:52.0029 4680 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:48:52.0077 4680 BridgeMP - ok
17:48:52.0110 4680 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:48:52.0159 4680 Browser - ok
17:48:52.0215 4680 [ 91EB9C1FC4A4221CA3CCBD864F815C30 ] BrPar C:\Windows\System32\drivers\BrPar64a.sys
17:48:52.0238 4680 BrPar - ok
17:48:52.0256 4680 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:48:52.0330 4680 Brserid - ok
17:48:52.0344 4680 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:52.0383 4680 BrSerWdm - ok
17:48:52.0402 4680 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:52.0440 4680 BrUsbMdm - ok
17:48:52.0443 4680 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:52.0469 4680 BrUsbSer - ok
17:48:52.0490 4680 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:48:52.0530 4680 BTHMODEM - ok
17:48:52.0571 4680 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:48:52.0607 4680 bthserv - ok
17:48:52.0664 4680 catchme - ok
17:48:52.0680 4680 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:48:52.0740 4680 cdfs - ok
17:48:52.0765 4680 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:48:52.0797 4680 cdrom - ok
17:48:52.0821 4680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:48:52.0871 4680 CertPropSvc - ok
17:48:52.0899 4680 CFRMD - ok
17:48:52.0911 4680 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:48:52.0927 4680 circlass - ok
17:48:52.0948 4680 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:48:52.0965 4680 CLFS - ok
17:48:53.0060 4680 [ 5724D9ECBF2A378EBF85FDC3BDA01F98 ] CLPSLauncher C:\Program Files (x86)\Common Files\Comodo\launcher_service.exe
17:48:53.0072 4680 CLPSLauncher - ok
17:48:53.0106 4680 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:48:53.0117 4680 clr_optimization_v2.0.50727_32 - ok
17:48:53.0142 4680 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:48:53.0153 4680 clr_optimization_v2.0.50727_64 - ok
17:48:53.0233 4680 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:48:53.0333 4680 clr_optimization_v4.0.30319_32 - ok
17:48:53.0356 4680 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:48:53.0393 4680 clr_optimization_v4.0.30319_64 - ok
17:48:53.0413 4680 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:48:53.0439 4680 CmBatt - ok
17:48:53.0574 4680 [ 65FB5097D9EE7E3A99E932CFA0E4B344 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
17:48:53.0627 4680 cmdAgent - ok
17:48:53.0685 4680 [ 2D6DC31AA55BFF702519235DEF0DA68E ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
17:48:53.0709 4680 cmderd - ok
17:48:53.0734 4680 [ 919ACCC22ABDC1C3CA68326C0E5DEAF9 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
17:48:53.0758 4680 cmdGuard - ok
17:48:53.0773 4680 [ F8FECE0F1D44C4A58778083B00EEADAC ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
17:48:53.0784 4680 cmdHlp - ok
17:48:53.0811 4680 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:48:53.0823 4680 cmdide - ok
17:48:53.0859 4680 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:48:53.0889 4680 CNG - ok
17:48:53.0892 4680 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:48:53.0904 4680 Compbatt - ok
17:48:53.0931 4680 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:48:53.0967 4680 CompositeBus - ok
17:48:53.0983 4680 COMSysApp - ok
17:48:53.0997 4680 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:48:54.0009 4680 crcdisk - ok
17:48:54.0059 4680 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:48:54.0127 4680 CryptSvc - ok
17:48:54.0158 4680 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:48:54.0215 4680 CSC - ok
17:48:54.0249 4680 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:48:54.0307 4680 CscService - ok
17:48:54.0353 4680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:48:54.0440 4680 DcomLaunch - ok
17:48:54.0476 4680 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:48:54.0530 4680 defragsvc - ok
17:48:54.0551 4680 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:48:54.0596 4680 DfsC - ok
17:48:54.0621 4680 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:48:54.0667 4680 Dhcp - ok
17:48:54.0677 4680 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:48:54.0721 4680 discache - ok
17:48:54.0743 4680 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:48:54.0756 4680 Disk - ok
17:48:54.0780 4680 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:48:54.0834 4680 dmvsc - ok
17:48:54.0853 4680 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:48:54.0891 4680 Dnscache - ok
17:48:54.0904 4680 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:48:54.0960 4680 dot3svc - ok
17:48:54.0975 4680 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:48:55.0029 4680 DPS - ok
17:48:55.0235 4680 [ 1CBFEB6B8169C35A8B2D0E43131BA63D ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
17:48:55.0286 4680 DragonUpdater - ok
17:48:55.0322 4680 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:48:55.0349 4680 drmkaud - ok
17:48:55.0398 4680 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:48:55.0423 4680 dtsoftbus01 - ok
17:48:55.0459 4680 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:48:55.0484 4680 DXGKrnl - ok
17:48:55.0496 4680 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:48:55.0545 4680 EapHost - ok
17:48:55.0660 4680 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:48:55.0800 4680 ebdrv - ok
17:48:55.0831 4680 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:48:55.0876 4680 EFS - ok
17:48:55.0897 4680 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:48:55.0918 4680 elxstor - ok
17:48:55.0928 4680 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:48:55.0955 4680 ErrDev - ok
17:48:55.0985 4680 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:48:56.0043 4680 EventSystem - ok
17:48:56.0060 4680 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:48:56.0098 4680 exfat - ok
17:48:56.0117 4680 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:48:56.0166 4680 fastfat - ok
17:48:56.0200 4680 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:48:56.0241 4680 Fax - ok
17:48:56.0258 4680 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:48:56.0271 4680 fdc - ok
17:48:56.0291 4680 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:48:56.0326 4680 fdPHost - ok
17:48:56.0333 4680 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:48:56.0377 4680 FDResPub - ok
17:48:56.0399 4680 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:48:56.0411 4680 FileInfo - ok
17:48:56.0415 4680 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:48:56.0467 4680 Filetrace - ok
17:48:56.0486 4680 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:48:56.0499 4680 flpydisk - ok
17:48:56.0517 4680 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:48:56.0533 4680 FltMgr - ok
17:48:56.0587 4680 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:48:56.0640 4680 FontCache - ok
17:48:56.0675 4680 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:48:56.0686 4680 FontCache3.0.0.0 - ok
17:48:56.0695 4680 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:48:56.0709 4680 FsDepends - ok
17:48:56.0748 4680 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:48:56.0773 4680 Fs_Rec - ok
17:48:56.0804 4680 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:48:56.0842 4680 fvevol - ok
17:48:56.0869 4680 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
17:48:56.0922 4680 FWLANUSB - ok
17:48:56.0937 4680 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:48:56.0950 4680 gagp30kx - ok
17:48:56.0991 4680 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:48:57.0011 4680 GEARAspiWDM - ok
17:48:57.0077 4680 [ 31B5C233933CAF0FB1499F458F04FD9A ] GeekBuddyRSP C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
17:48:57.0113 4680 GeekBuddyRSP - ok
17:48:57.0150 4680 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:48:57.0194 4680 gpsvc - ok
17:48:57.0223 4680 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:48:57.0233 4680 hamachi - ok
17:48:57.0236 4680 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:48:57.0272 4680 hcw85cir - ok
17:48:57.0305 4680 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:48:57.0340 4680 HdAudAddService - ok
17:48:57.0375 4680 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:48:57.0413 4680 HDAudBus - ok
17:48:57.0430 4680 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:48:57.0456 4680 HidBatt - ok
17:48:57.0474 4680 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:48:57.0507 4680 HidBth - ok
17:48:57.0521 4680 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:48:57.0537 4680 HidIr - ok
17:48:57.0542 4680 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:48:57.0588 4680 hidserv - ok
17:48:57.0613 4680 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:48:57.0626 4680 HidUsb - ok
17:48:57.0634 4680 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:48:57.0687 4680 hkmsvc - ok
17:48:57.0711 4680 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:48:57.0743 4680 HomeGroupListener - ok
17:48:57.0775 4680 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:48:57.0826 4680 HomeGroupProvider - ok
17:48:57.0844 4680 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:48:57.0865 4680 HpSAMD - ok
17:48:57.0982 4680 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:48:58.0120 4680 HTTP - ok
17:48:58.0134 4680 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:48:58.0146 4680 hwpolicy - ok
17:48:58.0159 4680 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:48:58.0173 4680 i8042prt - ok
17:48:58.0203 4680 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:48:58.0222 4680 iaStorV - ok
17:48:58.0291 4680 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:48:58.0300 4680 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:48:58.0300 4680 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:48:58.0340 4680 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:48:58.0379 4680 idsvc - ok
17:48:58.0392 4680 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:48:58.0404 4680 iirsp - ok
17:48:58.0434 4680 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:48:58.0490 4680 IKEEXT - ok
17:48:58.0550 4680 [ C4E67D3037DC79E39D7136581A947F50 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
17:48:58.0569 4680 inspect - ok
17:48:58.0654 4680 [ 2B888BBDF6962E608A5E1A1D7A626ADF ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:48:58.0705 4680 IntcAzAudAddService - ok
17:48:58.0711 4680 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:48:58.0723 4680 intelide - ok
17:48:58.0734 4680 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:48:58.0762 4680 intelppm - ok
17:48:58.0782 4680 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:48:58.0831 4680 IPBusEnum - ok
17:48:58.0853 4680 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:48:58.0888 4680 IpFilterDriver - ok
17:48:58.0924 4680 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:48:58.0966 4680 iphlpsvc - ok
17:48:58.0985 4680 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:48:59.0012 4680 IPMIDRV - ok
17:48:59.0030 4680 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:48:59.0076 4680 IPNAT - ok
17:48:59.0148 4680 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:48:59.0166 4680 iPod Service - ok
17:48:59.0179 4680 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:48:59.0215 4680 IRENUM - ok
17:48:59.0236 4680 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:48:59.0248 4680 isapnp - ok
17:48:59.0265 4680 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:48:59.0282 4680 iScsiPrt - ok
17:48:59.0301 4680 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:48:59.0314 4680 kbdclass - ok
17:48:59.0331 4680 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:48:59.0360 4680 kbdhid - ok
17:48:59.0376 4680 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:48:59.0389 4680 KeyIso - ok
17:48:59.0422 4680 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:48:59.0451 4680 KSecDD - ok
17:48:59.0474 4680 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:48:59.0488 4680 KSecPkg - ok
17:48:59.0511 4680 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:48:59.0560 4680 ksthunk - ok
17:48:59.0606 4680 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:48:59.0688 4680 KtmRm - ok
17:48:59.0765 4680 [ 7D80A55B6D0C2A54728158E846F4696D ] L8042Kbd C:\Windows\system32\DRIVERS\L8042Kbd.sys
17:48:59.0788 4680 L8042Kbd - ok
17:48:59.0817 4680 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:48:59.0887 4680 LanmanServer - ok
17:48:59.0912 4680 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:48:59.0956 4680 LanmanWorkstation - ok
17:48:59.0980 4680 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:48:59.0992 4680 LHidFilt - ok
17:49:00.0021 4680 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:49:00.0074 4680 lltdio - ok
17:49:00.0099 4680 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:49:00.0155 4680 lltdsvc - ok
17:49:00.0183 4680 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:49:00.0231 4680 lmhosts - ok
17:49:00.0252 4680 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:49:00.0263 4680 LMouFilt - ok
17:49:00.0290 4680 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:49:00.0303 4680 LSI_FC - ok
17:49:00.0317 4680 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:49:00.0330 4680 LSI_SAS - ok
17:49:00.0340 4680 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:49:00.0353 4680 LSI_SAS2 - ok
17:49:00.0365 4680 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:49:00.0378 4680 LSI_SCSI - ok
17:49:00.0403 4680 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:49:00.0453 4680 luafv - ok
17:49:00.0515 4680 [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
17:49:00.0537 4680 LUsbFilt - ok
17:49:00.0701 4680 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:49:00.0732 4680 MDM - ok
17:49:00.0743 4680 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:49:00.0756 4680 megasas - ok
17:49:00.0767 4680 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:49:00.0784 4680 MegaSR - ok
17:49:00.0796 4680 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:49:00.0846 4680 MMCSS - ok
17:49:00.0868 4680 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:49:00.0920 4680 Modem - ok
17:49:00.0953 4680 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:49:00.0995 4680 monitor - ok
17:49:01.0012 4680 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:49:01.0027 4680 mouclass - ok
17:49:01.0121 4680 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:49:01.0225 4680 mouhid - ok
17:49:01.0266 4680 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:49:01.0291 4680 mountmgr - ok
17:49:01.0329 4680 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:49:01.0350 4680 MozillaMaintenance - ok
17:49:01.0359 4680 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:49:01.0378 4680 mpio - ok
17:49:01.0390 4680 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:49:01.0425 4680 mpsdrv - ok
17:49:01.0451 4680 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:49:01.0495 4680 MpsSvc - ok
17:49:01.0504 4680 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:49:01.0539 4680 MRxDAV - ok
17:49:01.0566 4680 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:49:01.0598 4680 mrxsmb - ok
17:49:01.0614 4680 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:49:01.0649 4680 mrxsmb10 - ok
17:49:01.0680 4680 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:49:01.0694 4680 mrxsmb20 - ok
17:49:01.0697 4680 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:49:01.0709 4680 msahci - ok
17:49:01.0726 4680 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:49:01.0740 4680 msdsm - ok
17:49:01.0744 4680 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:49:01.0768 4680 MSDTC - ok
17:49:01.0791 4680 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:49:01.0841 4680 Msfs - ok
17:49:01.0860 4680 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:49:01.0895 4680 mshidkmdf - ok
17:49:01.0924 4680 [ 0BBE794E0C54621CFA8ED9B5850BAAAE ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
17:49:01.0934 4680 MSHUSBVideo - ok
17:49:01.0951 4680 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:49:01.0962 4680 msisadrv - ok
17:49:01.0985 4680 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:49:02.0023 4680 MSiSCSI - ok
17:49:02.0027 4680 msiserver - ok
17:49:02.0054 4680 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:49:02.0112 4680 MSKSSRV - ok
17:49:02.0115 4680 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:49:02.0160 4680 MSPCLOCK - ok
17:49:02.0178 4680 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:49:02.0213 4680 MSPQM - ok
17:49:02.0231 4680 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:49:02.0249 4680 MsRPC - ok
17:49:02.0264 4680 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:49:02.0277 4680 mssmbios - ok
17:49:02.0351 4680 MSSQL$SQLEXPRESS - ok
17:49:02.0416 4680 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:49:02.0435 4680 MSSQLServerADHelper100 - ok
17:49:02.0443 4680 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:49:02.0481 4680 MSTEE - ok
17:49:02.0485 4680 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:49:02.0498 4680 MTConfig - ok
17:49:02.0509 4680 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:49:02.0521 4680 Mup - ok
17:49:02.0550 4680 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:49:02.0591 4680 napagent - ok
17:49:02.0628 4680 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:49:02.0684 4680 NativeWifiP - ok
17:49:02.0757 4680 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:49:02.0799 4680 NDIS - ok
17:49:02.0802 4680 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:49:02.0838 4680 NdisCap - ok
17:49:02.0861 4680 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:49:02.0896 4680 NdisTapi - ok
17:49:02.0905 4680 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:49:02.0940 4680 Ndisuio - ok
17:49:02.0959 4680 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:49:03.0007 4680 NdisWan - ok
17:49:03.0021 4680 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:49:03.0068 4680 NDProxy - ok
17:49:03.0085 4680 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:49:03.0135 4680 NetBIOS - ok
17:49:03.0157 4680 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:49:03.0195 4680 NetBT - ok
17:49:03.0209 4680 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:49:03.0223 4680 Netlogon - ok
17:49:03.0260 4680 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:49:03.0346 4680 Netman - ok
17:49:03.0392 4680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:03.0426 4680 NetMsmqActivator - ok
17:49:03.0450 4680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:03.0472 4680 NetPipeActivator - ok
17:49:03.0486 4680 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:49:03.0544 4680 netprofm - ok
17:49:03.0547 4680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:03.0558 4680 NetTcpActivator - ok
17:49:03.0561 4680 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:03.0573 4680 NetTcpPortSharing - ok
17:49:03.0576 4680 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:49:03.0588 4680 nfrd960 - ok
17:49:03.0619 4680 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:49:03.0667 4680 NlaSvc - ok
17:49:03.0682 4680 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:49:03.0724 4680 Npfs - ok
17:49:03.0734 4680 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:49:03.0780 4680 nsi - ok
17:49:03.0799 4680 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:49:03.0845 4680 nsiproxy - ok
17:49:03.0906 4680 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:49:03.0990 4680 Ntfs - ok
17:49:04.0004 4680 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:49:04.0054 4680 Null - ok
17:49:04.0080 4680 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:49:04.0094 4680 nvraid - ok
17:49:04.0130 4680 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:49:04.0145 4680 nvstor - ok
17:49:04.0164 4680 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:49:04.0178 4680 nv_agp - ok
17:49:04.0194 4680 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:49:04.0223 4680 ohci1394 - ok
17:49:04.0292 4680 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:49:04.0315 4680 ose - ok
17:49:04.0345 4680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:49:04.0402 4680 p2pimsvc - ok
17:49:04.0410 4680 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:49:04.0433 4680 p2psvc - ok
17:49:04.0451 4680 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:49:04.0481 4680 Parport - ok
17:49:04.0506 4680 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:49:04.0518 4680 partmgr - ok
17:49:04.0530 4680 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:49:04.0560 4680 PcaSvc - ok
17:49:04.0591 4680 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:49:04.0605 4680 pci - ok
17:49:04.0617 4680 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:49:04.0629 4680 pciide - ok
17:49:04.0639 4680 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:49:04.0654 4680 pcmcia - ok
17:49:04.0670 4680 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:49:04.0682 4680 pcw - ok
17:49:04.0697 4680 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:49:04.0757 4680 PEAUTH - ok
17:49:04.0814 4680 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:49:04.0890 4680 PeerDistSvc - ok
17:49:04.0946 4680 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:49:04.0980 4680 PerfHost - ok
17:49:05.0048 4680 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:49:05.0134 4680 pla - ok
17:49:05.0179 4680 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:49:05.0233 4680 PlugPlay - ok
17:49:05.0247 4680 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:49:05.0271 4680 PNRPAutoReg - ok
17:49:05.0289 4680 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:49:05.0304 4680 PNRPsvc - ok
17:49:05.0336 4680 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:49:05.0412 4680 PolicyAgent - ok
17:49:05.0447 4680 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:49:05.0493 4680 Power - ok
17:49:05.0516 4680 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:49:05.0553 4680 PptpMiniport - ok
17:49:05.0568 4680 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:49:05.0598 4680 Processor - ok
17:49:05.0632 4680 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:49:05.0693 4680 ProfSvc - ok
17:49:05.0709 4680 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:49:05.0735 4680 ProtectedStorage - ok
17:49:05.0757 4680 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:49:05.0819 4680 Psched - ok
17:49:05.0865 4680 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:49:05.0903 4680 ql2300 - ok
17:49:05.0913 4680 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:49:05.0927 4680 ql40xx - ok
17:49:05.0953 4680 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:49:05.0974 4680 QWAVE - ok
17:49:05.0990 4680 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:49:06.0008 4680 QWAVEdrv - ok
17:49:06.0014 4680 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:49:06.0049 4680 RasAcd - ok
17:49:06.0073 4680 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:49:06.0108 4680 RasAgileVpn - ok
17:49:06.0119 4680 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:49:06.0165 4680 RasAuto - ok
17:49:06.0184 4680 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:49:06.0220 4680 Rasl2tp - ok
17:49:06.0238 4680 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:49:06.0277 4680 RasMan - ok
17:49:06.0299 4680 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:49:06.0346 4680 RasPppoe - ok
17:49:06.0366 4680 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:49:06.0431 4680 RasSstp - ok
17:49:06.0453 4680 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:49:06.0490 4680 rdbss - ok
17:49:06.0506 4680 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:49:06.0536 4680 rdpbus - ok
17:49:06.0550 4680 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:49:06.0584 4680 RDPCDD - ok
17:49:06.0601 4680 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:49:06.0623 4680 RDPDR - ok
17:49:06.0635 4680 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:49:06.0686 4680 RDPENCDD - ok
17:49:06.0691 4680 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:49:06.0725 4680 RDPREFMP - ok
17:49:06.0758 4680 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:49:06.0804 4680 RDPWD - ok
17:49:06.0823 4680 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:49:06.0853 4680 rdyboost - ok
17:49:06.0884 4680 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:49:06.0965 4680 RemoteAccess - ok
17:49:06.0995 4680 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:49:07.0049 4680 RemoteRegistry - ok
17:49:07.0063 4680 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:49:07.0116 4680 RpcEptMapper - ok
17:49:07.0142 4680 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:49:07.0181 4680 RpcLocator - ok
17:49:07.0207 4680 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:49:07.0250 4680 RpcSs - ok
17:49:07.0289 4680 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
17:49:07.0299 4680 RRNetCap - ok
17:49:07.0302 4680 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
17:49:07.0312 4680 RRNetCapMP - ok
17:49:07.0356 4680 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
17:49:07.0381 4680 RsFx0103 - ok
17:49:07.0398 4680 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:49:07.0440 4680 rspndr - ok
17:49:07.0481 4680 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:49:07.0499 4680 RTL8167 - ok
17:49:07.0517 4680 RTL8192cu - ok
17:49:07.0541 4680 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:49:07.0568 4680 s3cap - ok
17:49:07.0587 4680 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:49:07.0602 4680 SamSs - ok
17:49:07.0680 4680 [ 0FE05DD9BBF0782E2BBF0977F2034616 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
17:49:07.0708 4680 SbieDrv - ok
17:49:07.0723 4680 [ C970C7B2FD2E811525D4578D50B535F5 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
17:49:07.0738 4680 SbieSvc - ok
17:49:07.0752 4680 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:49:07.0770 4680 sbp2port - ok
17:49:07.0789 4680 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:49:07.0835 4680 SCardSvr - ok
17:49:07.0848 4680 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:49:07.0899 4680 scfilter - ok
17:49:07.0939 4680 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:49:08.0018 4680 Schedule - ok
17:49:08.0044 4680 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:49:08.0077 4680 SCPolicySvc - ok
17:49:08.0094 4680 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:49:08.0138 4680 SDRSVC - ok
17:49:08.0151 4680 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:49:08.0202 4680 secdrv - ok
17:49:08.0221 4680 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:49:08.0255 4680 seclogon - ok
17:49:08.0277 4680 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:49:08.0327 4680 SENS - ok
17:49:08.0348 4680 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:49:08.0366 4680 SensrSvc - ok
17:49:08.0389 4680 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:49:08.0416 4680 Serenum - ok
17:49:08.0436 4680 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:49:08.0482 4680 Serial - ok
17:49:08.0502 4680 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:49:08.0541 4680 sermouse - ok
17:49:08.0571 4680 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:49:08.0635 4680 SessionEnv - ok
17:49:08.0648 4680 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:49:08.0669 4680 sffdisk - ok
17:49:08.0673 4680 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:49:08.0700 4680 sffp_mmc - ok
17:49:08.0703 4680 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:49:08.0722 4680 sffp_sd - ok
17:49:08.0725 4680 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:49:08.0739 4680 sfloppy - ok
17:49:08.0785 4680 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:49:08.0864 4680 SharedAccess - ok
17:49:08.0884 4680 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:49:08.0998 4680 ShellHWDetection - ok
17:49:09.0039 4680 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:49:09.0052 4680 SiSRaid2 - ok
17:49:09.0077 4680 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:49:09.0137 4680 SiSRaid4 - ok
17:49:09.0234 4680 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:49:09.0248 4680 SkypeUpdate - ok
17:49:09.0266 4680 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:49:09.0320 4680 Smb - ok
17:49:09.0346 4680 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:49:09.0375 4680 SNMPTRAP - ok
17:49:09.0397 4680 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:49:09.0409 4680 spldr - ok
17:49:09.0462 4680 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:49:09.0505 4680 Spooler - ok
17:49:09.0575 4680 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:49:09.0716 4680 sppsvc - ok
17:49:09.0730 4680 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:49:09.0766 4680 sppuinotify - ok
17:49:09.0817 4680 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:49:09.0843 4680 SQLAgent$SQLEXPRESS - ok
17:49:09.0919 4680 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:49:09.0941 4680 SQLBrowser - ok
17:49:09.0986 4680 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:49:10.0012 4680 SQLWriter - ok
17:49:10.0038 4680 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:49:10.0105 4680 srv - ok
17:49:10.0129 4680 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:49:10.0172 4680 srv2 - ok
17:49:10.0187 4680 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:49:10.0202 4680 srvnet - ok
17:49:10.0231 4680 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:49:10.0269 4680 SSDPSRV - ok
17:49:10.0277 4680 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:49:10.0317 4680 SstpSvc - ok
17:49:10.0328 4680 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:49:10.0340 4680 stexstor - ok
17:49:10.0384 4680 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:49:10.0431 4680 stisvc - ok
17:49:10.0462 4680 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:49:10.0488 4680 storflt - ok
17:49:10.0511 4680 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
17:49:10.0568 4680 StorSvc - ok
17:49:10.0596 4680 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:49:10.0614 4680 storvsc - ok
17:49:10.0619 4680 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:49:10.0631 4680 swenum - ok
17:49:10.0655 4680 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:49:10.0697 4680 swprv - ok
17:49:10.0755 4680 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:49:10.0846 4680 SysMain - ok
17:49:10.0860 4680 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:49:10.0879 4680 TabletInputService - ok
17:49:10.0899 4680 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:49:10.0949 4680 TapiSrv - ok
17:49:11.0002 4680 [ 048CFE7569D6ADCAB9349BB1A566A79E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
17:49:11.0024 4680 tbhsd - ok
17:49:11.0042 4680 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:49:11.0078 4680 TBS - ok
17:49:11.0145 4680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:49:11.0211 4680 Tcpip - ok
17:49:11.0232 4680 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:49:11.0268 4680 TCPIP6 - ok
17:49:11.0307 4680 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:49:11.0320 4680 tcpipreg - ok
17:49:11.0338 4680 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:49:11.0381 4680 TDPIPE - ok
17:49:11.0406 4680 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:49:11.0419 4680 TDTCP - ok
17:49:11.0432 4680 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:49:11.0467 4680 tdx - ok
17:49:11.0591 4680 [ A4D2CE94B028EF1E437CF4AC3D8FF26C ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
17:49:11.0641 4680 TeamViewer7 - ok
17:49:11.0685 4680 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:49:11.0697 4680 TermDD - ok
17:49:11.0723 4680 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:49:11.0781 4680 TermService - ok
17:49:11.0798 4680 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:49:11.0817 4680 Themes - ok
17:49:11.0829 4680 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:49:11.0864 4680 THREADORDER - ok
17:49:11.0874 4680 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:49:11.0931 4680 TrkWks - ok
17:49:11.0969 4680 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:49:12.0022 4680 TrustedInstaller - ok
17:49:12.0039 4680 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:49:12.0089 4680 tssecsrv - ok
17:49:12.0124 4680 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:49:12.0147 4680 TsUsbFlt - ok
17:49:12.0165 4680 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:49:12.0179 4680 TsUsbGD - ok
17:49:12.0214 4680 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:49:12.0259 4680 tunnel - ok
17:49:12.0272 4680 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:49:12.0284 4680 uagp35 - ok
17:49:12.0304 4680 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:49:12.0357 4680 udfs - ok
17:49:12.0383 4680 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:49:12.0416 4680 UI0Detect - ok
17:49:12.0446 4680 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:49:12.0459 4680 uliagpkx - ok
17:49:12.0480 4680 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:49:12.0503 4680 umbus - ok
17:49:12.0519 4680 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:49:12.0542 4680 UmPass - ok
17:49:12.0566 4680 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:49:12.0597 4680 UmRdpService - ok
17:49:12.0625 4680 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:49:12.0683 4680 upnphost - ok
17:49:12.0736 4680 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:49:12.0760 4680 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
17:49:12.0760 4680 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
17:49:12.0815 4680 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:49:12.0865 4680 usbaudio - ok
17:49:12.0890 4680 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:49:12.0920 4680 usbccgp - ok
17:49:12.0946 4680 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:49:12.0967 4680 usbcir - ok
17:49:13.0007 4680 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:49:13.0044 4680 usbehci - ok
17:49:13.0084 4680 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:49:13.0114 4680 usbhub - ok
17:49:13.0129 4680 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:49:13.0142 4680 usbohci - ok
17:49:13.0166 4680 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:49:13.0201 4680 usbprint - ok
17:49:13.0236 4680 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:49:13.0252 4680 usbscan - ok
17:49:13.0293 4680 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:49:13.0339 4680 USBSTOR - ok
17:49:13.0357 4680 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:49:13.0389 4680 usbuhci - ok
17:49:13.0439 4680 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:49:13.0490 4680 usbvideo - ok
17:49:13.0516 4680 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:49:13.0571 4680 UxSms - ok
17:49:13.0587 4680 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:49:13.0600 4680 VaultSvc - ok
17:49:13.0647 4680 [ 6372EAA7CC0E8A2FC4BE7B3F2DE1ED62 ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:49:13.0662 4680 VBoxDrv - ok
17:49:13.0691 4680 [ B996117F6202464A56901CBC13999FE2 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:49:13.0704 4680 VBoxNetAdp - ok
17:49:13.0719 4680 [ 89835A2F779979F1D545E40F36D737E0 ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
17:49:13.0732 4680 VBoxNetFlt - ok
17:49:13.0777 4680 [ F9BD6CFF0376D1DADDB1CB2F794D9BC7 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:49:13.0798 4680 VBoxUSBMon - ok
17:49:13.0832 4680 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:49:13.0850 4680 vdrvroot - ok
17:49:13.0873 4680 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:49:13.0914 4680 vds - ok
17:49:13.0931 4680 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:49:13.0947 4680 vga - ok
17:49:13.0952 4680 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:49:13.0996 4680 VgaSave - ok
17:49:14.0017 4680 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:49:14.0032 4680 vhdmp - ok
17:49:14.0042 4680 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:49:14.0054 4680 viaide - ok
17:49:14.0079 4680 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:49:14.0094 4680 vmbus - ok
17:49:14.0105 4680 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:49:14.0137 4680 VMBusHID - ok
17:49:14.0159 4680 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:49:14.0171 4680 volmgr - ok
17:49:14.0190 4680 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:49:14.0208 4680 volmgrx - ok
17:49:14.0228 4680 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:49:14.0244 4680 volsnap - ok
17:49:14.0262 4680 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:49:14.0276 4680 vsmraid - ok
17:49:14.0400 4680 [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100 C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
17:49:14.0411 4680 VSPerfDrv100 - ok
17:49:14.0468 4680 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:49:14.0584 4680 VSS - ok
17:49:14.0606 4680 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:49:14.0634 4680 vwifibus - ok
17:49:14.0650 4680 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:49:14.0678 4680 vwififlt - ok
17:49:14.0700 4680 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:49:14.0740 4680 W32Time - ok
17:49:14.0752 4680 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:49:14.0784 4680 WacomPen - ok
17:49:14.0818 4680 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:49:14.0894 4680 WANARP - ok
17:49:14.0917 4680 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:49:14.0951 4680 Wanarpv6 - ok
17:49:14.0988 4680 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:49:15.0052 4680 wbengine - ok
17:49:15.0073 4680 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:49:15.0094 4680 WbioSrvc - ok
17:49:15.0119 4680 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:49:15.0155 4680 wcncsvc - ok
17:49:15.0175 4680 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:49:15.0227 4680 WcsPlugInService - ok
17:49:15.0245 4680 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:49:15.0258 4680 Wd - ok
17:49:15.0311 4680 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:49:15.0358 4680 Wdf01000 - ok
17:49:15.0370 4680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:49:15.0446 4680 WdiServiceHost - ok
17:49:15.0450 4680 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:49:15.0469 4680 WdiSystemHost - ok
17:49:15.0482 4680 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:49:15.0515 4680 WebClient - ok
17:49:15.0532 4680 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:49:15.0588 4680 Wecsvc - ok
17:49:15.0608 4680 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:49:15.0664 4680 wercplsupport - ok
17:49:15.0684 4680 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:49:15.0721 4680 WerSvc - ok
17:49:15.0738 4680 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:49:15.0772 4680 WfpLwf - ok
17:49:15.0788 4680 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:49:15.0802 4680 WIMMount - ok
17:49:15.0816 4680 WinDefend - ok
17:49:15.0823 4680 WinHttpAutoProxySvc - ok
17:49:15.0877 4680 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:49:15.0939 4680 Winmgmt - ok
17:49:16.0008 4680 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:49:16.0116 4680 WinRM - ok
17:49:16.0181 4680 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:49:16.0228 4680 WinUsb - ok
17:49:16.0259 4680 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:49:16.0304 4680 Wlansvc - ok
17:49:16.0308 4680 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:49:16.0321 4680 WmiAcpi - ok
17:49:16.0345 4680 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:49:16.0371 4680 wmiApSrv - ok
17:49:16.0387 4680 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:49:16.0411 4680 WPCSvc - ok
17:49:16.0431 4680 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:49:16.0465 4680 WPDBusEnum - ok
17:49:16.0488 4680 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:49:16.0523 4680 ws2ifsl - ok
17:49:16.0534 4680 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:49:16.0566 4680 wscsvc - ok
17:49:16.0612 4680 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:49:16.0660 4680 WSDPrintDevice - ok
17:49:16.0667 4680 WSearch - ok
17:49:16.0757 4680 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:49:16.0868 4680 wuauserv - ok
17:49:16.0892 4680 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:49:16.0935 4680 WudfPf - ok
17:49:16.0962 4680 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:49:16.0997 4680 WUDFRd - ok
17:49:17.0030 4680 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:49:17.0071 4680 wudfsvc - ok
17:49:17.0096 4680 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:49:17.0156 4680 WwanSvc - ok
17:49:17.0194 4680 ================ Scan global ===============================
17:49:17.0210 4680 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:49:17.0246 4680 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:49:17.0252 4680 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:49:17.0271 4680 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:49:17.0289 4680 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:49:17.0291 4680 [Global] - ok
17:49:17.0292 4680 ================ Scan MBR ==================================
17:49:17.0313 4680 [ 8E734BD7AA1D4F7E9AF58DF495F6CF9E ] \Device\Harddisk1\DR1
17:49:17.0462 4680 \Device\Harddisk1\DR1 - ok
17:49:17.0464 4680 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:49:17.0688 4680 \Device\Harddisk0\DR0 - ok
17:49:17.0689 4680 ================ Scan VBR ==================================
17:49:17.0702 4680 [ 6C2738E7F7F3B3B7C5F11C0D131734BD ] \Device\Harddisk1\DR1\Partition1
17:49:17.0704 4680 \Device\Harddisk1\DR1\Partition1 - ok
17:49:17.0724 4680 [ 26502E5E709C356C1AF11BBC182DBB12 ] \Device\Harddisk1\DR1\Partition2
17:49:17.0726 4680 \Device\Harddisk1\DR1\Partition2 - ok
17:49:17.0730 4680 [ 79623ABDFBB438E94400FA1022207885 ] \Device\Harddisk0\DR0\Partition1
17:49:17.0732 4680 \Device\Harddisk0\DR0\Partition1 - ok
17:49:17.0735 4680 [ 2DC892443313CE58F1088D5C027A2571 ] \Device\Harddisk0\DR0\Partition2
17:49:17.0737 4680 \Device\Harddisk0\DR0\Partition2 - ok
17:49:17.0738 4680 ============================================================
17:49:17.0738 4680 Scan finished
17:49:17.0738 4680 ============================================================
17:49:17.0752 4056 Detected object count: 2
17:49:17.0752 4056 Actual detected object count: 2
17:49:22.0102 4056 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:49:22.0102 4056 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:49:22.0102 4056 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
17:49:22.0102 4056 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:49:24.0390 0992 Deinitialize success
|
|
18.12.2012, 23:05
| #15 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Skype schreibt automatisch Sachen wie "wassws"Zitat:
 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Skype schreibt automatisch Sachen wie "wassws" |
| automatisch, chat, computer, einfach, freund, kaspersky, keylogger, klicke, nichts, notfall, problem, probleme, sache, sachen, scan, scanner, schonmal, schreibt automatisch, skype, suche, thema, trojaner-board, verhältnis, viren, virenscan, virenscanner, woche, wochen |
Textbox von OTL - wenn OTL auf deutsch ist wird sie mit 
beschriftet
.
Linear-Darstellung
