| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc gesperrt.Zahle 100 Euro.Was nun?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.12.2012, 15:17
| #1 |
 |  Pc gesperrt.Zahle 100 Euro.Was nun? Hallo zusammen, erstmal möchte ich sagen das ich es klasse finde das es sowas gibt. Also folgendes Problem. Ich starte eben meinen PC und auf einmal ist dort ein Bild von irgendeinem Amt für Datensicherheit oder sowas wo steht das mein Rechner gesperrt wurde. Direkt daneben rechts in der Ecke ein Feld wo ich per Paysafcard 100 Euro bezahlen soll damit mein Rechner wieder funktioniert. Ich kam aus diesem Fenster nicht mehr raus und es ließ sich auch nicht weg klicken. Also habe ich mich abgemeldet,den Abmeldeversuch abgebrochen und so konnte ich das Fenster und das abmelden umgehen. Nun sitze ich hier lasse den Antivir laufen obwohl ich nicht glaube das er dieses Problem bereinigt. Ich bin nicht sehr Erfahren was Pcs angeht deswegen hoffe ich hier auf Hilfe die ich auch verstehe. Danke schon mal im Vorraus für alle eure Mühen. lg Jack |
|
27.12.2012, 16:24
| #2 |
| /// Malware-holic   | Pc gesperrt.Zahle 100 Euro.Was nun? Hi,
__________________1. poste das avira log. 2. Kommst du an einen PC mit Brenner? download: ISO Burner Download - ISO Burner 2.5 isoburner anleitung: http://www.trojaner-board.de/83208-b...ei-cd-dvd.html • Wenn der Download fertig ist mache ein doppel Klick auf die OTLPENet.exe, was ISOBurner öffnet um es auf die CD zu brennen. Starte dein System neu und boote von der CD die du gerade erstellt hast. Wenn du nicht weist wie du deinen Computer dazu bringst von der CD zu booten, http://www.trojaner-board.de/81857-c...cd-booten.html • Dein System sollte jetzt einen REATOGO-X-PE Desktop anzeigen. • Mache einen doppel Klick auf das OTLPE Icon. • Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes. • Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes. • entferne den haken bei "Automatically Load All Remaining Users" wenn er gesetzt ist. • OTL sollte nun starten. Kopiere nun den Inhalt in die  Textbox. Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
• Wenn er fertig ist werden die Dateien in C:\otl.txt gesichert • Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast. poste beide logs
__________________ |
|
27.12.2012, 21:59
| #3 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? erstmal vielen Dank für deine schnelle Antwort.Ich habe es schon anders hin bekommen aber vielen Dank für deine Hilfe.
__________________der Trojaner wurde doch nicht gelöscht.Dann waren die 6 Stunden Arbeit gestern um sonst.Also werde ich heute deine Version ausprobieren Markus. Hallo Markus,leider besteht der Fehler noch immer meine Variante hat also nicht funtkioniert also werde ich nun deine testen.Danke schon mal im Vorraus Was sind Logs?Und was soll ich mit dem Text den du da gepostet hast? |
|
28.12.2012, 15:22
| #4 |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? Steht ja eig da, du sollst den Inhalt der Codebox in die OTL Textbox kopieren, und die Berichte dann hier posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.12.2012, 16:01
| #5 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? OTL Logfile: Code:
ATTFilter OTL logfile created on: 12/28/2012 1:53:59 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931.51 Gb Total Space | 570.34 Gb Free Space | 61.23% Space Free | Partition Type: NTFS
Drive D: | 736.20 Gb Total Space | 488.61 Gb Free Space | 66.37% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 354.92 Gb Free Space | 38.10% Space Free | Partition Type: NTFS
Drive F: | 7.45 Gb Total Space | 7.40 Gb Free Space | 99.29% Space Free | Partition Type: FAT32
Drive H: | 195.31 Gb Total Space | 195.22 Gb Free Space | 99.95% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012/03/26 11:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 11:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/06 19:47:10 | 000,191,000 | ---- | M] (Logitech Inc.) [Auto] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/10/17 17:07:00 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/09 04:49:12 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/10/02 17:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 06:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/19 11:08:04 | 000,738,152 | ---- | M] (Tunngle.net GmbH) [On_Demand] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/06/25 19:06:27 | 000,076,888 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/02/23 05:40:40 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2011/08/17 10:52:04 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011/08/14 07:18:20 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/09/29 11:47:00 | 004,032,992 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/07/28 12:05:34 | 000,472,664 | ---- | M] (PacketVideo) [Auto] -- C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe -- (TwonkyMedia)
SRV - [2010/05/28 10:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/02 06:26:12 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/08/06 00:51:20 | 000,065,536 | ---- | M] () [Auto] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
SRV - [2009/07/16 10:04:16 | 000,316,664 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/23 01:46:12 | 000,081,920 | ---- | M] (FirebirdSQL Project) [Auto] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008/04/23 01:46:08 | 002,015,232 | ---- | M] (FirebirdSQL Project) [On_Demand] -- C:\Program Files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2006/12/19 03:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/07/30 06:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012/07/03 10:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/05/11 00:34:14 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/03/20 13:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/15 04:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/05/29 08:36:24 | 000,828,912 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/03/22 10:57:20 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/24 05:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009/11/20 06:16:02 | 000,177,152 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009/11/20 06:15:58 | 000,075,776 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009/10/29 03:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009/10/07 02:49:28 | 006,379,288 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvuvc64.sys -- (LVUVC64) Logitech QuickCam E3500(UVC)
DRV:64bit: - [2009/10/07 02:47:46 | 000,327,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2009/10/06 19:45:50 | 000,030,232 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009/09/16 01:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/07/13 19:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/13 18:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 15:35:20 | 000,278,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/04/29 09:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009/03/18 09:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2012/09/10 10:34:11 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\Windows\SysWOW64\drivers\lirsgt.sys -- (lirsgt)
DRV - [2012/07/28 04:05:56 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2004/12/31 01:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alex_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\Alex_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKU\Alex_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Alex_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Alex_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F9 59 24 09 F7 B4 CB 01 [binary data]
IE - HKU\Alex_ON_C\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - Reg Error: Key error. File not found
IE - HKU\Alex_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alex_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_4_402_287.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.104.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.116.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.96.0: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Alex\AppData\Roaming\ProtectDISC\License Helper v2\NPPDLicenseHelper.dll ( )
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Alex\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: File not found
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/10/17 17:07:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Extensions\ideskbrowser@haufe.de
[2011/11/12 15:44:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\2zh6uscq.default\extensions
[2011/11/12 15:44:15 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\2zh6uscq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/10/11 13:59:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hcr05ihw.default\extensions
[2012/09/27 03:39:15 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\hcr05ihw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/10/17 17:06:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/17 17:07:00 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/11/04 22:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/30 04:56:16 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/11/04 22:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/04 22:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/04 22:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/11/04 22:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010/10/10 12:49:34 | 000,000,828 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\Alex_ON_C\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKU\Alex_ON_C..\Run: [BitTorrent DNA] C:\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKU\Alex_ON_C..\Run: [Facebook Update] C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Alex_ON_C..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\Alex_ON_C..\Run: [Logitech Vid] C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe (Logitech Inc.)
O4 - HKU\Alex_ON_C..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\LocalService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [mctadmin] File not found
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyManager.lnk ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Alex_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpFolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Deer Hunter 2005 Registration.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk - - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk - C:\Program Files (x86)\LimeWire\LimeWire.exe - (Lime Wire, LLC)
MsConfig:64bit - StartUpReg: 8DDYX0ZBPZ - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: DW6 - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: EADM - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Alex\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: JMB36X IDE Setup - hkey= - key= - C:\Windows\RaidTool\xInsIDE.exe ()
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RGSC - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: spdetector3 - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\program files (x86)\steam\steam.exe (Valve Corporation)
MsConfig:64bit - State: "startup" - 2
MsConfig:64bit - State: "services" - 2
========== Files/Folders - Created Within 30 Days ==========
[2012/12/27 10:41:06 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012/04/09 09:51:25 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Alex\AppData\Roaming\pcouffin.sys
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/12/20 04:18:59 | 000,000,790 | ---- | M] () -- C:\Users\Alex\Desktop\CCleaner.lnk
[2012/12/11 04:58:32 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\ViewNX 2.lnk
[6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/09/10 05:16:54 | 000,018,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\lirsgt.sys
[2012/06/25 19:06:25 | 003,166,792 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/06/08 17:16:12 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv6
[2012/04/09 09:51:25 | 000,099,384 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\inst.exe
[2012/04/09 09:51:25 | 000,007,859 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\pcouffin.cat
[2012/04/09 09:51:25 | 000,001,167 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\pcouffin.inf
[2012/01/08 08:25:16 | 000,003,584 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/15 09:52:03 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2011/10/14 09:42:27 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MAS
[2011/10/14 09:42:27 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Licenses
[2011/10/14 09:42:27 | 000,000,012 | RH-- | C] () -- C:\ProgramData\NetServices
[2011/10/14 09:42:04 | 000,000,000 | ---- | C] () -- C:\ProgramData\Licenses
[2011/10/14 09:42:02 | 000,000,000 | ---- | C] () -- C:\ProgramData\Legacy
[2011/09/23 19:40:03 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\MIDI Configurations
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Logs
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Light Machine
[2011/09/23 07:06:53 | 000,000,268 | RH-- | C] () -- C:\Users\Alex\AppData\Roaming\Libraries
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/09/23 07:06:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/09/23 07:06:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Organic
[2011/09/23 07:06:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Nature
[2011/09/11 05:45:09 | 000,001,982 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\logs.dat
[2011/08/25 15:46:17 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011/08/13 15:40:27 | 000,141,736 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/06/30 09:23:49 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011/06/30 09:19:01 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2011/02/12 18:47:50 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/01/06 16:19:00 | 000,000,061 | -HS- | C] () -- C:\Windows\cnerolf.dat
[2010/12/17 22:50:52 | 000,552,960 | ---- | C] () -- C:\Windows\SysWow64\FS2AUDIO.dll
[2010/10/14 17:11:40 | 000,000,439 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\TheHunterSettings_live.bin
[2010/10/14 17:07:13 | 000,000,043 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\TheHunterSettings_live.cfg
[2010/10/04 14:11:38 | 000,000,082 | ---- | C] () -- C:\Users\Alex\AppData\Local\X-Plane Installer.prf
[2010/10/04 05:22:35 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010/09/26 04:31:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/09 15:29:23 | 001,648,546 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/07/01 15:55:13 | 002,444,656 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_apb.exe
[2010/06/26 14:09:25 | 000,000,090 | -HS- | C] () -- C:\Windows\cnerolf.bin
[2010/06/23 19:25:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010/06/18 16:14:32 | 000,000,133 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\default.pls
[2010/06/08 11:31:45 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\prospeed_bmp2jpg.dll
[2010/06/04 03:31:44 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/06/03 10:15:29 | 000,007,867 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/05/29 08:31:34 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/05/29 07:27:52 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/05/29 07:27:51 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/05/29 07:27:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/05/28 16:17:57 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/01/15 19:15:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2006/04/21 03:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll
========== LOP Check ==========
[2012/07/20 19:21:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\.mono
[2012/06/18 02:50:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\1&1
[2011/10/14 14:16:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AKVIS
[2012/08/13 13:15:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AnvSoft
[2010/09/15 12:44:53 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ArmA II Launcher
[2010/06/30 18:27:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\astragon Software GmbH
[2012/05/24 04:32:30 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Atari
[2012/05/13 06:34:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Audacity
[2011/11/07 12:02:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BF3CC
[2012/08/10 08:27:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BitTorrent
[2010/10/04 15:44:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BlackBean
[2011/04/08 06:39:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Bridge!
[2012/08/19 04:17:26 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Broad Intelligence
[2011/06/26 12:59:17 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BuddyW
[2010/11/12 10:41:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ChartViewer
[2010/05/29 08:45:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2011/07/11 09:48:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Day 1 Studios
[2012/09/21 19:00:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1
[2012/10/18 10:05:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DNA
[2012/09/29 13:00:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoft
[2012/08/19 04:25:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/09/20 03:33:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Freemium
[2011/10/13 01:42:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2011/06/19 10:46:08 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Gutscheinmieze
[2012/08/24 07:01:57 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Haufe Mediengruppe
[2010/07/24 10:29:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\HU2011
[2012/05/27 19:32:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Kalypso Media
[2010/07/15 12:01:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Laix
[2010/11/18 17:37:18 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012/03/16 16:42:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\lennox
[2012/08/24 06:55:26 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Lexware
[2011/09/29 20:57:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LimeWire
[2012/06/07 11:09:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Lockheed Martin
[2010/07/16 12:27:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Metaversum
[2012/08/13 12:51:19 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MOVAVI
[2012/06/23 09:05:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MyPhoneExplorer
[2010/07/28 02:34:33 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Need for Speed World
[2011/09/29 11:35:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nikon
[2011/05/29 17:04:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Notepad++
[2012/08/10 14:29:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Origin
[2010/12/07 09:11:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ProtectDISC
[2010/08/26 09:38:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Quest3D
[2010/12/12 13:32:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\RapidCRC
[2010/05/29 09:21:43 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\RigNRoll_ger
[2010/08/26 09:38:31 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Roaming
[2010/09/04 16:46:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\six-rsync
[2010/11/17 11:50:40 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\six-updater
[2010/09/04 18:06:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Spirited Machine
[2011/01/23 18:33:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sytexis Software
[2012/03/11 07:51:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2011/01/25 16:10:00 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Thunderbird
[2012/08/04 06:16:28 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TS3Client
[2011/11/13 02:19:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ts3overlay
[2012/08/14 08:32:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Tunngle
[2012/06/25 18:59:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2012/07/12 17:28:44 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Unity
[2012/06/07 11:07:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\VAT-Spy
[2012/06/07 11:18:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Virtuali
[2012/04/09 10:09:09 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Vso
[2010/12/28 13:49:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\wargaming.net
[2012/04/28 06:17:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\YoudaGames
[2012/07/20 19:21:18 | 000,000,000 | ---D | M] -- C:\ProgramData\.mono
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011/12/18 07:15:41 | 000,000,000 | ---D | M] -- C:\ProgramData\ClubSanDisk
[2011/09/21 17:59:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Codemasters
[2011/01/23 10:24:07 | 000,000,000 | ---D | M] -- C:\ProgramData\createpart
[2010/05/29 08:42:33 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2010/12/07 09:11:24 | 000,000,000 | ---D | M] -- C:\ProgramData\DATA BECKER Downloads
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2010/10/12 12:20:17 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2010/05/29 05:21:14 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Core
[2012/02/24 18:11:39 | 000,000,000 | ---D | M] -- C:\ProgramData\EA Logs
[2011/09/29 21:26:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Electronic Arts
[2011/09/23 07:06:53 | 000,000,000 | ---D | M] -- C:\ProgramData\EnterNHelp
[2012/09/07 05:35:18 | 000,000,000 | ---D | M] -- C:\ProgramData\Esellerate
[2011/01/23 10:17:09 | 000,000,000 | ---D | M] -- C:\ProgramData\explauncher
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2012/08/24 06:52:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Haufe
[2010/10/14 15:35:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Hunter
[2012/04/28 06:17:29 | 000,000,000 | ---D | M] -- C:\ProgramData\Intenium
[2011/01/23 10:17:08 | 000,000,000 | ---D | M] -- C:\ProgramData\launcher
[2012/08/24 06:55:44 | 000,000,000 | ---D | M] -- C:\ProgramData\Lexware
[2011/09/23 19:40:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Nikon
[2012/03/16 17:01:03 | 000,000,000 | ---D | M] -- C:\ProgramData\OMSI AM
[2012/09/22 17:01:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Origin
[2011/10/21 20:22:32 | 000,000,000 | ---D | M] -- C:\ProgramData\RELOADED
[2011/12/03 18:33:56 | 000,000,000 | ---D | M] -- C:\ProgramData\ROCCAT
[2011/07/01 11:55:30 | 000,000,000 | ---D | M] -- C:\ProgramData\ScanSoft
[2010/06/26 09:58:56 | 000,000,000 | ---D | M] -- C:\ProgramData\SEGA Corporation
[2011/09/30 10:51:48 | 000,000,000 | ---D | M] -- C:\ProgramData\sgs
[2011/08/14 05:23:20 | 000,000,000 | ---D | M] -- C:\ProgramData\Solidshield
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2012/10/16 17:09:17 | 000,000,000 | ---D | M] -- C:\ProgramData\TEMP
[2012/08/29 14:58:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Tunngle
[2012/10/18 10:39:32 | 000,000,000 | ---D | M] -- C:\ProgramData\twonkymedia
[2010/05/29 07:42:00 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2011/09/23 07:06:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultima_T15
[2012/01/08 08:24:08 | 000,000,000 | ---D | M] -- C:\ProgramData\VideoConverter
[2012/06/07 11:14:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Virtuali
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/04/09 10:03:14 | 000,000,000 | ---D | M] -- C:\ProgramData\vsosdk
[2010/06/21 13:53:15 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/10/17 16:40:01 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4073651736-2417090932-1084573536-1001Core.job
[2012/10/18 07:40:01 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4073651736-2417090932-1084573536-1001UA.job
[2012/10/18 10:39:05 | 000,000,310 | -HS- | M] () -- C:\Windows\Tasks\fsiyim.job
[2012/09/19 10:42:50 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012/11/15 10:09:59 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010/09/04 16:42:31 | 000,000,000 | ---D | M] -- C:\.gem
[2011/10/15 11:53:18 | 000,000,000 | -HSD | M] -- C:\Boot
[2012/12/23 18:06:54 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012/11/15 10:28:05 | 000,000,000 | ---D | M] -- C:\DOSBox-0.72
[2012/08/23 05:53:56 | 000,000,000 | ---D | M] -- C:\Games
[2010/05/21 07:56:20 | 000,000,000 | ---D | M] -- C:\Intel
[2012/12/27 16:06:19 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2010/07/15 13:29:22 | 000,000,000 | ---D | M] -- C:\Lichterfelde
[2011/04/17 05:06:20 | 000,000,000 | ---D | M] -- C:\m-r-software
[2012/12/20 18:17:09 | 000,000,000 | -H-D | M] -- C:\msdownld.tmp
[2010/06/13 04:13:46 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012/05/05 05:17:16 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2009/07/13 22:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/10/01 14:38:55 | 000,000,000 | ---D | M] -- C:\Planer2
[2012/09/07 07:34:40 | 000,000,000 | ---D | M] -- C:\Program Files
[2012/11/22 07:55:02 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012/10/09 05:02:16 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010/07/15 11:27:19 | 000,000,000 | ---D | M] -- C:\ProgramData (x86)
[2010/05/28 16:17:28 | 000,000,000 | -HSD | M] -- C:\Programme
[2010/10/02 04:33:17 | 000,000,000 | ---D | M] -- C:\Python26
[2010/05/28 16:17:57 | 000,000,000 | ---D | M] -- C:\RaidTool
[2010/05/28 16:17:29 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/09/06 15:49:29 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012/10/05 02:50:07 | 000,000,000 | ---D | M] -- C:\temp
[2010/06/03 10:29:45 | 000,000,000 | ---D | M] -- C:\TempDump
[2011/09/11 05:45:09 | 000,000,000 | ---D | M] -- C:\timer2tray
[2010/11/20 18:15:10 | 000,000,000 | ---D | M] -- C:\tmp
[2012/08/04 20:21:49 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2012/02/24 06:47:30 | 000,000,000 | R--D | M] -- C:\Users
[2012/10/16 21:01:17 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 20:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 20:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 20:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\System32\cngaudit.dll
[2009/07/13 20:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
< MD5 for: EXPLORER.EXE >
[2011/02/26 01:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2010/02/18 03:03:10 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 01:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 01:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/10/26 01:46:20 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/02/18 03:03:10 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/10/26 01:46:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 08:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010/02/18 03:03:10 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/10/26 01:46:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 20:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2010/02/18 03:03:10 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 01:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/10/26 01:46:20 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
< MD5 for: IASTOR.SYS >
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\OemDrv\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\drivers\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b03f80929ac23556\iaStor.sys
[2009/10/02 06:58:58 | 000,537,112 | ---- | M] (Intel Corporation) MD5=631FA8935163B01FC0C02966CB3ADB92 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_amd64_neutral_093f326ff5f9285e\iaStor.sys
[2009/10/02 06:40:50 | 000,432,664 | ---- | M] (Intel Corporation) MD5=D5EDB998656E6ECF1A17C78DAB019A3C -- C:\Windows\Drivers\iastor\iaStor.sys
< MD5 for: IASTORV.SYS >
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 08:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 01:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 01:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 01:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 01:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 20:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009/07/13 20:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\System32\netlogon.dll
[2010/11/20 08:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2009/07/13 20:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 01:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 01:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 01:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 01:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 08:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
< MD5 for: SCECLI.DLL >
[2009/07/13 20:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 20:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/20 07:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\System32\scecli.dll
[2010/11/20 08:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: USER32.DLL >
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/20 07:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 20:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 20:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\System32\user32.dll
[2010/11/20 08:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 20:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\System32\userinit.exe
[2010/11/20 08:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\System32\winlogon.exe
[2010/11/20 08:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 20:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2010/02/18 03:03:10 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2010/02/18 03:03:10 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 19:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Alternate Data Streams ==========
@Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:0BB9B46A
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:74603393
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:054B9966
< End of report >
Das ist die Log Datei.Aber das Problem scheint noch zu bestehen ich kann den Task Manager immer noch nicht aufrufen! |
|
28.12.2012, 18:54
| #6 |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? hast du jetzt schon selbst was am pc gemurkst? da dort rescue disk etc drauf ist und ich keinen aktieven Starteintrag für ransomware sehe. kannst du in den normalen Modus? hast du noch mit nem anderen Programm gelöscht? dann poste die Berichte, und fummel nicht mehr selbst am PC rumm.
__________________ --> Pc gesperrt.Zahle 100 Euro.Was nun? |
|
28.12.2012, 18:58
| #7 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? Ja hatte ich ja auch oben geschrieben.Hatte es mit einer Rescue CD von Kasperky probiert aber das hat ja nicht geklappt.Direkt danach habe ich deine Variante ausprobiert. Allerdings kam diese Sache"Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes." bei mir nicht vor.Danach das alles schon.Bisher scheint auch alles zu gehen.Den Taskmanager bekomme ich auch auf.!Sonst habe ich nix verändert |
|
28.12.2012, 19:05
| #8 |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? du hast gesagt, du hast mit Avira geprüft, wo ist der Bericht bzw die fundmeldungen? hast du nun Zugriff aufs system, wenn du normal startest? wenn ja: download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten ps avira Funde finden: http://www.trojaner-board.de/125889-...en-posten.html
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
28.12.2012, 19:12
| #9 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? Nein schau mal ich habe das hier geschrieben "erstmal vielen Dank für deine schnelle Antwort.Ich habe es schon anders hin bekommen aber vielen Dank für deine Hilfe. der Trojaner wurde doch nicht gelöscht.Dann waren die 6 Stunden Arbeit gestern um sonst.Also werde ich heute deine Version ausprobieren Markus. " Danach hatte ich deine Version ausprobiert.Ja ich bin ganz normal im System drin.Das ging alles auch von meinem Rechner und zwar so.Während der PC bzw.der Bildschirm gesperrt war habe ich STRG+ALT+ENTF geklickt und auf Abmelden geklickt.IN dem MOment wo er sich abmelden will habe ich abbrechen geklickt und dann war die Seite weg und ich konnte normal im Windows weiter machen. Okay dann mache ich jetzt die restlichen Schritte die du mir hier geschrieben hast.Vielen Dank schon mal für deine Hilfe. also es wurden nun 4 Dinge gefunden aber sag mal wie kann ich davon denn die Log posten? 01:00:03.0258 9752 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 01:00:03.0379 9752 ============================================================ 01:00:03.0379 9752 Current date / time: 2012/12/29 01:00:03.0379 01:00:03.0380 9752 SystemInfo: 01:00:03.0380 9752 01:00:03.0380 9752 OS Version: 6.1.7601 ServicePack: 1.0 01:00:03.0380 9752 Product type: Workstation 01:00:03.0380 9752 ComputerName: ALEX-PC 01:00:03.0380 9752 UserName: Alex 01:00:03.0380 9752 Windows directory: C:\Windows 01:00:03.0380 9752 System windows directory: C:\Windows 01:00:03.0380 9752 Running under WOW64 01:00:03.0380 9752 Processor architecture: Intel x64 01:00:03.0380 9752 Number of processors: 8 01:00:03.0380 9752 Page size: 0x1000 01:00:03.0380 9752 Boot type: Normal boot 01:00:03.0380 9752 ============================================================ 01:00:14.0047 9752 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 01:00:14.0057 9752 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 01:00:14.0060 9752 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 01:00:21.0020 9752 Drive \Device\Harddisk3\DR3 - Size: 0x1DD180000 (7.45 Gb), SectorSize: 0x200, Cylinders: 0x3CD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 01:00:21.0137 9752 ============================================================ 01:00:21.0137 9752 \Device\Harddisk0\DR0: 01:00:21.0137 9752 MBR partitions: 01:00:21.0137 9752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705DB0 01:00:21.0137 9752 \Device\Harddisk1\DR1: 01:00:21.0139 9752 MBR partitions: 01:00:21.0139 9752 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x5C065982 01:00:21.0139 9752 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x5C066000, BlocksNum 0x186A0000 01:00:21.0139 9752 \Device\Harddisk2\DR2: 01:00:21.0139 9752 MBR partitions: 01:00:21.0140 9752 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982 01:00:21.0140 9752 \Device\Harddisk3\DR3: 01:00:21.0140 9752 MBR partitions: 01:00:21.0140 9752 \Device\Harddisk3\DR3\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xEE8BE0 01:00:21.0140 9752 ============================================================ 01:00:21.0157 9752 C: <-> \Device\Harddisk1\DR1\Partition1 01:00:21.0182 9752 F: <-> \Device\Harddisk0\DR0\Partition1 01:00:21.0203 9752 G: <-> \Device\Harddisk2\DR2\Partition1 01:00:21.0237 9752 E: <-> \Device\Harddisk1\DR1\Partition2 01:00:21.0238 9752 ============================================================ 01:00:21.0238 9752 Initialize success 01:00:21.0238 9752 ============================================================ 01:00:39.0233 10216 ============================================================ 01:00:39.0233 10216 Scan started 01:00:39.0233 10216 Mode: Manual; SigCheck; TDLFS; 01:00:39.0233 10216 ============================================================ 01:00:40.0936 10216 ================ Scan system memory ======================== 01:00:40.0936 10216 System memory - ok 01:00:40.0937 10216 ================ Scan services ============================= 01:00:41.0049 10216 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 01:00:41.0115 10216 1394ohci - ok 01:00:41.0173 10216 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys 01:00:41.0222 10216 acedrv11 - ok 01:00:41.0262 10216 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 01:00:41.0274 10216 ACPI - ok 01:00:41.0299 10216 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 01:00:41.0341 10216 AcpiPmi - ok 01:00:41.0400 10216 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 01:00:41.0408 10216 AdobeARMservice - ok 01:00:41.0460 10216 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01:00:41.0468 10216 AdobeFlashPlayerUpdateSvc - ok 01:00:41.0505 10216 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 01:00:41.0524 10216 adp94xx - ok 01:00:41.0550 10216 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 01:00:41.0566 10216 adpahci - ok 01:00:41.0575 10216 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 01:00:41.0588 10216 adpu320 - ok 01:00:41.0613 10216 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 01:00:41.0702 10216 AeLookupSvc - ok 01:00:41.0744 10216 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 01:00:41.0799 10216 AFD - ok 01:00:41.0836 10216 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 01:00:41.0847 10216 agp440 - ok 01:00:41.0867 10216 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 01:00:41.0896 10216 ALG - ok 01:00:41.0914 10216 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 01:00:41.0924 10216 aliide - ok 01:00:41.0926 10216 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 01:00:41.0937 10216 amdide - ok 01:00:41.0960 10216 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 01:00:42.0013 10216 AmdK8 - ok 01:00:42.0025 10216 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 01:00:42.0053 10216 AmdPPM - ok 01:00:42.0076 10216 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 01:00:42.0088 10216 amdsata - ok 01:00:42.0104 10216 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 01:00:42.0117 10216 amdsbs - ok 01:00:42.0130 10216 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 01:00:42.0138 10216 amdxata - ok 01:00:42.0180 10216 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 01:00:42.0187 10216 AntiVirSchedulerService - ok 01:00:42.0195 10216 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 01:00:42.0202 10216 AntiVirService - ok 01:00:42.0239 10216 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 01:00:42.0323 10216 AppID - ok 01:00:42.0357 10216 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 01:00:42.0394 10216 AppIDSvc - ok 01:00:42.0407 10216 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 01:00:42.0448 10216 Appinfo - ok 01:00:42.0473 10216 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 01:00:42.0485 10216 arc - ok 01:00:42.0498 10216 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 01:00:42.0510 10216 arcsas - ok 01:00:42.0585 10216 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 01:00:42.0630 10216 aspnet_state - ok 01:00:42.0647 10216 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 01:00:42.0683 10216 AsyncMac - ok 01:00:42.0705 10216 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 01:00:42.0713 10216 atapi - ok 01:00:42.0747 10216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 01:00:42.0792 10216 AudioEndpointBuilder - ok 01:00:42.0799 10216 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 01:00:42.0825 10216 AudioSrv - ok 01:00:42.0836 10216 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 01:00:42.0844 10216 avgntflt - ok 01:00:42.0858 10216 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 01:00:42.0871 10216 avipbb - ok 01:00:42.0877 10216 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 01:00:42.0886 10216 avkmgr - ok 01:00:42.0923 10216 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 01:00:42.0954 10216 AxInstSV - ok 01:00:42.0983 10216 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 01:00:43.0018 10216 b06bdrv - ok 01:00:43.0041 10216 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 01:00:43.0082 10216 b57nd60a - ok 01:00:43.0111 10216 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 01:00:43.0151 10216 BDESVC - ok 01:00:43.0176 10216 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 01:00:43.0238 10216 Beep - ok 01:00:43.0288 10216 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 01:00:43.0323 10216 BFE - ok 01:00:43.0358 10216 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 01:00:43.0420 10216 BITS - ok 01:00:43.0442 10216 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 01:00:43.0459 10216 blbdrive - ok 01:00:43.0488 10216 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 01:00:43.0511 10216 bowser - ok 01:00:43.0529 10216 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 01:00:43.0577 10216 BrFiltLo - ok 01:00:43.0579 10216 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 01:00:43.0590 10216 BrFiltUp - ok 01:00:43.0622 10216 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 01:00:43.0643 10216 Browser - ok 01:00:43.0652 10216 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 01:00:43.0680 10216 Brserid - ok 01:00:43.0692 10216 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 01:00:43.0715 10216 BrSerWdm - ok 01:00:43.0721 10216 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 01:00:43.0732 10216 BrUsbMdm - ok 01:00:43.0735 10216 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 01:00:43.0755 10216 BrUsbSer - ok 01:00:43.0761 10216 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 01:00:43.0775 10216 BTHMODEM - ok 01:00:43.0798 10216 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 01:00:43.0836 10216 bthserv - ok 01:00:43.0853 10216 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 01:00:43.0884 10216 cdfs - ok 01:00:43.0918 10216 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 01:00:43.0947 10216 cdrom - ok 01:00:43.0984 10216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 01:00:44.0011 10216 CertPropSvc - ok 01:00:44.0028 10216 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 01:00:44.0053 10216 circlass - ok 01:00:44.0078 10216 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 01:00:44.0090 10216 CLFS - ok 01:00:44.0126 10216 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:00:44.0139 10216 clr_optimization_v2.0.50727_32 - ok 01:00:44.0164 10216 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 01:00:44.0176 10216 clr_optimization_v2.0.50727_64 - ok 01:00:44.0232 10216 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:00:44.0308 10216 clr_optimization_v4.0.30319_32 - ok 01:00:44.0321 10216 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 01:00:44.0329 10216 clr_optimization_v4.0.30319_64 - ok 01:00:44.0352 10216 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 01:00:44.0379 10216 CmBatt - ok 01:00:44.0407 10216 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 01:00:44.0417 10216 cmdide - ok 01:00:44.0446 10216 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 01:00:44.0464 10216 CNG - ok 01:00:44.0477 10216 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 01:00:44.0488 10216 Compbatt - ok 01:00:44.0522 10216 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 01:00:44.0546 10216 CompositeBus - ok 01:00:44.0556 10216 COMSysApp - ok 01:00:44.0570 10216 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 01:00:44.0580 10216 crcdisk - ok 01:00:44.0611 10216 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 01:00:44.0644 10216 CryptSvc - ok 01:00:44.0677 10216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 01:00:44.0711 10216 DcomLaunch - ok 01:00:44.0738 10216 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 01:00:44.0798 10216 defragsvc - ok 01:00:44.0826 10216 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 01:00:44.0855 10216 DfsC - ok 01:00:44.0875 10216 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 01:00:44.0916 10216 Dhcp - ok 01:00:44.0938 10216 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 01:00:44.0971 10216 discache - ok 01:00:44.0994 10216 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 01:00:45.0002 10216 Disk - ok 01:00:45.0030 10216 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 01:00:45.0075 10216 Dnscache - ok 01:00:45.0103 10216 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 01:00:45.0143 10216 dot3svc - ok 01:00:45.0169 10216 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 01:00:45.0201 10216 DPS - ok 01:00:45.0222 10216 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 01:00:45.0233 10216 drmkaud - ok 01:00:45.0268 10216 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 01:00:45.0293 10216 DXGKrnl - ok 01:00:45.0310 10216 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 01:00:45.0345 10216 EapHost - ok 01:00:45.0403 10216 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 01:00:45.0461 10216 ebdrv - ok 01:00:45.0487 10216 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 01:00:45.0511 10216 EFS - ok 01:00:45.0570 10216 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 01:00:45.0608 10216 ehRecvr - ok 01:00:45.0622 10216 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 01:00:45.0645 10216 ehSched - ok 01:00:45.0689 10216 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 01:00:45.0708 10216 elxstor - ok 01:00:45.0729 10216 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 01:00:45.0748 10216 ErrDev - ok 01:00:45.0778 10216 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 01:00:45.0813 10216 EventSystem - ok 01:00:45.0820 10216 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 01:00:45.0859 10216 exfat - ok 01:00:45.0868 10216 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 01:00:45.0907 10216 fastfat - ok 01:00:45.0952 10216 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 01:00:45.0978 10216 Fax - ok 01:00:45.0988 10216 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 01:00:45.0999 10216 fdc - ok 01:00:46.0017 10216 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 01:00:46.0048 10216 fdPHost - ok 01:00:46.0056 10216 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 01:00:46.0093 10216 FDResPub - ok 01:00:46.0101 10216 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 01:00:46.0109 10216 FileInfo - ok 01:00:46.0123 10216 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 01:00:46.0165 10216 Filetrace - ok 01:00:46.0222 10216 FirebirdGuardianDefaultInstance - ok 01:00:46.0223 10216 FirebirdServerDefaultInstance - ok 01:00:46.0277 10216 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 01:00:46.0305 10216 FLEXnet Licensing Service - ok 01:00:46.0319 10216 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 01:00:46.0330 10216 flpydisk - ok 01:00:46.0365 10216 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 01:00:46.0376 10216 FltMgr - ok 01:00:46.0413 10216 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll 01:00:46.0457 10216 FontCache - ok 01:00:46.0513 10216 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 01:00:46.0529 10216 FontCache3.0.0.0 - ok 01:00:46.0550 10216 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 01:00:46.0562 10216 FsDepends - ok 01:00:46.0581 10216 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 01:00:46.0592 10216 Fs_Rec - ok 01:00:46.0626 10216 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 01:00:46.0639 10216 fvevol - ok 01:00:46.0659 10216 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 01:00:46.0671 10216 gagp30kx - ok 01:00:46.0705 10216 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 01:00:46.0740 10216 gpsvc - ok 01:00:46.0780 10216 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:00:46.0786 10216 gupdate - ok 01:00:46.0804 10216 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:00:46.0810 10216 gupdatem - ok 01:00:46.0819 10216 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 01:00:46.0844 10216 hcw85cir - ok 01:00:46.0892 10216 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 01:00:46.0910 10216 HdAudAddService - ok 01:00:46.0947 10216 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 01:00:46.0966 10216 HDAudBus - ok 01:00:46.0976 10216 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 01:00:47.0008 10216 HidBatt - ok 01:00:47.0024 10216 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 01:00:47.0045 10216 HidBth - ok 01:00:47.0047 10216 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 01:00:47.0075 10216 HidIr - ok 01:00:47.0105 10216 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 01:00:47.0131 10216 hidserv - ok 01:00:47.0178 10216 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 01:00:47.0188 10216 HidUsb - ok 01:00:47.0210 10216 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 01:00:47.0250 10216 hkmsvc - ok 01:00:47.0284 10216 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 01:00:47.0315 10216 HomeGroupListener - ok 01:00:47.0336 10216 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 01:00:47.0354 10216 HomeGroupProvider - ok 01:00:47.0390 10216 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 01:00:47.0402 10216 HpSAMD - ok 01:00:47.0439 10216 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 01:00:47.0474 10216 HTTP - ok 01:00:47.0496 10216 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 01:00:47.0504 10216 hwpolicy - ok 01:00:47.0537 10216 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 01:00:47.0550 10216 i8042prt - ok 01:00:47.0592 10216 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 01:00:47.0609 10216 iaStorV - ok 01:00:47.0660 10216 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 01:00:47.0683 10216 IDriverT ( UnsignedFile.Multi.Generic ) - warning 01:00:47.0683 10216 IDriverT - detected UnsignedFile.Multi.Generic (1) 01:00:47.0732 10216 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 01:00:47.0760 10216 idsvc - ok 01:00:47.0792 10216 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 01:00:47.0803 10216 iirsp - ok 01:00:47.0841 10216 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 01:00:47.0888 10216 IKEEXT - ok 01:00:47.0903 10216 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 01:00:47.0913 10216 intelide - ok 01:00:47.0928 10216 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 01:00:47.0945 10216 intelppm - ok 01:00:47.0966 10216 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 01:00:48.0000 10216 IPBusEnum - ok 01:00:48.0027 10216 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 01:00:48.0053 10216 IpFilterDriver - ok 01:00:48.0076 10216 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 01:00:48.0109 10216 iphlpsvc - ok 01:00:48.0131 10216 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 01:00:48.0154 10216 IPMIDRV - ok 01:00:48.0175 10216 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 01:00:48.0208 10216 IPNAT - ok 01:00:48.0230 10216 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 01:00:48.0247 10216 IRENUM - ok 01:00:48.0273 10216 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 01:00:48.0284 10216 isapnp - ok 01:00:48.0308 10216 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 01:00:48.0324 10216 iScsiPrt - ok 01:00:48.0348 10216 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 01:00:48.0359 10216 kbdclass - ok 01:00:48.0378 10216 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 01:00:48.0400 10216 kbdhid - ok 01:00:48.0412 10216 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 01:00:48.0420 10216 KeyIso - ok 01:00:48.0441 10216 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 01:00:48.0450 10216 KSecDD - ok 01:00:48.0458 10216 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 01:00:48.0468 10216 KSecPkg - ok 01:00:48.0482 10216 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 01:00:48.0517 10216 ksthunk - ok 01:00:48.0538 10216 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 01:00:48.0584 10216 KtmRm - ok 01:00:48.0613 10216 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 01:00:48.0647 10216 LanmanServer - ok 01:00:48.0667 10216 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 01:00:48.0701 10216 LanmanWorkstation - ok 01:00:48.0729 10216 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 01:00:48.0763 10216 lltdio - ok 01:00:48.0789 10216 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 01:00:48.0831 10216 lltdsvc - ok 01:00:48.0846 10216 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 01:00:48.0871 10216 lmhosts - ok 01:00:48.0888 10216 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 01:00:48.0901 10216 LSI_FC - ok 01:00:48.0907 10216 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 01:00:48.0919 10216 LSI_SAS - ok 01:00:48.0927 10216 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 01:00:48.0938 10216 LSI_SAS2 - ok 01:00:48.0949 10216 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 01:00:48.0968 10216 LSI_SCSI - ok 01:00:48.0997 10216 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 01:00:49.0020 10216 luafv - ok 01:00:49.0060 10216 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 01:00:49.0102 10216 Mcx2Svc - ok 01:00:49.0116 10216 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 01:00:49.0126 10216 megasas - ok 01:00:49.0141 10216 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 01:00:49.0156 10216 MegaSR - ok 01:00:49.0196 10216 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 01:00:49.0208 10216 Microsoft Office Groove Audit Service - ok 01:00:49.0233 10216 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 01:00:49.0269 10216 MMCSS - ok 01:00:49.0291 10216 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 01:00:49.0319 10216 Modem - ok 01:00:49.0331 10216 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 01:00:49.0347 10216 monitor - ok 01:00:49.0367 10216 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 01:00:49.0378 10216 mouclass - ok 01:00:49.0396 10216 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 01:00:49.0407 10216 mouhid - ok 01:00:49.0432 10216 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 01:00:49.0441 10216 mountmgr - ok 01:00:49.0479 10216 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 01:00:49.0493 10216 MozillaMaintenance - ok 01:00:49.0521 10216 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 01:00:49.0535 10216 mpio - ok 01:00:49.0560 10216 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 01:00:49.0596 10216 mpsdrv - ok 01:00:49.0635 10216 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 01:00:49.0676 10216 MpsSvc - ok 01:00:49.0687 10216 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 01:00:49.0724 10216 MRxDAV - ok 01:00:49.0754 10216 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 01:00:49.0790 10216 mrxsmb - ok 01:00:49.0821 10216 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 01:00:49.0850 10216 mrxsmb10 - ok 01:00:49.0869 10216 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 01:00:49.0878 10216 mrxsmb20 - ok 01:00:49.0905 10216 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 01:00:49.0916 10216 msahci - ok 01:00:49.0936 10216 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 01:00:49.0950 10216 msdsm - ok 01:00:49.0972 10216 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 01:00:49.0997 10216 MSDTC - ok 01:00:50.0014 10216 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 01:00:50.0037 10216 Msfs - ok 01:00:50.0050 10216 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 01:00:50.0080 10216 mshidkmdf - ok 01:00:50.0107 10216 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 01:00:50.0115 10216 msisadrv - ok 01:00:50.0132 10216 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 01:00:50.0168 10216 MSiSCSI - ok 01:00:50.0170 10216 msiserver - ok 01:00:50.0193 10216 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 01:00:50.0225 10216 MSKSSRV - ok 01:00:50.0234 10216 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 01:00:50.0269 10216 MSPCLOCK - ok 01:00:50.0285 10216 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 01:00:50.0315 10216 MSPQM - ok 01:00:50.0343 10216 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 01:00:50.0355 10216 MsRPC - ok 01:00:50.0382 10216 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 01:00:50.0390 10216 mssmbios - ok 01:00:50.0406 10216 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 01:00:50.0438 10216 MSTEE - ok 01:00:50.0450 10216 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 01:00:50.0469 10216 MTConfig - ok 01:00:50.0483 10216 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 01:00:50.0491 10216 Mup - ok 01:00:50.0522 10216 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 01:00:50.0556 10216 napagent - ok 01:00:50.0575 10216 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 01:00:50.0601 10216 NativeWifiP - ok 01:00:50.0643 10216 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 01:00:50.0663 10216 NDIS - ok 01:00:50.0690 10216 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 01:00:50.0715 10216 NdisCap - ok 01:00:50.0729 10216 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 01:00:50.0766 10216 NdisTapi - ok 01:00:50.0791 10216 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 01:00:50.0822 10216 Ndisuio - ok 01:00:50.0834 10216 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 01:00:50.0871 10216 NdisWan - ok 01:00:50.0909 10216 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 01:00:50.0946 10216 NDProxy - ok 01:00:51.0047 10216 [ 2AAE889742376EDC5C3203DFB74F28FD ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe 01:00:51.0064 10216 Nero BackItUp Scheduler 3 - ok 01:00:51.0080 10216 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 01:00:51.0110 10216 NetBIOS - ok 01:00:51.0131 10216 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 01:00:51.0170 10216 NetBT - ok 01:00:51.0178 10216 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 01:00:51.0186 10216 Netlogon - ok 01:00:51.0213 10216 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 01:00:51.0245 10216 Netman - ok 01:00:51.0275 10216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:00:51.0299 10216 NetMsmqActivator - ok 01:00:51.0301 10216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:00:51.0308 10216 NetPipeActivator - ok 01:00:51.0314 10216 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 01:00:51.0359 10216 netprofm - ok 01:00:51.0361 10216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:00:51.0368 10216 NetTcpActivator - ok 01:00:51.0371 10216 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:00:51.0378 10216 NetTcpPortSharing - ok 01:00:51.0403 10216 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 01:00:51.0415 10216 nfrd960 - ok 01:00:51.0440 10216 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 01:00:51.0457 10216 NlaSvc - ok 01:00:51.0528 10216 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 01:00:51.0540 10216 NMIndexingService - ok 01:00:51.0545 10216 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 01:00:51.0568 10216 Npfs - ok 01:00:51.0585 10216 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 01:00:51.0625 10216 nsi - ok 01:00:51.0643 10216 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 01:00:51.0673 10216 nsiproxy - ok 01:00:51.0721 10216 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 01:00:51.0750 10216 Ntfs - ok 01:00:51.0756 10216 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 01:00:51.0781 10216 Null - ok 01:00:51.0810 10216 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 01:00:51.0823 10216 NVHDA - ok 01:00:52.0000 10216 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 01:00:52.0292 10216 nvlddmkm - ok 01:00:52.0315 10216 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 01:00:52.0327 10216 nvraid - ok 01:00:52.0353 10216 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 01:00:52.0366 10216 nvstor - ok 01:00:52.0415 10216 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe 01:00:52.0433 10216 nvsvc - ok 01:00:52.0481 10216 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 01:00:52.0503 10216 nvUpdatusService - ok 01:00:52.0525 10216 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 01:00:52.0538 10216 nv_agp - ok 01:00:52.0584 10216 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 01:00:52.0603 10216 odserv - ok 01:00:52.0621 10216 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 01:00:52.0640 10216 ohci1394 - ok 01:00:52.0672 10216 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:00:52.0684 10216 ose - ok 01:00:52.0712 10216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 01:00:52.0731 10216 p2pimsvc - ok 01:00:52.0748 10216 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 01:00:52.0765 10216 p2psvc - ok 01:00:52.0788 10216 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 01:00:52.0800 10216 Parport - ok 01:00:52.0820 10216 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 01:00:52.0829 10216 partmgr - ok 01:00:52.0840 10216 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 01:00:52.0866 10216 PcaSvc - ok 01:00:52.0888 10216 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 01:00:52.0898 10216 pci - ok 01:00:52.0915 10216 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 01:00:52.0923 10216 pciide - ok 01:00:52.0927 10216 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 01:00:52.0942 10216 pcmcia - ok 01:00:52.0947 10216 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 01:00:52.0964 10216 pcw - ok 01:00:52.0983 10216 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 01:00:53.0030 10216 PEAUTH - ok 01:00:53.0076 10216 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 01:00:53.0091 10216 PerfHost - ok 01:00:53.0135 10216 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 01:00:53.0189 10216 pla - ok 01:00:53.0228 10216 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe 01:00:53.0239 10216 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 01:00:53.0239 10216 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 01:00:53.0304 10216 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 01:00:53.0323 10216 PlugPlay - ok 01:00:53.0331 10216 PnkBstrA - ok 01:00:53.0367 10216 PnkBstrB - ok 01:00:53.0383 10216 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 01:00:53.0406 10216 PNRPAutoReg - ok 01:00:53.0420 10216 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 01:00:53.0430 10216 PNRPsvc - ok 01:00:53.0465 10216 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 01:00:53.0506 10216 PolicyAgent - ok 01:00:53.0527 10216 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 01:00:53.0557 10216 Power - ok 01:00:53.0584 10216 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 01:00:53.0622 10216 PptpMiniport - ok 01:00:53.0641 10216 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 01:00:53.0662 10216 Processor - ok 01:00:53.0698 10216 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 01:00:53.0722 10216 ProfSvc - ok 01:00:53.0736 10216 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 01:00:53.0744 10216 ProtectedStorage - ok 01:00:53.0776 10216 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 01:00:53.0810 10216 Psched - ok 01:00:53.0839 10216 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 01:00:53.0871 10216 ql2300 - ok 01:00:53.0886 10216 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 01:00:53.0900 10216 ql40xx - ok 01:00:53.0925 10216 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 01:00:53.0953 10216 QWAVE - ok 01:00:53.0965 10216 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 01:00:53.0991 10216 QWAVEdrv - ok 01:00:54.0006 10216 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 01:00:54.0038 10216 RasAcd - ok 01:00:54.0075 10216 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 01:00:54.0100 10216 RasAgileVpn - ok 01:00:54.0124 10216 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 01:00:54.0151 10216 RasAuto - ok 01:00:54.0178 10216 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 01:00:54.0214 10216 Rasl2tp - ok 01:00:54.0226 10216 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 01:00:54.0258 10216 RasMan - ok 01:00:54.0268 10216 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 01:00:54.0304 10216 RasPppoe - ok 01:00:54.0337 10216 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 01:00:54.0370 10216 RasSstp - ok 01:00:54.0386 10216 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 01:00:54.0421 10216 rdbss - ok 01:00:54.0431 10216 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 01:00:54.0452 10216 rdpbus - ok 01:00:54.0462 10216 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 01:00:54.0485 10216 RDPCDD - ok 01:00:54.0491 10216 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 01:00:54.0522 10216 RDPENCDD - ok 01:00:54.0526 10216 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 01:00:54.0548 10216 RDPREFMP - ok 01:00:54.0574 10216 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 01:00:54.0597 10216 RDPWD - ok 01:00:54.0638 10216 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 01:00:54.0649 10216 rdyboost - ok 01:00:54.0671 10216 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 01:00:54.0708 10216 RemoteAccess - ok 01:00:54.0716 10216 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 01:00:54.0750 10216 RemoteRegistry - ok 01:00:54.0769 10216 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 01:00:54.0796 10216 RpcEptMapper - ok 01:00:54.0802 10216 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 01:00:54.0821 10216 RpcLocator - ok 01:00:54.0850 10216 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 01:00:54.0876 10216 RpcSs - ok 01:00:54.0902 10216 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 01:00:54.0928 10216 rspndr - ok 01:00:54.0950 10216 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 01:00:54.0962 10216 RTL8167 - ok 01:00:54.0977 10216 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 01:00:54.0985 10216 SamSs - ok 01:00:55.0046 10216 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\Sandra.sys 01:00:55.0055 10216 SANDRA - ok 01:00:55.0082 10216 [ 5FDF2605205C73E05316795DCC6663EC ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe 01:00:55.0106 10216 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning 01:00:55.0106 10216 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1) 01:00:55.0140 10216 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 01:00:55.0152 10216 sbp2port - ok 01:00:55.0170 10216 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 01:00:55.0215 10216 SCardSvr - ok 01:00:55.0234 10216 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 01:00:55.0267 10216 scfilter - ok 01:00:55.0300 10216 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 01:00:55.0342 10216 Schedule - ok 01:00:55.0373 10216 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 01:00:55.0396 10216 SCPolicySvc - ok 01:00:55.0421 10216 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 01:00:55.0436 10216 SDRSVC - ok 01:00:55.0457 10216 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 01:00:55.0501 10216 secdrv - ok 01:00:55.0521 10216 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 01:00:55.0560 10216 seclogon - ok 01:00:55.0584 10216 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 01:00:55.0614 10216 SENS - ok 01:00:55.0626 10216 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 01:00:55.0648 10216 SensrSvc - ok 01:00:55.0656 10216 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 01:00:55.0672 10216 Serenum - ok 01:00:55.0688 10216 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 01:00:55.0700 10216 Serial - ok 01:00:55.0724 10216 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 01:00:55.0734 10216 sermouse - ok 01:00:55.0762 10216 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 01:00:55.0790 10216 SessionEnv - ok 01:00:55.0814 10216 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 01:00:55.0832 10216 sffdisk - ok 01:00:55.0854 10216 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 01:00:55.0874 10216 sffp_mmc - ok 01:00:55.0885 10216 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 01:00:55.0904 10216 sffp_sd - ok 01:00:55.0925 10216 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 01:00:55.0935 10216 sfloppy - ok 01:00:55.0959 10216 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 01:00:55.0997 10216 SharedAccess - ok 01:00:56.0024 10216 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 01:00:56.0061 10216 ShellHWDetection - ok 01:00:56.0078 10216 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 01:00:56.0090 10216 SiSRaid2 - ok 01:00:56.0102 10216 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 01:00:56.0114 10216 SiSRaid4 - ok 01:00:56.0155 10216 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 01:00:56.0163 10216 SkypeUpdate - ok 01:00:56.0184 10216 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 01:00:56.0219 10216 Smb - ok 01:00:56.0239 10216 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 01:00:56.0255 10216 SNMPTRAP - ok 01:00:56.0270 10216 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 01:00:56.0278 10216 spldr - ok 01:00:56.0316 10216 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 01:00:56.0345 10216 Spooler - ok 01:00:56.0407 10216 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 01:00:56.0485 10216 sppsvc - ok 01:00:56.0504 10216 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 01:00:56.0540 10216 sppuinotify - ok 01:00:56.0594 10216 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys 01:00:56.0594 10216 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB 01:00:56.0595 10216 sptd ( LockedFile.Multi.Generic ) - warning 01:00:56.0595 10216 sptd - detected LockedFile.Multi.Generic (1) 01:00:56.0621 10216 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 01:00:56.0654 10216 srv - ok 01:00:56.0682 10216 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 01:00:56.0698 10216 srv2 - ok 01:00:56.0726 10216 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 01:00:56.0744 10216 srvnet - ok 01:00:56.0764 10216 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 01:00:56.0802 10216 SSDPSRV - ok 01:00:56.0810 10216 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 01:00:56.0837 10216 SstpSvc - ok 01:00:56.0859 10216 Steam Client Service - ok 01:00:56.0902 10216 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 01:00:56.0913 10216 Stereo Service - ok 01:00:56.0926 10216 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 01:00:56.0937 10216 stexstor - ok 01:00:56.0975 10216 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 01:00:56.0998 10216 stisvc - ok 01:00:57.0025 10216 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 01:00:57.0036 10216 swenum - ok 01:00:57.0060 10216 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 01:00:57.0112 10216 swprv - ok 01:00:57.0158 10216 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 01:00:57.0193 10216 SysMain - ok 01:00:57.0224 10216 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 01:00:57.0240 10216 TabletInputService - ok 01:00:57.0265 10216 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 01:00:57.0303 10216 TapiSrv - ok 01:00:57.0317 10216 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 01:00:57.0340 10216 TBS - ok 01:00:57.0402 10216 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 01:00:57.0442 10216 Tcpip - ok 01:00:57.0464 10216 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 01:00:57.0489 10216 TCPIP6 - ok 01:00:57.0500 10216 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 01:00:57.0510 10216 tcpipreg - ok 01:00:57.0531 10216 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 01:00:57.0551 10216 TDPIPE - ok 01:00:57.0569 10216 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 01:00:57.0585 10216 TDTCP - ok 01:00:57.0616 10216 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 01:00:57.0641 10216 tdx - ok 01:00:57.0727 10216 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 01:00:57.0770 10216 TeamViewer7 - ok 01:00:57.0791 10216 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 01:00:57.0802 10216 TermDD - ok 01:00:57.0835 10216 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 01:00:57.0871 10216 TermService - ok 01:00:57.0913 10216 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys 01:00:57.0922 10216 TFsExDisk - ok 01:00:57.0949 10216 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 01:00:57.0972 10216 Themes - ok 01:00:57.0990 10216 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 01:00:58.0013 10216 THREADORDER - ok 01:00:58.0020 10216 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 01:00:58.0052 10216 TrkWks - ok 01:00:58.0094 10216 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 01:00:58.0128 10216 TrustedInstaller - ok 01:00:58.0152 10216 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 01:00:58.0177 10216 tssecsrv - ok 01:00:58.0206 10216 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 01:00:58.0229 10216 TsUsbFlt - ok 01:00:58.0276 10216 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 01:00:58.0308 10216 tunnel - ok 01:00:58.0322 10216 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 01:00:58.0333 10216 uagp35 - ok 01:00:58.0350 10216 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 01:00:58.0394 10216 udfs - ok 01:00:58.0421 10216 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 01:00:58.0441 10216 UI0Detect - ok 01:00:58.0452 10216 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 01:00:58.0464 10216 uliagpkx - ok 01:00:58.0484 10216 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 01:00:58.0500 10216 umbus - ok 01:00:58.0513 10216 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 01:00:58.0527 10216 UmPass - ok 01:00:58.0539 10216 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 01:00:58.0569 10216 upnphost - ok 01:00:58.0607 10216 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 01:00:58.0632 10216 usbaudio - ok 01:00:58.0667 10216 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 01:00:58.0690 10216 usbccgp - ok 01:00:58.0711 10216 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 01:00:58.0726 10216 usbcir - ok 01:00:58.0737 10216 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 01:00:58.0764 10216 usbehci - ok 01:00:58.0788 10216 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 01:00:58.0812 10216 usbhub - ok 01:00:58.0829 10216 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 01:00:58.0839 10216 usbohci - ok 01:00:58.0853 10216 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 01:00:58.0875 10216 usbprint - ok 01:00:58.0898 10216 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 01:00:58.0910 10216 usbscan - ok 01:00:58.0939 10216 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 01:00:58.0958 10216 USBSTOR - ok 01:00:58.0979 10216 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 01:00:59.0000 10216 usbuhci - ok |
|
29.12.2012, 01:06
| #10 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? 01:00:59.0030 10216 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys 01:00:59.0040 10216 usb_rndisx - ok 01:00:59.0055 10216 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 01:00:59.0085 10216 UxSms - ok 01:00:59.0093 10216 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 01:00:59.0101 10216 VaultSvc - ok 01:00:59.0115 10216 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 01:00:59.0123 10216 vdrvroot - ok 01:00:59.0158 10216 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 01:00:59.0191 10216 vds - ok 01:00:59.0223 10216 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 01:00:59.0235 10216 vga - ok 01:00:59.0245 10216 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 01:00:59.0275 10216 VgaSave - ok 01:00:59.0304 10216 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 01:00:59.0319 10216 vhdmp - ok 01:00:59.0342 10216 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 01:00:59.0352 10216 viaide - ok 01:00:59.0366 10216 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 01:00:59.0374 10216 volmgr - ok 01:00:59.0398 10216 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 01:00:59.0410 10216 volmgrx - ok 01:00:59.0422 10216 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 01:00:59.0433 10216 volsnap - ok 01:00:59.0466 10216 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 01:00:59.0480 10216 vsmraid - ok 01:00:59.0535 10216 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 01:00:59.0588 10216 VSS - ok 01:00:59.0600 10216 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 01:00:59.0619 10216 vwifibus - ok 01:00:59.0647 10216 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 01:00:59.0695 10216 W32Time - ok 01:00:59.0715 10216 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 01:00:59.0736 10216 WacomPen - ok 01:00:59.0777 10216 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 01:00:59.0811 10216 WANARP - ok 01:00:59.0813 10216 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 01:00:59.0835 10216 Wanarpv6 - ok 01:00:59.0876 10216 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 01:00:59.0905 10216 wbengine - ok 01:00:59.0933 10216 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 01:00:59.0950 10216 WbioSrvc - ok 01:00:59.0977 10216 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 01:01:00.0014 10216 wcncsvc - ok 01:01:00.0032 10216 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 01:01:00.0044 10216 WcsPlugInService - ok 01:01:00.0063 10216 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 01:01:00.0074 10216 Wd - ok 01:01:00.0111 10216 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 01:01:00.0130 10216 Wdf01000 - ok 01:01:00.0138 10216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 01:01:00.0179 10216 WdiServiceHost - ok 01:01:00.0181 10216 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 01:01:00.0193 10216 WdiSystemHost - ok 01:01:00.0208 10216 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 01:01:00.0239 10216 WebClient - ok 01:01:00.0258 10216 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 01:01:00.0288 10216 Wecsvc - ok 01:01:00.0304 10216 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 01:01:00.0343 10216 wercplsupport - ok 01:01:00.0361 10216 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 01:01:00.0389 10216 WerSvc - ok 01:01:00.0413 10216 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 01:01:00.0437 10216 WfpLwf - ok 01:01:00.0448 10216 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 01:01:00.0458 10216 WIMMount - ok 01:01:00.0468 10216 WinDefend - ok 01:01:00.0474 10216 WinHttpAutoProxySvc - ok 01:01:00.0511 10216 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 01:01:00.0544 10216 Winmgmt - ok 01:01:00.0596 10216 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 01:01:00.0645 10216 WinRM - ok 01:01:00.0707 10216 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 01:01:00.0727 10216 WinUsb - ok 01:01:00.0755 10216 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 01:01:00.0798 10216 Wlansvc - ok 01:01:00.0823 10216 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 01:01:00.0833 10216 WmiAcpi - ok 01:01:00.0870 10216 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 01:01:00.0895 10216 wmiApSrv - ok 01:01:00.0917 10216 WMPNetworkSvc - ok 01:01:00.0936 10216 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 01:01:00.0947 10216 WPCSvc - ok 01:01:00.0971 10216 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 01:01:00.0986 10216 WPDBusEnum - ok 01:01:01.0002 10216 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 01:01:01.0033 10216 ws2ifsl - ok 01:01:01.0044 10216 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 01:01:01.0067 10216 wscsvc - ok 01:01:01.0069 10216 WSearch - ok 01:01:01.0119 10216 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 01:01:01.0159 10216 wuauserv - ok 01:01:01.0180 10216 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 01:01:01.0199 10216 WudfPf - ok 01:01:01.0211 10216 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 01:01:01.0224 10216 WUDFRd - ok 01:01:01.0241 10216 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 01:01:01.0257 10216 wudfsvc - ok 01:01:01.0276 10216 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 01:01:01.0300 10216 WwanSvc - ok 01:01:01.0309 10216 ================ Scan global =============================== 01:01:01.0337 10216 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 01:01:01.0372 10216 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 01:01:01.0377 10216 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 01:01:01.0396 10216 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 01:01:01.0408 10216 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 01:01:01.0412 10216 [Global] - ok 01:01:01.0412 10216 ================ Scan MBR ================================== 01:01:01.0413 10216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 01:01:01.0574 10216 \Device\Harddisk0\DR0 - ok 01:01:01.0583 10216 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 01:01:01.0750 10216 \Device\Harddisk1\DR1 - ok 01:01:01.0761 10216 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 01:01:01.0876 10216 \Device\Harddisk2\DR2 - ok 01:01:01.0882 10216 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 01:01:02.0206 10216 \Device\Harddisk3\DR3 - ok 01:01:02.0207 10216 ================ Scan VBR ================================== 01:01:02.0208 10216 [ 35E85FDE3DA4D1873BF22BC5D452E893 ] \Device\Harddisk0\DR0\Partition1 01:01:02.0209 10216 \Device\Harddisk0\DR0\Partition1 - ok 01:01:02.0210 10216 [ A8AE9DABE6F58246C31C7BA88DD604F4 ] \Device\Harddisk1\DR1\Partition1 01:01:02.0211 10216 \Device\Harddisk1\DR1\Partition1 - ok 01:01:02.0229 10216 [ 0D0526BAF4BC3B0FD9E913613D16D585 ] \Device\Harddisk1\DR1\Partition2 01:01:02.0230 10216 \Device\Harddisk1\DR1\Partition2 - ok 01:01:02.0232 10216 [ 65173EA24E1306D17A53FB04E6A7FFE0 ] \Device\Harddisk2\DR2\Partition1 01:01:02.0234 10216 \Device\Harddisk2\DR2\Partition1 - ok 01:01:02.0236 10216 [ BE4323B7799E9662C2CC8109B4A1DBD5 ] \Device\Harddisk3\DR3\Partition1 01:01:02.0237 10216 \Device\Harddisk3\DR3\Partition1 - ok 01:01:02.0237 10216 ============================================================ 01:01:02.0237 10216 Scan finished 01:01:02.0237 10216 ============================================================ 01:01:02.0243 10188 Detected object count: 4 01:01:02.0243 10188 Actual detected object count: 4 01:01:23.0539 10188 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 01:01:23.0539 10188 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:01:23.0540 10188 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 01:01:23.0540 10188 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:01:23.0541 10188 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user 01:01:23.0541 10188 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:01:23.0542 10188 sptd ( LockedFile.Multi.Generic ) - skipped by user 01:01:23.0542 10188 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 01:01:27.0439 10232 ============================================================ 01:01:27.0439 10232 Scan started 01:01:27.0439 10232 Mode: Manual; SigCheck; TDLFS; 01:01:27.0439 10232 ============================================================ 01:01:27.0781 10232 ================ Scan system memory ======================== 01:01:27.0781 10232 System memory - ok 01:01:27.0781 10232 ================ Scan services ============================= 01:01:27.0874 10232 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 01:01:27.0888 10232 1394ohci - ok 01:01:27.0915 10232 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys 01:01:27.0924 10232 acedrv11 - ok 01:01:27.0954 10232 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 01:01:27.0965 10232 ACPI - ok 01:01:27.0975 10232 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 01:01:27.0984 10232 AcpiPmi - ok 01:01:28.0025 10232 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 01:01:28.0033 10232 AdobeARMservice - ok 01:01:28.0094 10232 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 01:01:28.0102 10232 AdobeFlashPlayerUpdateSvc - ok 01:01:28.0130 10232 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 01:01:28.0143 10232 adp94xx - ok 01:01:28.0159 10232 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 01:01:28.0169 10232 adpahci - ok 01:01:28.0183 10232 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 01:01:28.0192 10232 adpu320 - ok 01:01:28.0222 10232 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 01:01:28.0245 10232 AeLookupSvc - ok 01:01:28.0270 10232 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 01:01:28.0281 10232 AFD - ok 01:01:28.0311 10232 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 01:01:28.0319 10232 agp440 - ok 01:01:28.0326 10232 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 01:01:28.0335 10232 ALG - ok 01:01:28.0339 10232 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 01:01:28.0347 10232 aliide - ok 01:01:28.0349 10232 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 01:01:28.0359 10232 amdide - ok 01:01:28.0369 10232 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 01:01:28.0377 10232 AmdK8 - ok 01:01:28.0392 10232 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 01:01:28.0400 10232 AmdPPM - ok 01:01:28.0418 10232 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 01:01:28.0427 10232 amdsata - ok 01:01:28.0446 10232 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 01:01:28.0455 10232 amdsbs - ok 01:01:28.0463 10232 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 01:01:28.0471 10232 amdxata - ok 01:01:28.0505 10232 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 01:01:28.0512 10232 AntiVirSchedulerService - ok 01:01:28.0529 10232 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 01:01:28.0535 10232 AntiVirService - ok 01:01:28.0564 10232 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 01:01:28.0586 10232 AppID - ok 01:01:28.0607 10232 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 01:01:28.0629 10232 AppIDSvc - ok 01:01:28.0640 10232 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 01:01:28.0662 10232 Appinfo - ok 01:01:28.0682 10232 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 01:01:28.0690 10232 arc - ok 01:01:28.0698 10232 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 01:01:28.0707 10232 arcsas - ok 01:01:28.0777 10232 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 01:01:28.0784 10232 aspnet_state - ok 01:01:28.0797 10232 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 01:01:28.0819 10232 AsyncMac - ok 01:01:28.0848 10232 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 01:01:28.0855 10232 atapi - ok 01:01:28.0889 10232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 01:01:28.0914 10232 AudioEndpointBuilder - ok 01:01:28.0921 10232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 01:01:28.0947 10232 AudioSrv - ok 01:01:28.0953 10232 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 01:01:28.0960 10232 avgntflt - ok 01:01:28.0975 10232 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 01:01:28.0983 10232 avipbb - ok 01:01:28.0994 10232 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 01:01:29.0000 10232 avkmgr - ok 01:01:29.0031 10232 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 01:01:29.0043 10232 AxInstSV - ok 01:01:29.0067 10232 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 01:01:29.0077 10232 b06bdrv - ok 01:01:29.0091 10232 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 01:01:29.0100 10232 b57nd60a - ok 01:01:29.0119 10232 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 01:01:29.0127 10232 BDESVC - ok 01:01:29.0134 10232 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 01:01:29.0156 10232 Beep - ok 01:01:29.0179 10232 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 01:01:29.0206 10232 BFE - ok 01:01:29.0241 10232 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 01:01:29.0268 10232 BITS - ok 01:01:29.0275 10232 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 01:01:29.0283 10232 blbdrive - ok 01:01:29.0305 10232 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 01:01:29.0312 10232 bowser - ok 01:01:29.0329 10232 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 01:01:29.0338 10232 BrFiltLo - ok 01:01:29.0340 10232 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 01:01:29.0349 10232 BrFiltUp - ok 01:01:29.0380 10232 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 01:01:29.0389 10232 Browser - ok 01:01:29.0402 10232 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 01:01:29.0411 10232 Brserid - ok 01:01:29.0425 10232 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 01:01:29.0435 10232 BrSerWdm - ok 01:01:29.0445 10232 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 01:01:29.0454 10232 BrUsbMdm - ok 01:01:29.0457 10232 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 01:01:29.0465 10232 BrUsbSer - ok 01:01:29.0469 10232 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 01:01:29.0479 10232 BTHMODEM - ok 01:01:29.0506 10232 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 01:01:29.0529 10232 bthserv - ok 01:01:29.0536 10232 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 01:01:29.0559 10232 cdfs - ok 01:01:29.0585 10232 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys 01:01:29.0593 10232 cdrom - ok 01:01:29.0617 10232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 01:01:29.0639 10232 CertPropSvc - ok 01:01:29.0653 10232 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 01:01:29.0662 10232 circlass - ok 01:01:29.0677 10232 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 01:01:29.0688 10232 CLFS - ok 01:01:29.0725 10232 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 01:01:29.0733 10232 clr_optimization_v2.0.50727_32 - ok 01:01:29.0763 10232 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 01:01:29.0770 10232 clr_optimization_v2.0.50727_64 - ok 01:01:29.0806 10232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 01:01:29.0813 10232 clr_optimization_v4.0.30319_32 - ok 01:01:29.0821 10232 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 01:01:29.0828 10232 clr_optimization_v4.0.30319_64 - ok 01:01:29.0843 10232 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 01:01:29.0851 10232 CmBatt - ok 01:01:29.0873 10232 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 01:01:29.0881 10232 cmdide - ok 01:01:29.0904 10232 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys 01:01:29.0920 10232 CNG - ok 01:01:29.0926 10232 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 01:01:29.0937 10232 Compbatt - ok 01:01:29.0964 10232 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 01:01:29.0973 10232 CompositeBus - ok 01:01:29.0975 10232 COMSysApp - ok 01:01:29.0986 10232 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 01:01:29.0994 10232 crcdisk - ok 01:01:30.0019 10232 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 01:01:30.0027 10232 CryptSvc - ok 01:01:30.0060 10232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 01:01:30.0086 10232 DcomLaunch - ok 01:01:30.0104 10232 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 01:01:30.0128 10232 defragsvc - ok 01:01:30.0159 10232 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 01:01:30.0181 10232 DfsC - ok 01:01:30.0192 10232 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 01:01:30.0202 10232 Dhcp - ok 01:01:30.0221 10232 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 01:01:30.0244 10232 discache - ok 01:01:30.0252 10232 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 01:01:30.0260 10232 Disk - ok 01:01:30.0288 10232 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 01:01:30.0297 10232 Dnscache - ok 01:01:30.0327 10232 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 01:01:30.0350 10232 dot3svc - ok 01:01:30.0377 10232 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 01:01:30.0399 10232 DPS - ok 01:01:30.0414 10232 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 01:01:30.0423 10232 drmkaud - ok 01:01:30.0460 10232 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 01:01:30.0476 10232 DXGKrnl - ok 01:01:30.0493 10232 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 01:01:30.0516 10232 EapHost - ok 01:01:30.0570 10232 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 01:01:30.0599 10232 ebdrv - ok 01:01:30.0629 10232 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 01:01:30.0637 10232 EFS - ok 01:01:30.0686 10232 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 01:01:30.0699 10232 ehRecvr - ok 01:01:30.0713 10232 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 01:01:30.0722 10232 ehSched - ok 01:01:30.0747 10232 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 01:01:30.0759 10232 elxstor - ok 01:01:30.0787 10232 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 01:01:30.0795 10232 ErrDev - ok 01:01:30.0811 10232 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 01:01:30.0836 10232 EventSystem - ok 01:01:30.0853 10232 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 01:01:30.0877 10232 exfat - ok 01:01:30.0885 10232 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 01:01:30.0908 10232 fastfat - ok 01:01:30.0935 10232 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 01:01:30.0947 10232 Fax - ok 01:01:30.0971 10232 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 01:01:30.0979 10232 fdc - ok 01:01:30.0992 10232 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 01:01:31.0017 10232 fdPHost - ok 01:01:31.0023 10232 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 01:01:31.0046 10232 FDResPub - ok 01:01:31.0050 10232 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 01:01:31.0059 10232 FileInfo - ok 01:01:31.0072 10232 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 01:01:31.0094 10232 Filetrace - ok 01:01:31.0138 10232 FirebirdGuardianDefaultInstance - ok 01:01:31.0140 10232 FirebirdServerDefaultInstance - ok 01:01:31.0177 10232 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 01:01:31.0192 10232 FLEXnet Licensing Service - ok 01:01:31.0202 10232 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 01:01:31.0210 10232 flpydisk - ok 01:01:31.0240 10232 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 01:01:31.0250 10232 FltMgr - ok 01:01:31.0288 10232 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll 01:01:31.0317 10232 FontCache - ok 01:01:31.0362 10232 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 01:01:31.0369 10232 FontCache3.0.0.0 - ok 01:01:31.0392 10232 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 01:01:31.0400 10232 FsDepends - ok 01:01:31.0423 10232 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 01:01:31.0430 10232 Fs_Rec - ok 01:01:31.0459 10232 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 01:01:31.0471 10232 fvevol - ok 01:01:31.0484 10232 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 01:01:31.0492 10232 gagp30kx - ok 01:01:31.0530 10232 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 01:01:31.0557 10232 gpsvc - ok 01:01:31.0588 10232 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:01:31.0594 10232 gupdate - ok 01:01:31.0597 10232 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 01:01:31.0603 10232 gupdatem - ok 01:01:31.0619 10232 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 01:01:31.0627 10232 hcw85cir - ok 01:01:31.0675 10232 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 01:01:31.0687 10232 HdAudAddService - ok 01:01:31.0713 10232 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 01:01:31.0723 10232 HDAudBus - ok 01:01:31.0734 10232 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 01:01:31.0742 10232 HidBatt - ok 01:01:31.0749 10232 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 01:01:31.0759 10232 HidBth - ok 01:01:31.0761 10232 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 01:01:31.0771 10232 HidIr - ok 01:01:31.0788 10232 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 01:01:31.0811 10232 hidserv - ok 01:01:31.0819 10232 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 01:01:31.0827 10232 HidUsb - ok 01:01:31.0860 10232 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 01:01:31.0882 10232 hkmsvc - ok 01:01:31.0909 10232 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 01:01:31.0918 10232 HomeGroupListener - ok 01:01:31.0944 10232 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 01:01:31.0953 10232 HomeGroupProvider - ok 01:01:31.0973 10232 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 01:01:31.0982 10232 HpSAMD - ok 01:01:32.0014 10232 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 01:01:32.0040 10232 HTTP - ok 01:01:32.0063 10232 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 01:01:32.0071 10232 hwpolicy - ok 01:01:32.0095 10232 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 01:01:32.0104 10232 i8042prt - ok 01:01:32.0133 10232 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 01:01:32.0144 10232 iaStorV - ok 01:01:32.0185 10232 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 01:01:32.0188 10232 IDriverT ( UnsignedFile.Multi.Generic ) - warning 01:01:32.0188 10232 IDriverT - detected UnsignedFile.Multi.Generic (1) 01:01:32.0232 10232 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 01:01:32.0245 10232 idsvc - ok 01:01:32.0266 10232 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 01:01:32.0274 10232 iirsp - ok 01:01:32.0315 10232 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 01:01:32.0343 10232 IKEEXT - ok 01:01:32.0352 10232 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 01:01:32.0360 10232 intelide - ok 01:01:32.0369 10232 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 01:01:32.0377 10232 intelppm - ok 01:01:32.0399 10232 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 01:01:32.0422 10232 IPBusEnum - ok 01:01:32.0436 10232 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 01:01:32.0458 10232 IpFilterDriver - ok 01:01:32.0493 10232 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 01:01:32.0504 10232 iphlpsvc - ok 01:01:32.0531 10232 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 01:01:32.0539 10232 IPMIDRV - ok 01:01:32.0558 10232 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 01:01:32.0581 10232 IPNAT - ok 01:01:32.0588 10232 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 01:01:32.0598 10232 IRENUM - ok 01:01:32.0615 10232 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 01:01:32.0623 10232 isapnp - ok 01:01:32.0649 10232 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 01:01:32.0659 10232 iScsiPrt - ok 01:01:32.0673 10232 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 01:01:32.0681 10232 kbdclass - ok 01:01:32.0694 10232 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 01:01:32.0702 10232 kbdhid - ok 01:01:32.0712 10232 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 01:01:32.0720 10232 KeyIso - ok 01:01:32.0741 10232 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 01:01:32.0750 10232 KSecDD - ok 01:01:32.0758 10232 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 01:01:32.0767 10232 KSecPkg - ok 01:01:32.0782 10232 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 01:01:32.0805 10232 ksthunk - ok 01:01:32.0829 10232 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 01:01:32.0854 10232 KtmRm - ok 01:01:32.0888 10232 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 01:01:32.0911 10232 LanmanServer - ok 01:01:32.0934 10232 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 01:01:32.0961 10232 LanmanWorkstation - ok 01:01:32.0970 10232 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 01:01:32.0993 10232 lltdio - ok 01:01:33.0022 10232 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 01:01:33.0047 10232 lltdsvc - ok 01:01:33.0062 10232 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 01:01:33.0085 10232 lmhosts - ok 01:01:33.0097 10232 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 01:01:33.0105 10232 LSI_FC - ok 01:01:33.0123 10232 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 01:01:33.0135 10232 LSI_SAS - ok 01:01:33.0143 10232 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 01:01:33.0151 10232 LSI_SAS2 - ok 01:01:33.0157 10232 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 01:01:33.0166 10232 LSI_SCSI - ok 01:01:33.0180 10232 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 01:01:33.0203 10232 luafv - ok 01:01:33.0227 10232 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 01:01:33.0236 10232 Mcx2Svc - ok 01:01:33.0249 10232 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 01:01:33.0257 10232 megasas - ok 01:01:33.0266 10232 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 01:01:33.0276 10232 MegaSR - ok 01:01:33.0313 10232 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 01:01:33.0320 10232 Microsoft Office Groove Audit Service - ok 01:01:33.0342 10232 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 01:01:33.0365 10232 MMCSS - ok 01:01:33.0382 10232 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 01:01:33.0405 10232 Modem - ok 01:01:33.0414 10232 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 01:01:33.0424 10232 monitor - ok 01:01:33.0434 10232 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys 01:01:33.0442 10232 mouclass - ok 01:01:33.0454 10232 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 01:01:33.0464 10232 mouhid - ok 01:01:33.0490 10232 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 01:01:33.0499 10232 mountmgr - ok 01:01:33.0521 10232 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 01:01:33.0528 10232 MozillaMaintenance - ok 01:01:33.0554 10232 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 01:01:33.0563 10232 mpio - ok 01:01:33.0584 10232 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 01:01:33.0607 10232 mpsdrv - ok 01:01:33.0643 10232 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 01:01:33.0670 10232 MpsSvc - ok 01:01:33.0695 10232 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 01:01:33.0707 10232 MRxDAV - ok 01:01:33.0737 10232 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 01:01:33.0745 10232 mrxsmb - ok 01:01:33.0754 10232 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 01:01:33.0764 10232 mrxsmb10 - ok 01:01:33.0777 10232 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 01:01:33.0785 10232 mrxsmb20 - ok 01:01:33.0814 10232 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 01:01:33.0821 10232 msahci - ok 01:01:33.0845 10232 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 01:01:33.0853 10232 msdsm - ok 01:01:33.0864 10232 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 01:01:33.0874 10232 MSDTC - ok 01:01:33.0889 10232 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 01:01:33.0912 10232 Msfs - ok 01:01:33.0925 10232 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 01:01:33.0948 10232 mshidkmdf - ok 01:01:33.0974 10232 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 01:01:33.0982 10232 msisadrv - ok 01:01:33.0999 10232 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 01:01:34.0022 10232 MSiSCSI - ok 01:01:34.0025 10232 msiserver - ok 01:01:34.0034 10232 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 01:01:34.0057 10232 MSKSSRV - ok 01:01:34.0059 10232 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 01:01:34.0082 10232 MSPCLOCK - ok 01:01:34.0085 10232 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 01:01:34.0107 10232 MSPQM - ok 01:01:34.0134 10232 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 01:01:34.0145 10232 MsRPC - ok 01:01:34.0174 10232 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 01:01:34.0181 10232 mssmbios - ok 01:01:34.0189 10232 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 01:01:34.0212 10232 MSTEE - ok 01:01:34.0225 10232 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 01:01:34.0233 10232 MTConfig - ok 01:01:34.0241 10232 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 01:01:34.0249 10232 Mup - ok 01:01:34.0280 10232 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 01:01:34.0305 10232 napagent - ok 01:01:34.0317 10232 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 01:01:34.0329 10232 NativeWifiP - ok 01:01:34.0368 10232 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 01:01:34.0384 10232 NDIS - ok 01:01:34.0398 10232 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 01:01:34.0421 10232 NdisCap - ok 01:01:34.0429 10232 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 01:01:34.0452 10232 NdisTapi - ok 01:01:34.0475 10232 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 01:01:34.0496 10232 Ndisuio - ok 01:01:34.0509 10232 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 01:01:34.0532 10232 NdisWan - ok 01:01:34.0568 10232 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 01:01:34.0590 10232 NDProxy - ok 01:01:34.0730 10232 [ 2AAE889742376EDC5C3203DFB74F28FD ] Nero BackItUp Scheduler 3 C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe 01:01:34.0743 10232 Nero BackItUp Scheduler 3 - ok 01:01:34.0772 10232 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 01:01:34.0794 10232 NetBIOS - ok 01:01:34.0873 10232 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 01:01:34.0896 10232 NetBT - ok 01:01:34.0903 10232 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 01:01:34.0911 10232 Netlogon - ok 01:01:34.0930 10232 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 01:01:34.0956 10232 Netman - ok 01:01:34.0983 10232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:01:34.0991 10232 NetMsmqActivator - ok 01:01:34.0993 10232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:01:35.0000 10232 NetPipeActivator - ok 01:01:35.0006 10232 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 01:01:35.0032 10232 netprofm - ok 01:01:35.0034 10232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:01:35.0041 10232 NetTcpActivator - ok 01:01:35.0044 10232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 01:01:35.0051 10232 NetTcpPortSharing - ok 01:01:35.0062 10232 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 01:01:35.0070 10232 nfrd960 - ok 01:01:35.0082 10232 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 01:01:35.0092 10232 NlaSvc - ok 01:01:35.0136 10232 [ CB992AE1506985D9167E85883B4C3240 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe 01:01:35.0146 10232 NMIndexingService - ok 01:01:35.0154 10232 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 01:01:35.0176 10232 Npfs - ok 01:01:35.0193 10232 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 01:01:35.0218 10232 nsi - ok 01:01:35.0234 10232 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 01:01:35.0257 10232 nsiproxy - ok 01:01:35.0305 10232 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 01:01:35.0327 10232 Ntfs - ok 01:01:35.0340 10232 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 01:01:35.0362 10232 Null - ok 01:01:35.0385 10232 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 01:01:35.0393 10232 NVHDA - ok 01:01:35.0576 10232 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 01:01:35.0707 10232 nvlddmkm - ok 01:01:35.0724 10232 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 01:01:35.0733 10232 nvraid - ok 01:01:35.0762 10232 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 01:01:35.0771 10232 nvstor - ok 01:01:35.0808 10232 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe 01:01:35.0822 10232 nvsvc - ok 01:01:35.0865 10232 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 01:01:35.0883 10232 nvUpdatusService - ok 01:01:35.0901 10232 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 01:01:35.0910 10232 nv_agp - ok 01:01:35.0961 10232 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 01:01:35.0970 10232 odserv - ok 01:01:35.0988 10232 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 01:01:35.0996 10232 ohci1394 - ok 01:01:36.0014 10232 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 01:01:36.0022 10232 ose - ok 01:01:36.0046 10232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 01:01:36.0056 10232 p2pimsvc - ok 01:01:36.0066 10232 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 01:01:36.0076 10232 p2psvc - ok 01:01:36.0097 10232 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 01:01:36.0105 10232 Parport - ok 01:01:36.0138 10232 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 01:01:36.0146 10232 partmgr - ok 01:01:36.0158 10232 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 01:01:36.0170 10232 PcaSvc - ok 01:01:36.0189 10232 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 01:01:36.0198 10232 pci - ok 01:01:36.0217 10232 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 01:01:36.0224 10232 pciide - ok 01:01:36.0244 10232 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 01:01:36.0253 10232 pcmcia - ok 01:01:36.0265 10232 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 01:01:36.0273 10232 pcw - ok 01:01:36.0293 10232 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 01:01:36.0326 10232 PEAUTH - ok 01:01:36.0377 10232 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 01:01:36.0388 10232 PerfHost - ok 01:01:36.0436 10232 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 01:01:36.0467 10232 pla - ok 01:01:36.0487 10232 [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe 01:01:36.0490 10232 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning 01:01:36.0490 10232 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1) 01:01:36.0530 10232 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 01:01:36.0540 10232 PlugPlay - ok 01:01:36.0543 10232 PnkBstrA - ok 01:01:36.0545 10232 PnkBstrB - ok 01:01:36.0559 10232 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 01:01:36.0568 10232 PNRPAutoReg - ok 01:01:36.0579 10232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 01:01:36.0589 10232 PNRPsvc - ok 01:01:36.0624 10232 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 01:01:36.0649 10232 PolicyAgent - ok 01:01:36.0670 10232 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 01:01:36.0695 10232 Power - ok 01:01:36.0718 10232 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 01:01:36.0740 10232 PptpMiniport - ok 01:01:36.0759 10232 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 01:01:36.0767 10232 Processor - ok 01:01:36.0808 10232 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 01:01:36.0817 10232 ProfSvc - ok 01:01:36.0828 10232 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 01:01:36.0836 10232 ProtectedStorage - ok 01:01:36.0844 10232 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 01:01:36.0866 10232 Psched - ok 01:01:36.0890 10232 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 01:01:36.0911 10232 ql2300 - ok 01:01:36.0929 10232 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 01:01:36.0938 10232 ql40xx - ok 01:01:36.0959 10232 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 01:01:36.0972 10232 QWAVE - ok 01:01:36.0983 10232 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 01:01:36.0993 10232 QWAVEdrv - ok 01:01:36.0999 10232 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 01:01:37.0022 10232 RasAcd - ok 01:01:37.0034 10232 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 01:01:37.0057 10232 RasAgileVpn - ok 01:01:37.0066 10232 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 01:01:37.0090 10232 RasAuto - ok 01:01:37.0121 10232 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 01:01:37.0143 10232 Rasl2tp - ok 01:01:37.0152 10232 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 01:01:37.0177 10232 RasMan - ok 01:01:37.0203 10232 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 01:01:37.0226 10232 RasPppoe - ok 01:01:37.0238 10232 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 01:01:37.0261 10232 RasSstp - ok 01:01:37.0271 10232 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 01:01:37.0294 10232 rdbss - ok 01:01:37.0307 10232 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 01:01:37.0317 10232 rdpbus - ok 01:01:37.0330 10232 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 01:01:37.0352 10232 RDPCDD - ok 01:01:37.0359 10232 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 01:01:37.0381 10232 RDPENCDD - ok 01:01:37.0384 10232 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 01:01:37.0407 10232 RDPREFMP - ok 01:01:37.0434 10232 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 01:01:37.0443 10232 RDPWD - ok 01:01:37.0473 10232 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 01:01:37.0482 10232 rdyboost - ok 01:01:37.0505 10232 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 01:01:37.0529 10232 RemoteAccess - ok 01:01:37.0543 10232 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 01:01:37.0567 10232 RemoteRegistry - ok 01:01:37.0578 10232 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 01:01:37.0601 10232 RpcEptMapper - ok 01:01:37.0611 10232 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 01:01:37.0620 10232 RpcLocator - ok 01:01:37.0651 10232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 01:01:37.0677 10232 RpcSs - ok 01:01:37.0703 10232 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 01:01:37.0726 10232 rspndr - ok 01:01:37.0743 10232 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 01:01:37.0751 10232 RTL8167 - ok 01:01:37.0761 10232 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 01:01:37.0770 10232 SamSs - ok 01:01:37.0823 10232 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\Sandra.sys 01:01:37.0828 10232 SANDRA - ok 01:01:37.0842 10232 [ 5FDF2605205C73E05316795DCC6663EC ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe 01:01:37.0845 10232 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning 01:01:37.0845 10232 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1) 01:01:37.0866 10232 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 01:01:37.0874 10232 sbp2port - ok 01:01:37.0896 10232 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 01:01:37.0920 10232 SCardSvr - ok 01:01:37.0944 10232 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 01:01:37.0966 10232 scfilter - ok 01:01:38.0001 10232 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 01:01:38.0031 10232 Schedule - ok 01:01:38.0058 10232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 01:01:38.0080 10232 SCPolicySvc - ok 01:01:38.0113 10232 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 01:01:38.0122 10232 SDRSVC - ok 01:01:38.0142 10232 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 01:01:38.0164 10232 secdrv - ok 01:01:38.0172 10232 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 01:01:38.0195 10232 seclogon - ok 01:01:38.0210 10232 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 01:01:38.0233 10232 SENS - ok 01:01:38.0244 10232 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 01:01:38.0252 10232 SensrSvc - ok 01:01:38.0257 10232 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 01:01:38.0265 10232 Serenum - ok 01:01:38.0281 10232 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 01:01:38.0290 10232 Serial - ok 01:01:38.0308 10232 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 01:01:38.0318 10232 sermouse - ok 01:01:38.0347 10232 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 01:01:38.0370 10232 SessionEnv - ok 01:01:38.0391 10232 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 01:01:38.0400 10232 sffdisk - ok 01:01:38.0421 10232 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 01:01:38.0431 10232 sffp_mmc - ok 01:01:38.0436 10232 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 01:01:38.0445 10232 sffp_sd - ok 01:01:38.0468 10232 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 01:01:38.0476 10232 sfloppy - ok 01:01:38.0502 10232 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 01:01:38.0527 10232 SharedAccess - ok 01:01:38.0550 10232 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 01:01:38.0574 10232 ShellHWDetection - ok 01:01:38.0588 10232 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 01:01:38.0596 10232 SiSRaid2 - ok 01:01:38.0604 10232 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 01:01:38.0612 10232 SiSRaid4 - ok 01:01:38.0639 10232 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 01:01:38.0646 10232 SkypeUpdate - ok 01:01:38.0660 10232 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 01:01:38.0683 10232 Smb - ok 01:01:38.0707 10232 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 01:01:38.0716 10232 SNMPTRAP - ok 01:01:38.0730 10232 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 01:01:38.0738 10232 spldr - ok 01:01:38.0767 10232 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 01:01:38.0779 10232 Spooler - ok 01:01:38.0842 10232 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 01:01:38.0888 10232 sppsvc - ok 01:01:38.0905 10232 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 01:01:38.0929 10232 sppuinotify - ok 01:01:38.0962 10232 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys 01:01:38.0962 10232 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB 01:01:38.0962 10232 sptd ( LockedFile.Multi.Generic ) - warning 01:01:38.0962 10232 sptd - detected LockedFile.Multi.Generic (1) 01:01:38.0989 10232 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 01:01:39.0000 10232 srv - ok 01:01:39.0033 10232 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 01:01:39.0043 10232 srv2 - ok 01:01:39.0053 10232 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 01:01:39.0061 10232 srvnet - ok 01:01:39.0074 10232 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 01:01:39.0098 10232 SSDPSRV - ok 01:01:39.0112 10232 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 01:01:39.0135 10232 SstpSvc - ok 01:01:39.0144 10232 Steam Client Service - ok 01:01:39.0178 10232 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 01:01:39.0188 10232 Stereo Service - ok 01:01:39.0202 10232 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 01:01:39.0210 10232 stexstor - ok 01:01:39.0243 10232 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 01:01:39.0258 10232 stisvc - ok 01:01:39.0285 10232 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 01:01:39.0292 10232 swenum - ok 01:01:39.0320 10232 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 01:01:39.0346 10232 swprv - ok 01:01:39.0393 10232 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 01:01:39.0416 10232 SysMain - ok 01:01:39.0434 10232 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 01:01:39.0446 10232 TabletInputService - ok 01:01:39.0475 10232 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 01:01:39.0499 10232 TapiSrv - ok 01:01:39.0510 10232 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 01:01:39.0533 10232 TBS - ok 01:01:39.0579 10232 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 01:01:39.0604 10232 Tcpip - ok 01:01:39.0621 10232 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 01:01:39.0646 10232 TCPIP6 - ok 01:01:39.0676 10232 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 01:01:39.0684 10232 tcpipreg - ok 01:01:39.0708 10232 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 01:01:39.0715 10232 TDPIPE - ok 01:01:39.0737 10232 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 01:01:39.0744 10232 TDTCP - ok 01:01:39.0767 10232 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 01:01:39.0789 10232 tdx - ok 01:01:39.0861 10232 [ C9B9373A0A430C11F0213E359D0772B2 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 01:01:39.0894 10232 TeamViewer7 - ok 01:01:39.0917 10232 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 01:01:39.0925 10232 TermDD - ok 01:01:40.0037 10232 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 01:01:40.0063 10232 TermService - ok 01:01:40.0081 10232 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys 01:01:40.0089 10232 TFsExDisk - ok 01:01:40.0109 10232 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 01:01:40.0120 10232 Themes - ok 01:01:40.0141 10232 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 01:01:40.0164 10232 THREADORDER - ok 01:01:40.0172 10232 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 01:01:40.0195 10232 TrkWks - ok 01:01:40.0237 10232 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 01:01:40.0260 10232 TrustedInstaller - ok 01:01:40.0279 10232 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 01:01:40.0301 10232 tssecsrv - ok 01:01:40.0324 10232 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 01:01:40.0332 10232 TsUsbFlt - ok 01:01:40.0344 10232 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 01:01:40.0367 10232 tunnel - ok 01:01:40.0381 10232 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 01:01:40.0389 10232 uagp35 - ok 01:01:40.0401 10232 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 01:01:40.0425 10232 udfs - ok 01:01:40.0447 10232 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 01:01:40.0456 10232 UI0Detect - ok 01:01:40.0462 10232 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 01:01:40.0470 10232 uliagpkx - ok 01:01:40.0494 10232 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 01:01:40.0502 10232 umbus - ok 01:01:40.0514 10232 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 01:01:40.0522 10232 UmPass - ok 01:01:40.0532 10232 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 01:01:40.0557 10232 upnphost - ok 01:01:40.0583 10232 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 01:01:40.0593 10232 usbaudio - ok 01:01:40.0627 10232 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 01:01:40.0635 10232 usbccgp - ok 01:01:40.0654 10232 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 01:01:40.0664 10232 usbcir - ok 01:01:40.0672 10232 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 01:01:40.0680 10232 usbehci - ok 01:01:40.0690 10232 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 01:01:40.0699 10232 usbhub - ok 01:01:40.0714 10232 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 01:01:40.0722 10232 usbohci - ok 01:01:40.0729 10232 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 01:01:40.0739 10232 usbprint - ok 01:01:40.0758 10232 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 01:01:40.0767 10232 usbscan - ok 01:01:40.0782 10232 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 01:01:40.0790 10232 USBSTOR - ok 01:01:40.0814 10232 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 01:01:40.0821 10232 usbuhci - ok 01:01:40.0840 10232 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys 01:01:40.0847 10232 usb_rndisx - ok 01:01:40.0865 10232 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 01:01:40.0888 10232 UxSms - ok 01:01:40.0894 10232 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 01:01:40.0902 10232 VaultSvc - ok 01:01:40.0916 10232 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 01:01:40.0924 10232 vdrvroot - ok 01:01:40.0943 10232 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 01:01:40.0969 10232 vds - ok 01:01:40.0991 10232 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 01:01:41.0001 10232 vga - ok 01:01:41.0013 10232 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 01:01:41.0037 10232 VgaSave - ok 01:01:41.0089 10232 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 01:01:41.0098 10232 vhdmp - ok 01:01:41.0110 10232 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 01:01:41.0118 10232 viaide - ok 01:01:41.0125 10232 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 01:01:41.0133 10232 volmgr - ok 01:01:41.0141 10232 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 01:01:41.0152 10232 volmgrx - ok 01:01:41.0165 10232 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 01:01:41.0175 10232 volsnap - ok 01:01:41.0184 10232 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 01:01:41.0194 10232 vsmraid - ok 01:01:41.0237 10232 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 01:01:41.0269 10232 VSS - ok 01:01:41.0277 10232 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 01:01:41.0286 10232 vwifibus - ok 01:01:41.0307 10232 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 01:01:41.0332 10232 W32Time - ok 01:01:41.0350 10232 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 01:01:41.0358 10232 WacomPen - ok 01:01:41.0387 10232 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 01:01:41.0409 10232 WANARP - ok 01:01:41.0412 10232 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 01:01:41.0434 10232 Wanarpv6 - ok 01:01:41.0469 10232 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 01:01:41.0487 10232 wbengine - ok 01:01:41.0501 10232 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 01:01:41.0513 10232 WbioSrvc - ok 01:01:41.0546 10232 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 01:01:41.0560 10232 wcncsvc - ok 01:01:41.0575 10232 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 01:01:41.0584 10232 WcsPlugInService - ok 01:01:41.0598 10232 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 01:01:41.0606 10232 Wd - ok 01:01:41.0637 10232 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 01:01:41.0653 10232 Wdf01000 - ok 01:01:41.0665 10232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 01:01:41.0677 10232 WdiServiceHost - ok 01:01:41.0679 10232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 01:01:41.0691 10232 WdiSystemHost - ok 01:01:41.0702 10232 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 01:01:41.0715 10232 WebClient - ok 01:01:41.0735 10232 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 01:01:41.0759 10232 Wecsvc - ok 01:01:41.0772 10232 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 01:01:41.0796 10232 wercplsupport - ok 01:01:41.0805 10232 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 01:01:41.0828 10232 WerSvc - ok 01:01:41.0848 10232 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 01:01:41.0870 10232 WfpLwf - ok 01:01:41.0874 10232 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 01:01:41.0882 10232 WIMMount - ok 01:01:41.0895 10232 WinDefend - ok 01:01:41.0898 10232 WinHttpAutoProxySvc - ok 01:01:41.0929 10232 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 01:01:41.0953 10232 Winmgmt - ok 01:01:42.0005 10232 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 01:01:42.0041 10232 WinRM - ok 01:01:42.0066 10232 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 01:01:42.0076 10232 WinUsb - ok 01:01:42.0105 10232 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 01:01:42.0122 10232 Wlansvc - ok 01:01:42.0140 10232 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 01:01:42.0148 10232 WmiAcpi - ok 01:01:42.0187 10232 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 01:01:42.0197 10232 wmiApSrv - ok 01:01:42.0209 10232 WMPNetworkSvc - ok 01:01:42.0220 10232 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 01:01:42.0229 10232 WPCSvc - ok 01:01:42.0255 10232 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 01:01:42.0265 10232 WPDBusEnum - ok 01:01:42.0277 10232 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 01:01:42.0300 10232 ws2ifsl - ok 01:01:42.0320 10232 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 01:01:42.0331 10232 wscsvc - ok 01:01:42.0334 10232 WSearch - ok 01:01:42.0386 10232 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 01:01:42.0417 10232 wuauserv - ok 01:01:42.0439 10232 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 01:01:42.0447 10232 WudfPf - ok 01:01:42.0451 10232 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 01:01:42.0460 10232 WUDFRd - ok 01:01:42.0483 10232 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 01:01:42.0492 10232 wudfsvc - ok 01:01:42.0510 10232 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 01:01:42.0523 10232 WwanSvc - ok 01:01:42.0527 10232 ================ Scan global =============================== 01:01:42.0555 10232 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 01:01:42.0581 10232 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 01:01:42.0585 10232 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll 01:01:42.0605 10232 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 01:01:42.0617 10232 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 01:01:42.0619 10232 [Global] - ok 01:01:42.0620 10232 ================ Scan MBR ================================== 01:01:42.0621 10232 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 01:01:42.0693 10232 \Device\Harddisk0\DR0 - ok 01:01:42.0700 10232 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 01:01:42.0876 10232 \Device\Harddisk1\DR1 - ok 01:01:42.0878 10232 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 01:01:42.0947 10232 \Device\Harddisk2\DR2 - ok 01:01:42.0952 10232 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR3 01:01:43.0277 10232 \Device\Harddisk3\DR3 - ok 01:01:43.0277 10232 ================ Scan VBR ================================== 01:01:43.0278 10232 [ 35E85FDE3DA4D1873BF22BC5D452E893 ] \Device\Harddisk0\DR0\Partition1 01:01:43.0279 10232 \Device\Harddisk0\DR0\Partition1 - ok 01:01:43.0280 10232 [ A8AE9DABE6F58246C31C7BA88DD604F4 ] \Device\Harddisk1\DR1\Partition1 01:01:43.0281 10232 \Device\Harddisk1\DR1\Partition1 - ok 01:01:43.0296 10232 [ 0D0526BAF4BC3B0FD9E913613D16D585 ] \Device\Harddisk1\DR1\Partition2 01:01:43.0297 10232 \Device\Harddisk1\DR1\Partition2 - ok 01:01:43.0299 10232 [ 65173EA24E1306D17A53FB04E6A7FFE0 ] \Device\Harddisk2\DR2\Partition1 01:01:43.0301 10232 \Device\Harddisk2\DR2\Partition1 - ok 01:01:43.0303 10232 [ BE4323B7799E9662C2CC8109B4A1DBD5 ] \Device\Harddisk3\DR3\Partition1 01:01:43.0304 10232 \Device\Harddisk3\DR3\Partition1 - ok 01:01:43.0305 10232 ============================================================ 01:01:43.0305 10232 Scan finished 01:01:43.0305 10232 ============================================================ 01:01:43.0309 9408 Detected object count: 4 01:01:43.0309 9408 Actual detected object count: 4 01:02:55.0034 9408 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 01:02:55.0034 9408 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:02:55.0034 9408 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user 01:02:55.0034 9408 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:02:55.0035 9408 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user 01:02:55.0035 9408 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 01:02:55.0036 9408 sptd ( LockedFile.Multi.Generic ) - skipped by user 01:02:55.0036 9408 sptd ( LockedFile.Multi.Generic ) - User select action: |
|
02.01.2013, 21:25
| #11 | |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? Hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.01.2013, 22:41
| #12 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? Markus eine Frage,ich habe seit dem vorletzten Schritt von dir keine Probleme mehr.Soll ich den letzten Schritt von dir dennoch ausführen? |
|
03.01.2013, 18:45
| #13 |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? Ja, bis zum Ende mitarbeiten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 22:06
| #14 |
| | Pc gesperrt.Zahle 100 Euro.Was nun? Combofix Logfile: Code:
ATTFilter ComboFix 13-01-03.05 - Alex 03.01.2013 21:56:53.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8190.5520 [GMT 1:00]
ausgeführt von:: c:\users\Alex\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\dsgsdgdsgdsgw.pad
c:\programdata\NetServices
c:\users\Alex\AppData\Roaming\master
F:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-03 bis 2013-01-03 ))))))))))))))))))))))))))))))
.
.
2013-01-01 22:13 . 2013-01-01 22:13 -------- d-----w- c:\programdata\boost_interprocess
2012-12-30 22:12 . 2013-01-01 01:15 -------- d-----w- c:\windows\SysWow64\Adobe
2012-12-29 19:03 . 2012-12-29 19:03 -------- d-----w- c:\users\Alex\AppData\Local\CRE
2012-12-29 19:03 . 2012-12-29 19:03 -------- d-----w- c:\program files (x86)\Conduit
2012-12-29 19:03 . 2012-12-29 19:03 -------- d-----w- c:\users\Alex\AppData\Local\Conduit
2012-12-29 19:03 . 2012-12-29 19:03 -------- d-----w- c:\program files (x86)\BittorrentBar_DE
2012-12-29 19:03 . 2012-12-29 19:03 -------- d-----w- c:\program files (x86)\BitTorrent
2012-12-29 19:02 . 2013-01-03 20:56 -------- d-----w- c:\users\Alex\AppData\Roaming\BitTorrent
2012-12-28 12:25 . 2012-12-28 12:26 -------- d-----w- c:\users\Alex\AppData\Roaming\FreeBurner
2012-12-28 12:25 . 2011-09-28 08:20 484352 ----a-w- c:\windows\SysWow64\lame_enc.dll
2012-12-28 12:25 . 2011-09-28 08:20 200704 ----a-w- c:\windows\SysWow64\vbalExpBar6.ocx
2012-12-28 12:25 . 2011-09-28 08:20 40960 ----a-w- c:\windows\SysWow64\SSubTmr6.dll
2012-12-28 12:25 . 2011-09-28 08:20 32768 ----a-w- c:\windows\SysWow64\CMDLGFR.DLL
2012-12-28 12:25 . 2011-09-28 08:20 15360 ----a-w- c:\windows\SysWow64\inetfr.DLL
2012-12-28 12:25 . 2011-09-28 08:20 152848 ----a-w- c:\windows\SysWow64\COMDLG32.OCX
2012-12-28 12:25 . 2011-09-28 08:20 141312 ----a-w- c:\windows\SysWow64\MSCMCFR.DLL
2012-12-28 12:25 . 2011-09-28 08:20 119568 ----a-w- c:\windows\SysWow64\VB6FR.DLL
2012-12-28 12:25 . 2011-09-28 08:20 115920 ----a-w- c:\windows\SysWow64\msinet.OCX
2012-12-28 12:25 . 2011-09-28 08:20 101888 ----a-w- c:\windows\SysWow64\VB6STKIT.DLL
2012-12-28 12:25 . 2012-12-28 12:25 -------- d-----w- c:\program files (x86)\Free Easy CD DVD Burner
2012-12-26 22:30 . 2012-12-26 22:30 2865 ----a-w- c:\programdata\dsgsdgdsgdsgw.js
2012-12-26 20:21 . 2012-12-26 20:20 826654 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\unins000.exe
2012-12-26 12:25 . 2012-12-26 12:25 -------- d-----w- c:\users\Alex\AppData\Local\QuteScoop
2012-12-26 12:25 . 2012-12-26 12:25 -------- d-----w- c:\program files (x86)\QuteScoop
2012-12-23 23:33 . 2012-12-26 14:14 -------- d-----w- c:\program files (x86)\XAcars for MSFS
2012-12-23 23:31 . 2012-12-23 23:31 119 --sh--w- c:\windows\cnerolf.bin
2012-12-23 23:19 . 2009-06-03 18:09 270336 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Mallorca X SC\LEPATraffic.exe
2012-12-23 23:15 . 2009-02-16 01:00 286720 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\German Airports 3\EDDHTraffic.exe
2012-12-23 23:14 . 2009-06-05 00:20 60400 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_SP2.dll
2012-12-23 23:14 . 2009-06-05 00:20 60400 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\VMCX_AP.dll
2012-12-23 23:14 . 2009-06-05 00:20 56304 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX_AP.dll
2012-12-23 23:14 . 2009-06-05 00:20 56304 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaIScnX.dll
2012-12-23 23:14 . 2009-06-05 00:20 19952 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET_AP.dll
2012-12-23 23:14 . 2009-06-05 00:20 19440 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\ViMaNET.dll
2012-12-23 23:14 . 2009-06-05 00:20 16368 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\ViMaCoreX.dll
2012-12-23 23:14 . 2009-06-05 00:20 13824 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\VistaMare\bin\hkeys.dll
2012-12-23 23:13 . 2009-08-25 09:21 1055232 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\German Airports 3\LuftbildtexturenBremen.exe
2012-12-23 23:13 . 2009-07-19 01:00 253952 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\German Airports 3\EDDWTraffic.exe
2012-12-23 23:09 . 2008-11-25 09:27 3696640 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\aerosoft\Season.exe
2012-12-23 23:05 . 2008-05-26 19:38 21272 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG_SimConnect_Ldr.dll
2012-12-23 23:05 . 2008-05-26 19:38 14104 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\WaveLib.dll
2012-12-23 23:05 . 2007-04-28 22:30 118784 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\TCAS2v7.dll
2012-12-23 23:04 . 2008-05-26 19:38 115480 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\747400_LoadManager.exe
2012-12-23 23:04 . 2008-05-26 19:42 7232792 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_747400_Main.dll
2012-12-23 23:04 . 2008-05-26 19:40 9803544 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_747400_Overhead.dll
2012-12-23 23:04 . 2008-05-26 19:40 4593944 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_747400_Center.dll
2012-12-23 23:04 . 2008-05-26 19:38 98584 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_747400_ACS.dll
2012-12-23 23:04 . 2008-05-26 19:38 305944 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\dlls\PMDGOptions.dll
2012-12-23 23:04 . 2008-05-26 19:38 80152 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\dlls\PMDGEvents.dll
2012-12-23 23:04 . 2008-05-26 19:38 51480 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\dlls\PMDGSounds.dll
2012-12-23 18:28 . 2012-12-23 18:30 -------- d-----w- c:\program files (x86)\FSFDT
2012-12-23 18:25 . 2012-12-23 18:26 179 ----a-w- c:\users\Alex\FSDreamTeam_GSX.reg
2012-12-23 18:16 . 2012-12-23 18:16 -------- d-----w- c:\programdata\Virtuali
2012-12-23 18:15 . 2012-12-23 18:15 -------- d-----w- c:\programdata\Licenses
2012-12-20 23:20 . 2012-12-20 23:20 -------- d-----w- c:\programdata\FLEXnet
2012-12-20 23:15 . 2012-12-20 23:15 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-12-20 23:14 . 2011-12-09 11:39 12288 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\dlls\PMDG_HUD_interface.dll
2012-12-20 23:14 . 2011-10-31 17:14 1167360 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\PMDG 737 NGX\PerfMan\NGXPerfMan.exe
2012-12-20 23:13 . 2011-12-08 19:31 532480 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_737NGX_3.dll
2012-12-20 23:13 . 2011-11-10 17:26 1262592 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\PMDG\Livery Manager\PMDG_Livery_Manager.exe
2012-12-20 23:13 . 2011-12-09 11:43 4542464 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_737NGX_2.dll
2012-12-20 23:13 . 2011-12-09 11:43 99256320 ----a-w- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\Gauges\PMDG_737NGX.dll
2012-12-20 23:13 . 2010-11-20 16:01 268624 ----a-r- c:\program files (x86)\Microsoft Games\Microsoft Flight Simulator X\FnpCommsSoap.dll
2012-12-20 09:25 . 2012-12-20 09:25 -------- d-----w- c:\program files (x86)\Rainlendar2
2012-12-20 09:19 . 2013-01-03 16:16 -------- d-----w- c:\users\Alex\.rainlendar2
2012-12-14 10:50 . 2013-01-01 01:21 -------- d-----w- c:\users\Alex\AppData\Local\Google
2012-12-14 10:50 . 2013-01-01 01:21 -------- d-----w- c:\program files (x86)\Google
2012-12-12 17:45 . 2012-12-12 17:45 -------- d-----w- c:\programdata\Nikon
2012-12-11 09:58 . 2012-12-11 09:58 -------- d-----w- c:\users\Alex\AppData\Roaming\Nikon
2012-12-11 09:58 . 2012-12-11 09:58 -------- d-----w- c:\users\Alex\AppData\Local\Nikon
2012-12-11 09:22 . 2012-12-11 09:24 -------- d-----w- c:\program files (x86)\ALDI Bestellsoftware
2012-12-07 19:31 . 2012-12-07 19:31 -------- d-----w- c:\users\Alex\AppData\Local\City Bus Simulator Muenchen
2012-12-07 16:39 . 2012-12-07 16:39 -------- d-----w- c:\windows\TML-Studios
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 20:06 . 2012-10-22 18:03 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-03 20:06 . 2012-10-19 03:19 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-03 20:06 . 2012-10-19 03:19 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-12 17:28 . 2012-10-18 23:51 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 17:28 . 2012-10-18 23:51 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 21:02 . 2012-10-19 00:06 99912 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2012-12-11 21:02 . 2012-10-19 00:06 129216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2012-11-26 17:12 . 2012-10-19 03:19 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-21 13:10 . 2012-11-21 13:10 3123272 ----a-r- c:\windows\SysWow64\pbsvc.exe
2012-11-14 16:06 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-11-14 16:06 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-11-14 14:06 . 2012-11-14 14:06 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-11-14 14:06 . 2012-11-14 14:06 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-11-14 14:06 . 2012-11-14 14:06 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 14:06 . 2012-11-14 14:06 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-11-14 14:06 . 2012-11-14 14:06 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-11-14 14:06 . 2012-11-14 14:06 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-11-14 14:06 . 2012-11-14 14:06 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 14:06 . 2012-11-14 14:06 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-11-14 14:06 . 2012-11-14 14:06 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-11-14 14:06 . 2012-11-14 14:06 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-11-14 14:06 . 2012-11-14 14:06 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 14:06 . 2012-11-14 14:06 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-11-14 14:06 . 2012-11-14 14:06 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-11-14 14:06 . 2012-11-14 14:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-14 14:06 . 2012-11-14 14:06 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-11-14 14:06 . 2012-11-14 14:06 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-11-14 14:06 . 2012-11-14 14:06 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-11-14 14:06 . 2012-11-14 14:06 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 14:06 . 2012-11-14 14:06 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 14:06 . 2012-11-14 14:06 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-11-14 14:06 . 2012-11-14 14:06 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-11-14 14:06 . 2012-11-14 14:06 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-11-14 14:06 . 2012-11-14 14:06 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 14:06 . 2012-11-14 14:06 222208 ----a-w- c:\windows\system32\msls31.dll
2012-11-14 14:06 . 2012-11-14 14:06 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 14:06 . 2012-11-14 14:06 197120 ----a-w- c:\windows\system32\msrating.dll
2012-11-14 14:06 . 2012-11-14 14:06 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 14:06 . 2012-11-14 14:06 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 14:06 . 2012-11-14 14:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 14:06 . 2012-11-14 14:06 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 14:06 . 2012-11-14 14:06 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-11-14 14:06 . 2012-11-14 14:06 89088 ----a-w- c:\windows\system32\ie4uinit.exe
2012-11-14 14:06 . 2012-11-14 14:06 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-11-14 14:06 . 2012-11-14 14:06 82432 ----a-w- c:\windows\system32\icardie.dll
2012-11-14 14:06 . 2012-11-14 14:06 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 14:06 . 2012-11-14 14:06 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-11-14 14:06 . 2012-11-14 14:06 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 14:06 . 2012-11-14 14:06 65024 ----a-w- c:\windows\system32\pngfilt.dll
2012-11-14 14:06 . 2012-11-14 14:06 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 14:06 . 2012-11-14 14:06 55296 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-11-14 14:06 . 2012-11-14 14:06 534528 ----a-w- c:\windows\system32\ieapfltr.dll
2012-11-14 14:06 . 2012-11-14 14:06 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-11-14 14:06 . 2012-11-14 14:06 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-11-14 14:06 . 2012-11-14 14:06 452608 ----a-w- c:\windows\system32\dxtmsft.dll
2012-11-14 14:06 . 2012-11-14 14:06 448512 ----a-w- c:\windows\system32\html.iec
2012-11-14 14:06 . 2012-11-14 14:06 403248 ----a-w- c:\windows\system32\iedkcs32.dll
2012-11-14 14:06 . 2012-11-14 14:06 39936 ----a-w- c:\windows\system32\iernonce.dll
2012-11-14 14:06 . 2012-11-14 14:06 3695416 ----a-w- c:\windows\system32\ieapfltr.dat
2012-11-14 14:06 . 2012-11-14 14:06 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-11-14 14:06 . 2012-11-14 14:06 282112 ----a-w- c:\windows\system32\dxtrans.dll
2012-11-14 14:06 . 2012-11-14 14:06 267776 ----a-w- c:\windows\system32\ieaksie.dll
2012-11-14 14:06 . 2012-11-14 14:06 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-11-14 14:06 . 2012-11-14 14:06 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 14:06 . 2012-11-14 14:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 14:06 . 2012-11-14 14:06 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 14:06 . 2012-11-14 14:06 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 14:06 . 2012-11-14 14:06 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 14:06 . 2012-11-14 14:06 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-11-14 14:06 . 2012-11-14 14:06 163840 ----a-w- c:\windows\system32\ieakui.dll
2012-11-14 14:06 . 2012-11-14 14:06 160256 ----a-w- c:\windows\system32\wextract.exe
2012-11-14 14:06 . 2012-11-14 14:06 160256 ----a-w- c:\windows\system32\ieakeng.dll
2012-11-14 14:06 . 2012-11-14 14:06 149504 ----a-w- c:\windows\system32\occache.dll
2012-11-14 14:06 . 2012-11-14 14:06 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 14:06 . 2012-11-14 14:06 145920 ----a-w- c:\windows\system32\iepeers.dll
2012-11-14 14:06 . 2012-11-14 14:06 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-11-14 14:06 . 2012-11-14 14:06 12288 ----a-w- c:\windows\system32\mshta.exe
2012-11-14 14:06 . 2012-11-14 14:06 114176 ----a-w- c:\windows\system32\admparse.dll
2012-11-14 14:06 . 2012-11-14 14:06 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-11-14 14:06 . 2012-11-14 14:06 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 14:06 . 2012-11-14 14:06 10752 ----a-w- c:\windows\system32\msfeedssync.exe
2012-11-14 14:06 . 2012-11-14 14:06 103936 ----a-w- c:\windows\system32\inseng.dll
2012-11-10 01:56 . 2012-11-10 01:56 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-10 01:56 . 2012-11-10 01:56 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-10 01:56 . 2012-11-10 01:56 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-29 20:04 . 2012-11-14 13:53 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-19 01:54 . 2012-10-19 01:34 80896 ----a-w- c:\windows\cadkasdeinst01.exe
2012-10-18 18:25 . 2012-11-14 12:56 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-10-09 18:17 . 2012-11-16 11:36 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-16 11:36 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-16 11:36 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 11:36 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}"= "c:\program files (x86)\BittorrentBar_DE\prxtbBitt.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\BittorrentBar_DE\prxtbBitt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}"= "c:\program files (x86)\BittorrentBar_DE\prxtbBitt.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-12-03 1354736]
"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2011-01-06 2342400]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-12-29 2550640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-12-11 384800]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-23 926896]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"NBKeyScan"="c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
.
c:\users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-6 3768176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe [2008-09-04 68760]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-11-05 834544]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [2010-02-24 191616]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-11 85280]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_0\bin\fbguard.exe [2008-04-23 81920]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-10-23 2848168]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\Firebird_2_0\bin\fbserver.exe [2008-04-23 2015232]
S3 RTL8167;Realtek 8167 NT-Treiber;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 17:28]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-14 10:50]
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-14 10:50]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Alex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\gdfbx069.default\
FF - prefs.js: browser.search.selectedEngine - foxsearch
FF - prefs.js: browser.startup.homepage - hxxp://freemail.de/
FF - prefs.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - ExtSQL: 2012-11-05 18:09; DTToolbar@toolbarnet.com; c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\gdfbx069.default\extensions\DTToolbar@toolbarnet.com
FF - ExtSQL: 2012-12-29 20:03; {64ead72b-ffd4-4e01-aa3a-4c71665d73e4}; c:\users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\gdfbx069.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
FF - user.js: browser.search.selectedEngine - foxsearch
FF - user.js: browser.search.order.1 - foxsearch
FF - user.js: browser.search.defaultenginename - foxsearch
FF - user.js: keyword.URL - hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-03 22:04:32
ComboFix-quarantined-files.txt 2013-01-03 21:04
.
Vor Suchlauf: 7 Verzeichnis(se), 517.726.793.728 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 517.725.769.728 Bytes frei
.
- - End Of File - - 7D930782E500492EAB30322312C71318
|
|
04.01.2013, 15:37
| #15 |
| /// Malware-holic | Pc gesperrt.Zahle 100 Euro.Was nun? malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Pc gesperrt.Zahle 100 Euro.Was nun? |
| abgebrochen, abmelden, antivir, bezahlen, bild, datensicherheit, euro, fenster, folge, folgendes, gesperrt, hallo zusammen, hoffe, klasse, klicke, konnte, laufen, nicht mehr, pcs, rechner, rechts, sicherheit, starte, zusammen |
Linear-Darstellung
