| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.01.2013, 13:49
| #1 |
 |  Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Hallo Habe mir wohl schon vor längerer Zeit diesen Virus eingefangen und im Internet versucht mir einige Beseitigungsvorschläge einzuholen. Aber da ich nicht so viel Ahnung habe mit speziellen Fachbegriffen, verweilt Dieser immernoch auf meinem PC. Kaspersky findet Ihn, kann Ihn aber nicht löschen, da irreparabel. Hatte gelesen ich müsse die neuste Version von Java installieren und den Trojaner über das Java Control Panel zu löschen, aber dabei komme ich auch nicht weiter. Ich benutze windows7 und bin nun auf der Suche nach einer verständlichen Erklärung um meinen Laptop wieder zu bereinigen. Hoffe es kann mir hier jemand weiterhelfen !!! Werde natürlich mit meinen besten Kräften versuchen mitzuarbeiten. Lieber Gruß Mirko |
|
02.01.2013, 16:36
| #2 |
| /// Malware-holic   |  Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
02.01.2013, 20:01
| #3 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Hallo Markus !
__________________Vielen Dank für die schnelle Antwort ! Im Anschluss, dass Protokoll von OTL.OTL Logfile: [CODE]OTL logfile created on: 1/2/2013 7:40:08 PM - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\samsung\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.97 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 57.94% Memory free 5.93 Gb Paging File | 4.53 Gb Available in Paging File | 76.36% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 282.99 Gb Total Space | 171.50 Gb Free Space | 60.60% Space Free | Partition Type: NTFS Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/02 19:28:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe PRC - [2012/12/20 22:35:30 | 000,222,208 | ---- | M] (Somoto Ltd.) -- C:\Users\samsung\AppData\Local\Temp\biclient.exe PRC - [2012/12/11 21:17:13 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe PRC - [2012/11/15 19:31:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2009/10/26 12:53:14 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2009/10/07 02:31:56 | 002,246,144 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe PRC - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe PRC - [2009/06/03 12:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/04/15 15:52:06 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe ========== Modules (No Company Name) ========== MOD - [2012/08/17 20:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll MOD - [2009/08/16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll MOD - [2009/06/03 12:59:14 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/06/03 12:59:02 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll ========== Services (SafeList) ========== SRV - [2012/12/11 21:17:20 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/15 19:31:56 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP) SRV - [2009/08/13 21:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - [2012/11/15 19:32:51 | 000,043,608 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi) DRV - [2012/11/15 19:32:50 | 000,589,144 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF) DRV - [2012/09/19 17:37:07 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt) DRV - [2012/09/19 17:37:06 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt) DRV - [2012/08/13 15:49:44 | 000,144,344 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps) DRV - [2012/08/02 14:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6) DRV - [2012/06/19 16:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1) DRV - [2011/12/13 03:32:24 | 002,228,224 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2010/12/02 11:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2010/12/02 11:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2010/12/02 11:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2010/12/02 11:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2010/12/02 09:36:42 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdnsu.sys -- (nmwcdnsu) DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010/02/15 09:24:00 | 000,322,336 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7) DRV - [2009/11/06 05:07:10 | 009,923,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2009/07/14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp) DRV - [2009/06/27 15:55:12 | 000,066,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA) DRV - [2005/04/18 15:15:54 | 000,015,104 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmunet.sys -- (AVMUNET) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-5975212467994412%3A1i8hj0-cydp&ie=UTF-8&q={searchTerms}&sa=Search&ub=_|0U0I0DzutDtDtByEyDyEyEtByE0D0CyCtN0P1C0S1Czu0E1H2Y1I1P0E0XtN0C0H0Nzu0S0R0C0HtA|_&cr=1002344293 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\anti_banner@kaspersky.com [2012/12/05 19:25:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\online_banking@kaspersky.com [2012/12/29 18:03:22 | 000,000,000 | ---D | M] [2012/12/14 19:49:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - homepage: hxxp://www.claro-search.com/?affID=114506&tt=5012_3&babsrc=HP_clro&mntrId=78635dfc0000000000002226b6b512bd CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\ CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\ CHR - Extension: No name found = C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\ O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft) O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\RunOnce: [downloadsourcede] File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\ie_banner_deny.htm () O9 - Extra Button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (PokerStars) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36F95E33-6649-4EEB-A25C-A2EC6142ED87}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54F37B68-462C-4240-A5CC-0088CCF0C80F}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6740F581-8B96-4B73-9C1B-74E80ABB4E31}: DhcpNameServer = 192.168.0.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{6cfa8114-90ef-11df-9419-002454424dc6}\Shell - "" = AutoRun O33 - MountPoints2\{6cfa8114-90ef-11df-9419-002454424dc6}\Shell\AutoRun\command - "" = D:\preinst.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/01/02 19:28:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe [2013/01/01 13:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013/01/01 13:20:33 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/12/14 19:50:09 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Claro [2012/12/14 19:49:58 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2012/12/14 19:49:38 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\PerformerSoft [2012/12/14 19:49:30 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer [2012/12/14 19:49:28 | 000,000,000 | ---D | C] -- C:\Users\samsung\AppData\Roaming\Babylon [2012/12/14 19:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012/12/14 19:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService [2012/12/14 19:49:24 | 000,000,000 | ---D | C] -- C:\windows\System32\Extensions [2012/12/14 19:49:23 | 000,000,000 | ---D | C] -- C:\windows\System32\searchplugins [2012/12/14 19:49:20 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager [2012/12/14 19:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Streamripper [2012/12/14 19:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2012/12/14 19:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp [2 C:\Users\samsung\*.tmp files -> C:\Users\samsung\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/02 19:28:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\samsung\Desktop\OTL.exe [2013/01/02 19:17:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/01/02 19:15:15 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/02 19:15:15 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/02 19:07:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/01/02 19:07:36 | 2388,086,784 | -HS- | M] () -- C:\hiberfil.sys [2012/12/30 11:41:01 | 000,657,910 | ---- | M] () -- C:\windows\System32\perfh007.dat [2012/12/30 11:41:01 | 000,619,146 | ---- | M] () -- C:\windows\System32\perfh009.dat [2012/12/30 11:41:01 | 000,131,250 | ---- | M] () -- C:\windows\System32\perfc007.dat [2012/12/30 11:41:01 | 000,107,466 | ---- | M] () -- C:\windows\System32\perfc009.dat [2012/12/29 18:16:04 | 000,457,704 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT [2 C:\Users\samsung\*.tmp files -> C:\Users\samsung\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/05/14 18:03:40 | 000,017,408 | ---- | C] () -- C:\Users\samsung\AppData\Local\WebpageIcons.db [2011/06/25 21:01:49 | 000,001,093 | ---- | C] () -- C:\Users\samsung\Radiotracker 6.lnk [2010/03/30 16:07:20 | 000,000,000 | ---- | C] () -- C:\Users\samsung\AppData\Roaming\wklnhst.dat [2010/03/22 19:43:24 | 000,004,608 | ---- | C] () -- C:\Users\samsung\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/02/04 20:21:26 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 1/2/2013 7:29:59 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\samsung\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2.97 Gb Total Physical Memory | 1.87 Gb Available Physical Memory | 62.89% Memory free
5.93 Gb Paging File | 4.59 Gb Available in Paging File | 77.46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 282.99 Gb Total Space | 171.50 Gb Free Space | 60.60% Space Free | Partition Type: NTFS
Computer Name: SAMSUNG-PC | User Name: samsung | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1"
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1"
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1"
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044AECB5-6ED0-4AB7-9296-8CADEDB78D65}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{08F099FF-B03F-4D96-BB0C-D7E36D6392FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{12650E80-432B-45B4-8E93-787FCBD611F1}" = lport=445 | protocol=6 | dir=in | app=system |
"{12AFA8F1-5038-4BCC-B83C-93358FFB8A87}" = rport=139 | protocol=6 | dir=out | app=system |
"{219EDD43-1DEE-4EBB-B10C-29588B89FC78}" = lport=10243 | protocol=6 | dir=in | app=system |
"{22D614AD-9D2C-427E-A0C4-AC0A7640002F}" = lport=138 | protocol=17 | dir=in | app=system |
"{3FC57477-95AC-41F7-AE10-F8935C055C72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{467B47F8-AC82-4FC3-A9B1-C61DEFDF20F0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51798682-FCC2-4E15-AA78-F6BB77FADD79}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{5479A3C9-4701-48B4-862C-47BF4E56A48E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{59316E15-F380-4CD4-9B44-49BBE2572E8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69602ACA-E7E8-4D83-B419-9AD56023F2D4}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CB2EEAB-E69B-4A91-99C6-B62136BA4A66}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{84573A3C-B22B-44C1-8A66-21EE82C3D30A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{89BDDA84-D493-4419-BEB6-2B81C485F501}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8E109767-605C-442E-975B-53D1A9DD4628}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8FAAA6CE-7CEA-4D05-811B-77401B96121A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9113A3FD-7243-4ADC-80EC-5C8B500E9BD3}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9996150D-BD90-42DB-8C2F-8C9B59D89CAE}" = lport=137 | protocol=17 | dir=in | app=system |
"{A7B46EAF-6259-4F12-9DA1-2C5A587058DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C47DC1B0-DE73-4412-BA8B-D380E34280BA}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{C7774ADE-51B9-48D6-9139-C518FD92BE51}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA495C31-3B68-4701-AA3F-4998609F401E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CC5D431B-B458-468F-AE34-D421C679D4C3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD77EAFD-9E6A-4B9E-AA6A-622B5DD32F8D}" = rport=445 | protocol=6 | dir=out | app=system |
"{D3901B3F-8EF3-4ED7-96BC-3039D50FF7B4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D8BB7789-6388-4C88-9220-9E5B3C0E3A2B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E58FDA39-7A9B-4A0A-A142-0549F44E73F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E707D949-21B7-4DDB-AB15-18F9DACE9149}" = lport=139 | protocol=6 | dir=in | app=system |
"{E74540DE-7EFA-4703-8198-4C244A71B20F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F0AFA054-05CD-4EA9-BBA3-1652941CBECE}" = rport=137 | protocol=17 | dir=out | app=system |
"{F5B264D4-FF0A-4944-8D22-CAB117AD14E6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{FB278F6B-870D-40A5-A1EB-ABDF9805F64D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE518521-C60C-4DB4-BDF6-00818C35FA67}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B4A8D63-D7D1-415C-803A-98E0DFD28F92}" = dir=in | app=c:\program files\cyberlink\powerdvd8\powerdvd8.exe |
"{27FB3976-8313-4168-B672-95E8F66E2CB4}" = protocol=17 | dir=in | app=c:\program files\tv-browser\tvbrowser_nodd.exe |
"{3EE56642-2CEB-42DF-B0F5-661C114408CC}" = protocol=17 | dir=in | app=c:\program files\tv-browser\tvbrowser.exe |
"{414749A6-45B1-435C-BB08-3DD48F94274B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41C063D2-2381-4011-8F22-42C297127E04}" = protocol=6 | dir=in | app=c:\program files\tv-browser\tvbrowser.exe |
"{44B33948-7106-4D9C-B875-E5235E532B71}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4CC409A9-79C8-44BC-8436-107D381AB604}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5EF8CB55-68B4-4B92-8D5B-390F76FD45C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{667675B9-C461-4343-A988-82FE3B6C1C89}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{68454269-9DB3-4980-AA62-0FBF98B0B7BD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6CBCB482-B1F4-42E8-9B2B-C1315D47AC0B}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{6D4EF18D-407B-479D-B7D0-CC4CB361112E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6DCDCA99-0498-40C5-ACCD-5C02D5D71BBD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76410C61-A2AE-4F66-8E85-9C8961887E64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{76C60C43-5B3B-454B-BE7E-0931857A7730}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7C8817A0-7E0E-4D97-8CEA-32EA6802A1BE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{80763932-6272-4EC3-922F-91E8FFCFF411}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{82A5BAB4-A1DB-4A05-9084-2C1FA08FA7CB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{862771D9-E68A-4B26-90BA-790249A94930}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A4697DC-6A62-4937-933E-A9D1B1E46508}" = protocol=6 | dir=out | app=system |
"{8DA23832-825A-481C-AB16-D78090711872}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{A10F0A57-A310-4A60-B8D9-40CFBF9112C6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A1309770-1680-4D1F-8801-3B5CF23AD1B1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{A3729501-15C4-4A84-8D3E-F75F2D4A580D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A800FA81-3DED-4252-AFE3-7C0EAD7D13BE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B6B1004D-1977-4DD6-983B-F770DD33EB0D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D8AABC73-EB37-4062-82CF-E334CAFD07E7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EDF44AE9-AC13-4076-B3C7-A4A7CFE05609}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EE05D020-AEDB-4BFB-903F-BE026DDDA44A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{EF491654-D8F8-45C1-9D95-93A34D83CC87}" = protocol=6 | dir=in | app=c:\program files\tv-browser\tvbrowser_nodd.exe |
"{EFFE6017-5256-4EA4-A547-396888EB6C3C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FBA3E422-A639-40AF-8712-FCDA50C83607}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FF9FC9D6-D175-4F2F-9207-3D32F2EC24B3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{02DF8076-C8B9-4578-A84B-78BFC445B0B2}C:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"TCP Query User{2C0693CC-35CF-4F55-A815-F181B29BF631}C:\program files\emuleex\emsoft.exe" = protocol=6 | dir=in | app=c:\program files\emuleex\emsoft.exe |
"TCP Query User{4D18EEDC-DF52-4925-9569-95E568C636A0}C:\program files\amule\amule.exe" = protocol=6 | dir=in | app=c:\program files\amule\amule.exe |
"TCP Query User{52FB7162-4433-46BF-88DE-DF91F59BC062}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{7AB692B3-A256-4023-9CF8-C990FD67CE0E}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{851B60B3-A6E1-4D3C-9D17-B961A1AFD5DD}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{8FA41571-E176-48A9-A7E4-B789708E64FA}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{B7D1C090-E0AC-4343-962F-593F6ECFBB21}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{D84AEB60-F78F-45E1-AF0A-056CD79F0398}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{DFEB6FBB-2C91-412E-A4DC-C3C85FB2A8F4}C:\program files\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"UDP Query User{0EC9A017-672A-495B-B4AB-7A16E34BD217}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{1470BF95-EDE3-4459-994A-3F7A3A05A383}C:\program files\emuleex\emsoft.exe" = protocol=17 | dir=in | app=c:\program files\emuleex\emsoft.exe |
"UDP Query User{1D49B78E-12AA-4DFA-AF7F-5F94D407FF71}C:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"UDP Query User{45995BFB-FF5D-4C31-A319-B68809182C75}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{51626B7E-A2EE-40D3-8FD5-18CBBD126A4A}C:\program files\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files\bearshare\bearshare.exe |
"UDP Query User{5FA41ADE-124C-42EC-B4A0-CFBF256B668B}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{6FAFAC6F-72A0-49E2-94D0-ADCF47673E9F}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{7CF30AE8-3283-4C57-AFC7-71CD4C1D217C}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{8ACC9100-D418-4D9D-956E-9A89D203F237}C:\program files\amule\amule.exe" = protocol=17 | dir=in | app=c:\program files\amule\amule.exe |
"UDP Query User{AFAC2556-F2C3-4672-9447-7C204C5AEBE7}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID-Anmelde-Assistent
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 4
"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Display Manager
"{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}" = EasyBatteryManager
"{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}" = AnyPC Client
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217010FF}" = Java 7 Update 10
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63eafc52-b963-4297-a7eb-d412944e7065}_is1" = Game Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}" = BatteryLifeExtender
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{900C2AB5-3F37-4F84-B58C-893FA5F42D7D}_is1" = WiseFixer 3.5
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A5675A9E-F073-414A-9A04-F9BCD50459D7}" = Easy Network Manager
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A8BB05BC-2C4A-4178-A819-64B8F5392960}" = Radiotracker
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{AC76BA86-7AD7-1031-7B44-A95000000001}" = Adobe Reader 9.5.2 - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}" = Samsung Support Center
"{D1434266-0486-4469-B338-A60082CC04E1}" = Atheros Client Installation Program
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}" = Samsung Update Plus
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{EF367AA4-070B-493C-9575-85BE59D789C9}" = Easy SpeedUp Manager
"{EFCEF949-9821-4759-A573-3EB8C857DF46}" = Windows Live Family Safety
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}" = inSSIDer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Biet-O-Matic v2.14.3" = Biet-O-Matic v2.14.3
"CCleaner" = CCleaner
"ENTERPRISE" = Microsoft Office Enterprise 2007
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"PokerStars.eu" = PokerStars.eu
"SopCast" = SopCast 3.4.0
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TIPP10_is1" = TIPP10 Version 2.0.3
"tvbrowser" = TV-Browser 3.0-beta2
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZehnFinger5" = ZehnFinger5 5.21
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12/29/2012 1:07:06 PM | Computer Name = samsung-PC | Source = System Restore | ID = 8210
Description =
Error - 12/30/2012 7:10:17 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
Support Center\Drv\drv2x64\KStartMem.exe.Manifest". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/30/2012 7:10:36 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/30/2012 8:10:48 PM | Computer Name = samsung-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16457 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 384 Startzeit: 01cde6e05196653a Endzeit: 20 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 12/31/2012 7:53:17 AM | Computer Name = samsung-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a2f9e3 Name des fehlerhaften Moduls: Flash32_11_5_502_135.ocx,
Version: 11.5.502.135, Zeitstempel: 0x50b84945 Ausnahmecode: 0xc0000005 Fehleroffset:
0x0008ac0a ID des fehlerhaften Prozesses: 0xafc Startzeit der fehlerhaften Anwendung:
0x01cde74aa08360ce Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
Berichtskennung:
a97f3396-5340-11e2-8e97-002454424dc6
Error - 12/31/2012 12:03:18 PM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
Support Center\Drv\drv2x64\KStartMem.exe.Manifest". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12/31/2012 12:03:36 PM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 1/1/2013 7:22:13 AM | Computer Name = samsung-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a2f9e3 Name des fehlerhaften Moduls: Flash32_11_5_502_135.ocx,
Version: 11.5.502.135, Zeitstempel: 0x50b84945 Ausnahmecode: 0xc0000005 Fehleroffset:
0x0008ac0a ID des fehlerhaften Prozesses: 0x9c8 Startzeit der fehlerhaften Anwendung:
0x01cde810bc158bc9 Pfad der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe
Pfad
des fehlerhaften Moduls: C:\windows\system32\Macromed\Flash\Flash32_11_5_502_135.ocx
Berichtskennung:
7d30e5c0-5405-11e2-b66c-002454424dc6
Error - 1/1/2013 11:21:11 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\Samsung
Support Center\Drv\drv2x64\KStartMem.exe.Manifest". Die abhängige Assemblierung
"Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 1/1/2013 11:21:46 AM | Computer Name = samsung-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Samsung\BatteryLifeExtender\Drv\SABI2x64\KStartMem.exe.Manifest".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ Media Center Events ]
Error - 2/4/2010 7:39:58 PM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 00:39:58 - Fehler beim Herstellen der Internetverbindung. 00:39:58
- Serververbindung konnte nicht hergestellt werden..
Error - 4/7/2010 1:46:00 AM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 07:46:00 - Fehler beim Herstellen der Internetverbindung. 07:46:00
- Serververbindung konnte nicht hergestellt werden..
Error - 4/7/2010 1:46:09 AM | Computer Name = samsung-PC | Source = MCUpdate | ID = 0
Description = 07:46:05 - Fehler beim Herstellen der Internetverbindung. 07:46:05
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 4/5/2011 7:06:41 AM | Computer Name = samsung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
Error - 6/3/2011 12:35:08 PM | Computer Name = samsung-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 11/27/2012 8:24:27 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 11/29/2012 5:04:38 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description =
Error - 11/30/2012 10:46:38 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 12/6/2012 12:52:55 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description =
Error - 12/7/2012 12:49:33 AM | Computer Name = samsung-PC | Source = WMPNetworkSvc | ID = 866300
Description =
Error - 12/20/2012 1:48:33 PM | Computer Name = samsung-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Oberon Media Game Console service erreicht.
Error - 12/20/2012 1:48:33 PM | Computer Name = samsung-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 12/27/2012 6:50:21 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description =
Error - 12/31/2012 8:00:19 PM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description =
Error - 1/1/2013 5:42:13 AM | Computer Name = samsung-PC | Source = DCOM | ID = 10010
Description =
< End of report >
--- --- --- |
|
02.01.2013, 20:15
| #4 |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
02.01.2013, 20:39
| #5 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Bin gerade dabei, dauert nur noch ein wenig. TDSSKiller checking for updates, bleibt aber die ganze Zeit bei 15% stehen. Und nun? Lieber Gruß Insigned file Service: MDM Suspicious object, medium risk Service start: Auto (0x2) File: C:\Programm Files\Common Files\Microsoft Shared\VS7DEBUG` MD5: 7cf1b716372b89568ae4c0fe769f5869 Hat doch geklappt !!  |
|
03.01.2013, 19:05
| #6 |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? hi c: tdss-killer-version-Datum.txt deren Inhalt bitte posten
__________________ --> Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? |
|
03.01.2013, 19:11
| #7 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Verstehe nicht ganz. |
|
03.01.2013, 19:41
| #8 |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? das log vom TDSs killer posten bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 19:41
| #9 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? 20:38:22.0887 4180 TDSS rootkit removing tool 2.7.42.0 Jun 25 2012 21:18:44 20:46:05.0002 4180 ============================================================ 20:46:05.0002 4180 Current date / time: 2013/01/02 20:46:05.0002 20:46:05.0002 4180 SystemInfo: 20:46:05.0002 4180 20:46:05.0002 4180 OS Version: 6.1.7601 ServicePack: 1.0 20:46:05.0002 4180 Product type: Workstation 20:46:05.0002 4180 ComputerName: SAMSUNG-PC 20:46:05.0002 4180 UserName: samsung 20:46:05.0002 4180 Windows directory: C:\windows 20:46:05.0002 4180 System windows directory: C:\windows 20:46:05.0002 4180 Processor architecture: Intel x86 20:46:05.0002 4180 Number of processors: 2 20:46:05.0002 4180 Page size: 0x1000 20:46:05.0002 4180 Boot type: Normal boot 20:46:05.0002 4180 ============================================================ 20:46:09.0962 4180 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:46:09.0962 4180 ============================================================ 20:46:09.0962 4180 \Device\Harddisk0\DR0: 20:46:09.0962 4180 MBR partitions: 20:46:09.0962 4180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000 20:46:09.0962 4180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x235FBAB0 20:46:09.0962 4180 ============================================================ 20:46:09.0994 4180 C: <-> \Device\Harddisk0\DR0\Partition1 20:46:09.0994 4180 ============================================================ 20:46:09.0994 4180 Initialize success 20:46:09.0994 4180 ============================================================ 20:47:27.0665 0828 ============================================================ 20:47:27.0665 0828 Scan started 20:47:27.0665 0828 Mode: Manual; SigCheck; TDLFS; 20:47:27.0665 0828 ============================================================ 20:47:29.0225 0828 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 20:47:29.0349 0828 1394ohci - ok 20:47:29.0427 0828 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 20:47:29.0459 0828 ACPI - ok 20:47:29.0490 0828 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 20:47:29.0583 0828 AcpiPmi - ok 20:47:29.0755 0828 AdobeFlashPlayerUpdateSvc (95ce557d16a75606ccc2d7f3b0b0bccb) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:47:29.0786 0828 AdobeFlashPlayerUpdateSvc - ok 20:47:29.0849 0828 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 20:47:29.0880 0828 adp94xx - ok 20:47:29.0911 0828 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 20:47:29.0942 0828 adpahci - ok 20:47:29.0958 0828 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 20:47:29.0973 0828 adpu320 - ok 20:47:30.0005 0828 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 20:47:30.0036 0828 AeLookupSvc - ok 20:47:30.0098 0828 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 20:47:30.0145 0828 AFD - ok 20:47:30.0176 0828 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 20:47:30.0192 0828 agp440 - ok 20:47:30.0239 0828 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 20:47:30.0270 0828 aic78xx - ok 20:47:30.0332 0828 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 20:47:30.0395 0828 ALG - ok 20:47:30.0426 0828 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 20:47:30.0441 0828 aliide - ok 20:47:30.0457 0828 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 20:47:30.0473 0828 amdagp - ok 20:47:30.0488 0828 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 20:47:30.0519 0828 amdide - ok 20:47:30.0551 0828 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 20:47:30.0582 0828 AmdK8 - ok 20:47:30.0613 0828 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 20:47:30.0644 0828 AmdPPM - ok 20:47:30.0691 0828 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 20:47:30.0738 0828 amdsata - ok 20:47:30.0769 0828 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 20:47:30.0785 0828 amdsbs - ok 20:47:30.0800 0828 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 20:47:30.0816 0828 amdxata - ok 20:47:30.0878 0828 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 20:47:30.0987 0828 AppID - ok 20:47:31.0019 0828 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 20:47:31.0081 0828 AppIDSvc - ok 20:47:31.0128 0828 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 20:47:31.0175 0828 Appinfo - ok 20:47:31.0206 0828 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 20:47:31.0221 0828 arc - ok 20:47:31.0237 0828 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 20:47:31.0253 0828 arcsas - ok 20:47:31.0284 0828 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 20:47:31.0377 0828 AsyncMac - ok 20:47:31.0424 0828 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 20:47:31.0440 0828 atapi - ok 20:47:31.0596 0828 athr (49f17a2e79469be6581d491706720671) C:\windows\system32\DRIVERS\athr.sys 20:47:31.0658 0828 athr - ok 20:47:31.0814 0828 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 20:47:31.0861 0828 AudioEndpointBuilder - ok 20:47:31.0877 0828 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 20:47:31.0908 0828 Audiosrv - ok 20:47:31.0939 0828 AVMUNET (077b3692f4376d1539755761feef659a) C:\windows\system32\DRIVERS\avmunet.sys 20:47:31.0986 0828 AVMUNET - ok 20:47:32.0095 0828 AVP - ok 20:47:32.0173 0828 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 20:47:32.0220 0828 AxInstSV - ok 20:47:32.0267 0828 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 20:47:32.0329 0828 b06bdrv - ok 20:47:32.0391 0828 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 20:47:32.0438 0828 b57nd60x - ok 20:47:32.0501 0828 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 20:47:32.0547 0828 BDESVC - ok 20:47:32.0563 0828 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 20:47:32.0610 0828 Beep - ok 20:47:32.0688 0828 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 20:47:32.0766 0828 BFE - ok 20:47:32.0797 0828 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 20:47:32.0844 0828 BITS - ok 20:47:32.0891 0828 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 20:47:32.0937 0828 blbdrive - ok 20:47:32.0969 0828 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 20:47:33.0015 0828 bowser - ok 20:47:33.0047 0828 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 20:47:33.0109 0828 BrFiltLo - ok 20:47:33.0125 0828 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 20:47:33.0171 0828 BrFiltUp - ok 20:47:33.0218 0828 Browser (3daa727b5b0a45039b0e1c9a211b8400) C:\windows\System32\browser.dll 20:47:33.0265 0828 Browser - ok 20:47:33.0281 0828 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 20:47:33.0343 0828 Brserid - ok 20:47:33.0359 0828 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 20:47:33.0390 0828 BrSerWdm - ok 20:47:33.0405 0828 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 20:47:33.0437 0828 BrUsbMdm - ok 20:47:33.0468 0828 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 20:47:33.0515 0828 BrUsbSer - ok 20:47:33.0546 0828 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 20:47:33.0577 0828 BTHMODEM - ok 20:47:33.0624 0828 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 20:47:33.0671 0828 bthserv - ok 20:47:33.0702 0828 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 20:47:33.0749 0828 cdfs - ok 20:47:33.0795 0828 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 20:47:33.0827 0828 cdrom - ok 20:47:33.0889 0828 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 20:47:33.0951 0828 CertPropSvc - ok 20:47:33.0998 0828 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 20:47:34.0014 0828 circlass - ok 20:47:34.0045 0828 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 20:47:34.0061 0828 CLFS - ok 20:47:34.0139 0828 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:47:34.0201 0828 clr_optimization_v2.0.50727_32 - ok 20:47:34.0279 0828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:47:34.0310 0828 clr_optimization_v4.0.30319_32 - ok 20:47:34.0326 0828 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 20:47:34.0357 0828 CmBatt - ok 20:47:34.0388 0828 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 20:47:34.0419 0828 cmdide - ok 20:47:34.0482 0828 CNG (42f158036bd4c2ff3122bf142e60e6fd) C:\windows\system32\Drivers\cng.sys 20:47:34.0529 0828 CNG - ok 20:47:34.0544 0828 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 20:47:34.0575 0828 Compbatt - ok 20:47:34.0607 0828 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 20:47:34.0638 0828 CompositeBus - ok 20:47:34.0653 0828 COMSysApp - ok 20:47:34.0669 0828 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 20:47:34.0685 0828 crcdisk - ok 20:47:34.0731 0828 CryptSvc (96c0e38905cfd788313be8e11dae3f2f) C:\windows\system32\cryptsvc.dll 20:47:34.0778 0828 CryptSvc - ok 20:47:34.0841 0828 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 20:47:34.0887 0828 DcomLaunch - ok 20:47:34.0934 0828 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 20:47:34.0981 0828 defragsvc - ok 20:47:35.0059 0828 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 20:47:35.0090 0828 DfsC - ok 20:47:35.0184 0828 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 20:47:35.0231 0828 Dhcp - ok 20:47:35.0262 0828 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 20:47:35.0309 0828 discache - ok 20:47:35.0340 0828 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 20:47:35.0371 0828 Disk - ok 20:47:35.0387 0828 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 20:47:35.0433 0828 Dnscache - ok 20:47:35.0480 0828 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 20:47:35.0543 0828 dot3svc - ok 20:47:35.0589 0828 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 20:47:35.0636 0828 DPS - ok 20:47:35.0683 0828 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 20:47:35.0730 0828 drmkaud - ok 20:47:35.0792 0828 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 20:47:35.0823 0828 DXGKrnl - ok 20:47:35.0855 0828 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 20:47:35.0901 0828 EapHost - ok 20:47:36.0057 0828 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 20:47:36.0151 0828 ebdrv - ok 20:47:36.0291 0828 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 20:47:36.0338 0828 EFS - ok 20:47:36.0432 0828 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 20:47:36.0494 0828 ehRecvr - ok 20:47:36.0525 0828 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 20:47:36.0557 0828 ehSched - ok 20:47:36.0635 0828 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 20:47:36.0681 0828 elxstor - ok 20:47:36.0697 0828 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 20:47:36.0744 0828 ErrDev - ok 20:47:36.0791 0828 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 20:47:36.0822 0828 EventSystem - ok 20:47:36.0853 0828 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 20:47:36.0900 0828 exfat - ok 20:47:36.0931 0828 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 20:47:36.0978 0828 fastfat - ok 20:47:37.0040 0828 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 20:47:37.0087 0828 Fax - ok 20:47:37.0103 0828 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 20:47:37.0134 0828 fdc - ok 20:47:37.0165 0828 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 20:47:37.0196 0828 fdPHost - ok 20:47:37.0196 0828 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 20:47:37.0259 0828 FDResPub - ok 20:47:37.0290 0828 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 20:47:37.0305 0828 FileInfo - ok 20:47:37.0321 0828 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 20:47:37.0368 0828 Filetrace - ok 20:47:37.0399 0828 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 20:47:37.0446 0828 flpydisk - ok 20:47:37.0477 0828 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 20:47:37.0493 0828 FltMgr - ok 20:47:37.0555 0828 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 20:47:37.0602 0828 FontCache - ok 20:47:37.0664 0828 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:47:37.0711 0828 FontCache3.0.0.0 - ok 20:47:37.0727 0828 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 20:47:37.0742 0828 FsDepends - ok 20:47:37.0758 0828 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys 20:47:37.0773 0828 fssfltr - ok 20:47:37.0867 0828 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 20:47:37.0914 0828 fsssvc - ok 20:47:37.0929 0828 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 20:47:37.0945 0828 Fs_Rec - ok 20:47:38.0007 0828 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 20:47:38.0039 0828 fvevol - ok 20:47:38.0070 0828 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 20:47:38.0101 0828 gagp30kx - ok 20:47:38.0163 0828 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 20:47:38.0241 0828 gpsvc - ok 20:47:38.0257 0828 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 20:47:38.0288 0828 hcw85cir - ok 20:47:38.0351 0828 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 20:47:38.0444 0828 HdAudAddService - ok 20:47:38.0491 0828 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 20:47:38.0553 0828 HDAudBus - ok 20:47:38.0600 0828 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 20:47:38.0663 0828 HidBatt - ok 20:47:38.0678 0828 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 20:47:38.0725 0828 HidBth - ok 20:47:38.0756 0828 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 20:47:38.0803 0828 HidIr - ok 20:47:38.0834 0828 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 20:47:38.0897 0828 hidserv - ok 20:47:38.0928 0828 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 20:47:38.0975 0828 HidUsb - ok 20:47:39.0021 0828 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 20:47:39.0068 0828 hkmsvc - ok 20:47:39.0115 0828 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 20:47:39.0177 0828 HomeGroupListener - ok 20:47:39.0209 0828 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 20:47:39.0240 0828 HomeGroupProvider - ok 20:47:39.0271 0828 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 20:47:39.0302 0828 HpSAMD - ok 20:47:39.0380 0828 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 20:47:39.0427 0828 HTTP - ok 20:47:39.0427 0828 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 20:47:39.0443 0828 hwpolicy - ok 20:47:39.0489 0828 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 20:47:39.0521 0828 i8042prt - ok 20:47:39.0567 0828 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys 20:47:39.0583 0828 iaStor - ok 20:47:39.0630 0828 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 20:47:39.0692 0828 iaStorV - ok 20:47:39.0833 0828 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:47:39.0864 0828 idsvc - ok 20:47:40.0082 0828 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys 20:47:40.0191 0828 igfx - ok 20:47:40.0332 0828 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 20:47:40.0379 0828 iirsp - ok 20:47:40.0488 0828 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 20:47:40.0566 0828 IKEEXT - ok 20:47:40.0706 0828 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys 20:47:40.0769 0828 IntcAzAudAddService - ok 20:47:40.0878 0828 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 20:47:40.0909 0828 intelide - ok 20:47:40.0940 0828 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 20:47:40.0971 0828 intelppm - ok 20:47:41.0003 0828 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 20:47:41.0049 0828 IPBusEnum - ok 20:47:41.0081 0828 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 20:47:41.0143 0828 IpFilterDriver - ok 20:47:41.0221 0828 iphlpsvc (58f67245d041fbe7af88f4eaf79df0fa) C:\windows\System32\iphlpsvc.dll 20:47:41.0252 0828 iphlpsvc - ok 20:47:41.0268 0828 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 20:47:41.0299 0828 IPMIDRV - ok 20:47:41.0315 0828 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 20:47:41.0377 0828 IPNAT - ok 20:47:41.0408 0828 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 20:47:41.0455 0828 IRENUM - ok 20:47:41.0486 0828 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 20:47:41.0502 0828 isapnp - ok 20:47:41.0517 0828 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 20:47:41.0564 0828 iScsiPrt - ok 20:47:41.0580 0828 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 20:47:41.0595 0828 kbdclass - ok 20:47:41.0627 0828 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 20:47:41.0673 0828 kbdhid - ok 20:47:41.0720 0828 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:47:41.0736 0828 KeyIso - ok 20:47:41.0814 0828 KL1 (ea26cb00f83686856f2c79673c00c686) C:\windows\system32\DRIVERS\kl1.sys 20:47:41.0829 0828 KL1 - ok 20:47:41.0923 0828 KLIF (fbc7f840f1118d358d2afb8c1714b384) C:\windows\system32\DRIVERS\klif.sys 20:47:41.0970 0828 KLIF - ok 20:47:42.0063 0828 KLIM6 (af127fe7dd5ed2bbc9049fd8a00defc2) C:\windows\system32\DRIVERS\klim6.sys 20:47:42.0079 0828 KLIM6 - ok 20:47:42.0110 0828 klkbdflt (24aebad59d1de8a7cc36e8f09f999362) C:\windows\system32\DRIVERS\klkbdflt.sys 20:47:42.0141 0828 klkbdflt - ok 20:47:42.0141 0828 klmouflt (a58507c2827c3ae1d4ccb2746aab349f) C:\windows\system32\DRIVERS\klmouflt.sys 20:47:42.0157 0828 klmouflt - ok 20:47:42.0173 0828 kltdi (53c0df6c5139cb78a631e7afcd893730) C:\windows\system32\DRIVERS\kltdi.sys 20:47:42.0188 0828 kltdi - ok 20:47:42.0235 0828 kneps (71a38c123600172511c26bfabd0ef579) C:\windows\system32\DRIVERS\kneps.sys 20:47:42.0251 0828 kneps - ok 20:47:42.0297 0828 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys 20:47:42.0313 0828 KSecDD - ok 20:47:42.0360 0828 KSecPkg (5fe1abf1af591a3458c9cf24ed9a4d35) C:\windows\system32\Drivers\ksecpkg.sys 20:47:42.0375 0828 KSecPkg - ok 20:47:42.0407 0828 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 20:47:42.0453 0828 KtmRm - ok 20:47:42.0500 0828 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 20:47:42.0563 0828 LanmanServer - ok 20:47:42.0609 0828 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 20:47:42.0656 0828 LanmanWorkstation - ok 20:47:42.0719 0828 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 20:47:42.0781 0828 lltdio - ok 20:47:42.0828 0828 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 20:47:42.0875 0828 lltdsvc - ok 20:47:42.0890 0828 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 20:47:42.0953 0828 lmhosts - ok 20:47:42.0999 0828 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 20:47:43.0015 0828 LSI_FC - ok 20:47:43.0046 0828 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 20:47:43.0062 0828 LSI_SAS - ok 20:47:43.0062 0828 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 20:47:43.0077 0828 LSI_SAS2 - ok 20:47:43.0093 0828 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 20:47:43.0124 0828 LSI_SCSI - ok 20:47:43.0140 0828 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 20:47:43.0171 0828 luafv - ok 20:47:43.0249 0828 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 20:47:43.0280 0828 Mcx2Svc - ok 20:47:43.0374 0828 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 20:47:43.0405 0828 MDM ( UnsignedFile.Multi.Generic ) - warning 20:47:43.0405 0828 MDM - detected UnsignedFile.Multi.Generic (1) 20:47:43.0436 0828 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 20:47:43.0467 0828 megasas - ok 20:47:43.0483 0828 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 20:47:43.0514 0828 MegaSR - ok 20:47:43.0592 0828 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 20:47:43.0623 0828 Microsoft Office Groove Audit Service - ok 20:47:43.0639 0828 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 20:47:43.0701 0828 MMCSS - ok 20:47:43.0733 0828 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 20:47:43.0795 0828 Modem - ok 20:47:43.0826 0828 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 20:47:43.0857 0828 monitor - ok 20:47:43.0920 0828 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 20:47:43.0935 0828 mouclass - ok 20:47:43.0982 0828 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 20:47:44.0029 0828 mouhid - ok 20:47:44.0060 0828 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 20:47:44.0076 0828 mountmgr - ok 20:47:44.0107 0828 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 20:47:44.0138 0828 mpio - ok 20:47:44.0154 0828 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 20:47:44.0201 0828 mpsdrv - ok 20:47:44.0263 0828 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 20:47:44.0325 0828 MpsSvc - ok 20:47:44.0357 0828 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 20:47:44.0388 0828 MRxDAV - ok 20:47:44.0435 0828 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 20:47:44.0466 0828 mrxsmb - ok 20:47:44.0497 0828 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 20:47:44.0559 0828 mrxsmb10 - ok 20:47:44.0575 0828 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 20:47:44.0622 0828 mrxsmb20 - ok 20:47:44.0669 0828 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 20:47:44.0684 0828 msahci - ok 20:47:44.0715 0828 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 20:47:44.0731 0828 msdsm - ok 20:47:44.0747 0828 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 20:47:44.0793 0828 MSDTC - ok 20:47:44.0825 0828 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 20:47:44.0887 0828 Msfs - ok 20:47:44.0903 0828 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 20:47:44.0949 0828 mshidkmdf - ok 20:47:44.0965 0828 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 20:47:44.0981 0828 msisadrv - ok 20:47:45.0027 0828 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 20:47:45.0074 0828 MSiSCSI - ok 20:47:45.0090 0828 msiserver - ok 20:47:45.0137 0828 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 20:47:45.0215 0828 MSKSSRV - ok 20:47:45.0230 0828 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 20:47:45.0293 0828 MSPCLOCK - ok 20:47:45.0308 0828 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 20:47:45.0355 0828 MSPQM - ok 20:47:45.0386 0828 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 20:47:45.0402 0828 MsRPC - ok 20:47:45.0433 0828 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 20:47:45.0449 0828 mssmbios - ok 20:47:45.0480 0828 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 20:47:45.0511 0828 MSTEE - ok 20:47:45.0527 0828 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 20:47:45.0558 0828 MTConfig - ok 20:47:45.0589 0828 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 20:47:45.0605 0828 Mup - ok 20:47:45.0667 0828 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 20:47:45.0714 0828 napagent - ok 20:47:45.0776 0828 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 20:47:45.0792 0828 NativeWifiP - ok 20:47:45.0839 0828 NDIS (8c9c922d71f1cd4def73f186416b7896) C:\windows\system32\drivers\ndis.sys 20:47:45.0870 0828 NDIS - ok 20:47:45.0885 0828 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 20:47:45.0932 0828 NdisCap - ok 20:47:45.0963 0828 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 20:47:45.0995 0828 NdisTapi - ok 20:47:46.0041 0828 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 20:47:46.0088 0828 Ndisuio - ok 20:47:46.0119 0828 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 20:47:46.0182 0828 NdisWan - ok 20:47:46.0197 0828 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 20:47:46.0244 0828 NDProxy - ok 20:47:46.0291 0828 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 20:47:46.0353 0828 NetBIOS - ok 20:47:46.0385 0828 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 20:47:46.0431 0828 NetBT - ok 20:47:46.0463 0828 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:47:46.0494 0828 Netlogon - ok 20:47:46.0525 0828 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 20:47:46.0587 0828 Netman - ok 20:47:46.0619 0828 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 20:47:46.0681 0828 netprofm - ok 20:47:46.0790 0828 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:47:46.0806 0828 NetTcpPortSharing - ok 20:47:46.0853 0828 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 20:47:46.0884 0828 nfrd960 - ok 20:47:46.0931 0828 NlaSvc (374071043f9e4231ee43be2bb48dd36d) C:\windows\System32\nlasvc.dll 20:47:46.0977 0828 NlaSvc - ok 20:47:47.0055 0828 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\windows\system32\drivers\ccdcmb.sys 20:47:47.0102 0828 nmwcd - ok 20:47:47.0118 0828 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\windows\system32\drivers\ccdcmbo.sys 20:47:47.0165 0828 nmwcdc - ok 20:47:47.0211 0828 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys 20:47:47.0274 0828 nmwcdnsu - ok 20:47:47.0321 0828 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 20:47:47.0367 0828 Npfs - ok 20:47:47.0399 0828 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 20:47:47.0430 0828 nsi - ok 20:47:47.0430 0828 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 20:47:47.0492 0828 nsiproxy - ok 20:47:47.0570 0828 Ntfs (0d87503986bb3dfed58e343fe39dde13) C:\windows\system32\drivers\Ntfs.sys 20:47:47.0601 0828 Ntfs - ok 20:47:47.0633 0828 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 20:47:47.0664 0828 Null - ok 20:47:47.0711 0828 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys 20:47:47.0726 0828 NVHDA - ok 20:47:48.0132 0828 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys 20:47:48.0459 0828 nvlddmkm - ok 20:47:48.0600 0828 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 20:47:48.0647 0828 nvraid - ok 20:47:48.0662 0828 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 20:47:48.0678 0828 nvstor - ok 20:47:48.0740 0828 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe 20:47:48.0771 0828 nvsvc - ok 20:47:48.0787 0828 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 20:47:48.0803 0828 nv_agp - ok 20:47:48.0849 0828 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 20:47:48.0865 0828 OberonGameConsoleService - ok 20:47:48.0943 0828 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:47:49.0068 0828 odserv - ok 20:47:49.0099 0828 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 20:47:49.0146 0828 ohci1394 - ok 20:47:49.0177 0828 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:47:49.0193 0828 ose - ok 20:47:49.0239 0828 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 20:47:49.0271 0828 p2pimsvc - ok 20:47:49.0302 0828 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 20:47:49.0333 0828 p2psvc - ok 20:47:49.0349 0828 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 20:47:49.0395 0828 Parport - ok 20:47:49.0427 0828 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys 20:47:49.0442 0828 partmgr - ok 20:47:49.0458 0828 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 20:47:49.0489 0828 Parvdm - ok 20:47:49.0520 0828 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 20:47:49.0551 0828 PcaSvc - ok 20:47:49.0583 0828 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 20:47:49.0598 0828 pci - ok 20:47:49.0614 0828 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 20:47:49.0629 0828 pciide - ok 20:47:49.0661 0828 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 20:47:49.0676 0828 pcmcia - ok 20:47:49.0692 0828 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 20:47:49.0707 0828 pcw - ok 20:47:49.0754 0828 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 20:47:49.0801 0828 PEAUTH - ok 20:47:49.0910 0828 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 20:47:49.0988 0828 pla - ok 20:47:50.0129 0828 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 20:47:50.0175 0828 PlugPlay - ok 20:47:50.0207 0828 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 20:47:50.0238 0828 PNRPAutoReg - ok 20:47:50.0269 0828 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 20:47:50.0285 0828 PNRPsvc - ok 20:47:50.0347 0828 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 20:47:50.0394 0828 PolicyAgent - ok 20:47:50.0441 0828 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 20:47:50.0472 0828 Power - ok 20:47:50.0519 0828 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 20:47:50.0581 0828 PptpMiniport - ok 20:47:50.0597 0828 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 20:47:50.0628 0828 Processor - ok 20:47:50.0706 0828 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll 20:47:50.0753 0828 ProfSvc - ok 20:47:50.0799 0828 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:47:50.0815 0828 ProtectedStorage - ok 20:47:50.0846 0828 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 20:47:50.0877 0828 Psched - ok 20:47:50.0940 0828 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 20:47:50.0987 0828 ql2300 - ok 20:47:51.0080 0828 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 20:47:51.0111 0828 ql40xx - ok 20:47:51.0143 0828 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 20:47:51.0174 0828 QWAVE - ok 20:47:51.0189 0828 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 20:47:51.0236 0828 QWAVEdrv - ok 20:47:51.0252 0828 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 20:47:51.0299 0828 RasAcd - ok 20:47:51.0330 0828 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 20:47:51.0361 0828 RasAgileVpn - ok 20:47:51.0392 0828 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 20:47:51.0423 0828 RasAuto - ok 20:47:51.0455 0828 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 20:47:51.0501 0828 Rasl2tp - ok 20:47:51.0564 0828 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 20:47:51.0611 0828 RasMan - ok 20:47:51.0642 0828 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 20:47:51.0689 0828 RasPppoe - ok 20:47:51.0720 0828 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 20:47:51.0782 0828 RasSstp - ok 20:47:51.0829 0828 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 20:47:51.0860 0828 rdbss - ok 20:47:51.0876 0828 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 20:47:51.0891 0828 rdpbus - ok 20:47:51.0938 0828 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 20:47:52.0016 0828 RDPCDD - ok 20:47:52.0063 0828 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 20:47:52.0110 0828 RDPENCDD - ok 20:47:52.0125 0828 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 20:47:52.0157 0828 RDPREFMP - ok 20:47:52.0235 0828 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys 20:47:52.0297 0828 RDPWD - ok 20:47:52.0391 0828 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 20:47:52.0422 0828 rdyboost - ok 20:47:52.0469 0828 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 20:47:52.0531 0828 RemoteAccess - ok 20:47:52.0578 0828 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 20:47:52.0625 0828 RemoteRegistry - ok 20:47:52.0718 0828 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe 20:47:52.0749 0828 RichVideo - ok 20:47:52.0781 0828 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 20:47:52.0843 0828 RpcEptMapper - ok 20:47:52.0859 0828 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 20:47:52.0905 0828 RpcLocator - ok 20:47:52.0952 0828 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 20:47:52.0999 0828 RpcSs - ok 20:47:53.0030 0828 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 20:47:53.0093 0828 rspndr - ok 20:47:53.0124 0828 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys 20:47:53.0155 0828 RTL8167 - ok 20:47:53.0202 0828 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 20:47:53.0249 0828 SABI - ok 20:47:53.0280 0828 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:47:53.0311 0828 SamSs - ok 20:47:53.0342 0828 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 20:47:53.0373 0828 sbp2port - ok 20:47:53.0405 0828 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 20:47:53.0467 0828 SCardSvr - ok 20:47:53.0514 0828 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 20:47:53.0529 0828 scfilter - ok 20:47:53.0607 0828 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 20:47:53.0670 0828 Schedule - ok 20:47:53.0717 0828 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 20:47:53.0763 0828 SCPolicySvc - ok 20:47:53.0810 0828 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 20:47:53.0857 0828 SDRSVC - ok 20:47:53.0904 0828 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 20:47:53.0966 0828 secdrv - ok 20:47:53.0997 0828 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 20:47:54.0044 0828 seclogon - ok 20:47:54.0060 0828 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 20:47:54.0122 0828 SENS - ok 20:47:54.0138 0828 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 20:47:54.0153 0828 SensrSvc - ok 20:47:54.0185 0828 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 20:47:54.0231 0828 Serenum - ok 20:47:54.0263 0828 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 20:47:54.0294 0828 Serial - ok 20:47:54.0325 0828 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 20:47:54.0356 0828 sermouse - ok 20:47:54.0419 0828 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 20:47:54.0481 0828 SessionEnv - ok 20:47:54.0512 0828 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 20:47:54.0559 0828 sffdisk - ok 20:47:54.0590 0828 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 20:47:54.0621 0828 sffp_mmc - ok 20:47:54.0653 0828 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 20:47:54.0684 0828 sffp_sd - ok 20:47:54.0715 0828 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 20:47:54.0762 0828 sfloppy - ok 20:47:54.0824 0828 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 20:47:54.0902 0828 SharedAccess - ok 20:47:54.0965 0828 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 20:47:55.0027 0828 ShellHWDetection - ok 20:47:55.0058 0828 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 20:47:55.0074 0828 sisagp - ok 20:47:55.0105 0828 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 20:47:55.0136 0828 SiSRaid2 - ok 20:47:55.0136 0828 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 20:47:55.0152 0828 SiSRaid4 - ok 20:47:55.0183 0828 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 20:47:55.0230 0828 Smb - ok 20:47:55.0261 0828 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 20:47:55.0277 0828 SNMPTRAP - ok 20:47:55.0292 0828 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 20:47:55.0308 0828 spldr - ok 20:47:55.0370 0828 Spooler (9aea093b8f9c37cf45538382caba2475) C:\windows\System32\spoolsv.exe 20:47:55.0417 0828 Spooler - ok 20:47:55.0589 0828 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 20:47:55.0667 0828 sppsvc - ok 20:47:55.0791 0828 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 20:47:55.0823 0828 sppuinotify - ok 20:47:55.0885 0828 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 20:47:55.0916 0828 srv - ok 20:47:55.0947 0828 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 20:47:55.0994 0828 srv2 - ok 20:47:56.0010 0828 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 20:47:56.0057 0828 srvnet - ok 20:47:56.0088 0828 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 20:47:56.0135 0828 SSDPSRV - ok 20:47:56.0150 0828 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 20:47:56.0181 0828 SstpSvc - ok 20:47:56.0213 0828 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 20:47:56.0228 0828 stexstor - ok 20:47:56.0322 0828 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 20:47:56.0369 0828 StiSvc - ok 20:47:56.0384 0828 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 20:47:56.0400 0828 swenum - ok 20:47:56.0431 0828 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 20:47:56.0478 0828 swprv - ok 20:47:56.0540 0828 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys 20:47:56.0556 0828 SynTP - ok 20:47:56.0649 0828 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 20:47:56.0712 0828 SysMain - ok 20:47:56.0759 0828 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 20:47:56.0790 0828 TabletInputService - ok 20:47:56.0852 0828 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 20:47:56.0899 0828 TapiSrv - ok 20:47:56.0930 0828 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 20:47:56.0977 0828 TBS - ok 20:47:57.0117 0828 Tcpip (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\drivers\tcpip.sys 20:47:57.0164 0828 Tcpip - ok 20:47:57.0180 0828 TCPIP6 (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\DRIVERS\tcpip.sys 20:47:57.0211 0828 TCPIP6 - ok 20:47:57.0258 0828 tcpipreg (3eebd3bd93da46a26e89893c7ab2ff3b) C:\windows\system32\drivers\tcpipreg.sys 20:47:57.0320 0828 tcpipreg - ok 20:47:57.0367 0828 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 20:47:57.0383 0828 TDPIPE - ok 20:47:57.0429 0828 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 20:47:57.0461 0828 TDTCP - ok 20:47:57.0492 0828 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 20:47:57.0523 0828 tdx - ok 20:47:57.0539 0828 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 20:47:57.0554 0828 TermDD - ok 20:47:57.0617 0828 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 20:47:57.0648 0828 TermService - ok 20:47:57.0663 0828 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 20:47:57.0710 0828 Themes - ok 20:47:57.0741 0828 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 20:47:57.0773 0828 THREADORDER - ok 20:47:57.0788 0828 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 20:47:57.0835 0828 TrkWks - ok 20:47:57.0913 0828 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 20:47:57.0991 0828 TrustedInstaller - ok 20:47:58.0022 0828 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 20:47:58.0069 0828 tssecsrv - ok 20:47:58.0147 0828 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 20:47:58.0178 0828 TsUsbFlt - ok 20:47:58.0256 0828 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 20:47:58.0303 0828 tunnel - ok 20:47:58.0319 0828 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 20:47:58.0334 0828 uagp35 - ok 20:47:58.0397 0828 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 20:47:58.0475 0828 udfs - ok 20:47:58.0506 0828 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 20:47:58.0537 0828 UI0Detect - ok 20:47:58.0584 0828 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 20:47:58.0615 0828 uliagpkx - ok 20:47:58.0646 0828 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 20:47:58.0677 0828 umbus - ok 20:47:58.0709 0828 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 20:47:58.0755 0828 UmPass - ok 20:47:58.0802 0828 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 20:47:58.0865 0828 upnphost - ok 20:47:58.0927 0828 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\windows\system32\DRIVERS\usbser_lowerflt.sys 20:47:59.0005 0828 upperdev - ok 20:47:59.0036 0828 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 20:47:59.0067 0828 usbccgp - ok 20:47:59.0114 0828 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 20:47:59.0161 0828 usbcir - ok 20:47:59.0192 0828 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 20:47:59.0208 0828 usbehci - ok 20:47:59.0239 0828 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 20:47:59.0270 0828 usbhub - ok 20:47:59.0286 0828 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 20:47:59.0301 0828 usbohci - ok 20:47:59.0333 0828 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 20:47:59.0348 0828 usbprint - ok 20:47:59.0395 0828 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\windows\system32\drivers\usbser.sys 20:47:59.0442 0828 usbser - ok 20:47:59.0489 0828 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys 20:47:59.0520 0828 UsbserFilt - ok 20:47:59.0535 0828 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS 20:47:59.0567 0828 USBSTOR - ok 20:47:59.0582 0828 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 20:47:59.0598 0828 usbuhci - ok 20:47:59.0645 0828 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 20:47:59.0660 0828 usbvideo - ok 20:47:59.0691 0828 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 20:47:59.0723 0828 UxSms - ok 20:47:59.0754 0828 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:47:59.0769 0828 VaultSvc - ok 20:47:59.0816 0828 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 20:47:59.0832 0828 vdrvroot - ok 20:47:59.0894 0828 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 20:47:59.0925 0828 vds - ok 20:47:59.0957 0828 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 20:47:59.0972 0828 vga - ok 20:47:59.0988 0828 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 20:48:00.0050 0828 VgaSave - ok 20:48:00.0066 0828 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 20:48:00.0113 0828 vhdmp - ok 20:48:00.0144 0828 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 20:48:00.0175 0828 viaagp - ok 20:48:00.0222 0828 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 20:48:00.0284 0828 ViaC7 - ok 20:48:00.0315 0828 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 20:48:00.0331 0828 viaide - ok 20:48:00.0378 0828 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 20:48:00.0393 0828 volmgr - ok 20:48:00.0425 0828 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 20:48:00.0440 0828 volmgrx - ok 20:48:00.0487 0828 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 20:48:00.0503 0828 volsnap - ok 20:48:00.0518 0828 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 20:48:00.0549 0828 vsmraid - ok 20:48:00.0627 0828 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 20:48:00.0690 0828 VSS - ok 20:48:00.0705 0828 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 20:48:00.0752 0828 vwifibus - ok 20:48:00.0799 0828 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 20:48:00.0861 0828 vwififlt - ok 20:48:00.0893 0828 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 20:48:00.0908 0828 vwifimp - ok 20:48:00.0955 0828 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 20:48:01.0002 0828 W32Time - ok 20:48:01.0017 0828 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 20:48:01.0049 0828 WacomPen - ok 20:48:01.0111 0828 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 20:48:01.0173 0828 WANARP - ok 20:48:01.0173 0828 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 20:48:01.0205 0828 Wanarpv6 - ok 20:48:01.0298 0828 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 20:48:01.0376 0828 wbengine - ok 20:48:01.0407 0828 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 20:48:01.0439 0828 WbioSrvc - ok 20:48:01.0501 0828 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 20:48:01.0532 0828 wcncsvc - ok 20:48:01.0532 0828 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 20:48:01.0579 0828 WcsPlugInService - ok 20:48:01.0626 0828 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 20:48:01.0641 0828 Wd - ok 20:48:01.0704 0828 Wdf01000 (a840213f1acdcc175b4d1d5aaeac0d7a) C:\windows\system32\drivers\Wdf01000.sys 20:48:01.0735 0828 Wdf01000 - ok 20:48:01.0751 0828 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 20:48:01.0766 0828 WdiServiceHost - ok 20:48:01.0782 0828 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 20:48:01.0797 0828 WdiSystemHost - ok 20:48:01.0844 0828 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 20:48:01.0891 0828 WebClient - ok 20:48:01.0922 0828 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 20:48:01.0953 0828 Wecsvc - ok 20:48:01.0969 0828 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 20:48:02.0031 0828 wercplsupport - ok 20:48:02.0063 0828 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 20:48:02.0109 0828 WerSvc - ok 20:48:02.0125 0828 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 20:48:02.0156 0828 WfpLwf - ok 20:48:02.0187 0828 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 20:48:02.0203 0828 WIMMount - ok 20:48:02.0281 0828 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 20:48:02.0328 0828 WinDefend - ok 20:48:02.0328 0828 WinHttpAutoProxySvc - ok 20:48:02.0390 0828 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 20:48:02.0437 0828 Winmgmt - ok 20:48:02.0531 0828 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 20:48:02.0609 0828 WinRM - ok 20:48:02.0687 0828 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 20:48:02.0718 0828 Wlansvc - ok 20:48:02.0921 0828 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:48:02.0967 0828 wlidsvc - ok 20:48:03.0061 0828 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 20:48:03.0108 0828 WmiAcpi - ok 20:48:03.0170 0828 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 20:48:03.0201 0828 wmiApSrv - ok 20:48:03.0342 0828 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 20:48:03.0404 0828 WMPNetworkSvc - ok 20:48:03.0435 0828 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 20:48:03.0451 0828 WPCSvc - ok 20:48:03.0498 0828 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 20:48:03.0529 0828 WPDBusEnum - ok 20:48:03.0576 0828 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 20:48:03.0654 0828 ws2ifsl - ok 20:48:03.0685 0828 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 20:48:03.0701 0828 wscsvc - ok 20:48:03.0716 0828 WSearch - ok 20:48:03.0841 0828 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll 20:48:03.0919 0828 wuauserv - ok 20:48:04.0044 0828 WudfPf (06e6f32c8d0a3f66d956f57b43a2e070) C:\windows\system32\drivers\WudfPf.sys 20:48:04.0075 0828 WudfPf - ok 20:48:04.0106 0828 WUDFRd (867c301e8b790040ae9cf6486e8041df) C:\windows\system32\DRIVERS\WUDFRd.sys 20:48:04.0122 0828 WUDFRd - ok 20:48:04.0137 0828 wudfsvc (fe47b7bc8ea320c2d9b5e5bf6e303765) C:\windows\System32\WUDFSvc.dll 20:48:04.0153 0828 wudfsvc - ok 20:48:04.0184 0828 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 20:48:04.0215 0828 WwanSvc - ok 20:48:04.0262 0828 yukonw7 (4e2e09afdb9da5d0c2a3a01a903797a8) C:\windows\system32\DRIVERS\yk62x86.sys 20:48:04.0278 0828 yukonw7 - ok 20:48:04.0309 0828 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 20:48:04.0637 0828 \Device\Harddisk0\DR0 - ok 20:48:04.0637 0828 Boot (0x1200) (f92b9d6b59fd66260c04087457a4d6e1) \Device\Harddisk0\DR0\Partition0 20:48:04.0637 0828 \Device\Harddisk0\DR0\Partition0 - ok 20:48:04.0683 0828 Boot (0x1200) (a54264fcf4b94baa8cab49688cf6a61a) \Device\Harddisk0\DR0\Partition1 20:48:04.0683 0828 \Device\Harddisk0\DR0\Partition1 - ok 20:48:04.0683 0828 ============================================================ 20:48:04.0683 0828 Scan finished 20:48:04.0683 0828 ============================================================ 20:48:04.0699 4192 Detected object count: 1 20:48:04.0699 4192 Actual detected object count: 1 20:54:01.0183 4192 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe - copied to quarantine 20:54:01.0183 4192 MDM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 20:54:27.0079 6060 ============================================================ 20:54:27.0079 6060 Scan started 20:54:27.0079 6060 Mode: Manual; SigCheck; TDLFS; 20:54:27.0079 6060 ============================================================ 20:54:27.0672 6060 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys 20:54:27.0703 6060 1394ohci - ok 20:54:27.0750 6060 ACPI (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys 20:54:27.0766 6060 ACPI - ok 20:54:27.0813 6060 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys 20:54:27.0844 6060 AcpiPmi - ok 20:54:27.0953 6060 AdobeFlashPlayerUpdateSvc (95ce557d16a75606ccc2d7f3b0b0bccb) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 20:54:27.0984 6060 AdobeFlashPlayerUpdateSvc - ok 20:54:28.0047 6060 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 20:54:28.0062 6060 adp94xx - ok 20:54:28.0093 6060 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 20:54:28.0109 6060 adpahci - ok 20:54:28.0125 6060 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 20:54:28.0140 6060 adpu320 - ok 20:54:28.0156 6060 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll 20:54:28.0171 6060 AeLookupSvc - ok 20:54:28.0218 6060 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys 20:54:28.0234 6060 AFD - ok 20:54:28.0265 6060 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys 20:54:28.0281 6060 agp440 - ok 20:54:28.0312 6060 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 20:54:28.0327 6060 aic78xx - ok 20:54:28.0343 6060 ALG (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe 20:54:28.0359 6060 ALG - ok 20:54:28.0374 6060 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys 20:54:28.0390 6060 aliide - ok 20:54:28.0390 6060 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys 20:54:28.0421 6060 amdagp - ok 20:54:28.0421 6060 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys 20:54:28.0437 6060 amdide - ok 20:54:28.0452 6060 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 20:54:28.0468 6060 AmdK8 - ok 20:54:28.0483 6060 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 20:54:28.0499 6060 AmdPPM - ok 20:54:28.0515 6060 amdsata (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys 20:54:28.0530 6060 amdsata - ok 20:54:28.0561 6060 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 20:54:28.0577 6060 amdsbs - ok 20:54:28.0593 6060 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys 20:54:28.0608 6060 amdxata - ok 20:54:28.0655 6060 AppID (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys 20:54:28.0671 6060 AppID - ok 20:54:28.0702 6060 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll 20:54:28.0733 6060 AppIDSvc - ok 20:54:28.0780 6060 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll 20:54:28.0811 6060 Appinfo - ok 20:54:28.0827 6060 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 20:54:28.0842 6060 arc - ok 20:54:28.0858 6060 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 20:54:28.0873 6060 arcsas - ok 20:54:28.0889 6060 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 20:54:28.0920 6060 AsyncMac - ok 20:54:28.0936 6060 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys 20:54:28.0951 6060 atapi - ok 20:54:29.0092 6060 athr (49f17a2e79469be6581d491706720671) C:\windows\system32\DRIVERS\athr.sys 20:54:29.0123 6060 athr - ok 20:54:29.0263 6060 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 20:54:29.0310 6060 AudioEndpointBuilder - ok 20:54:29.0326 6060 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll 20:54:29.0357 6060 Audiosrv - ok 20:54:29.0388 6060 AVMUNET (077b3692f4376d1539755761feef659a) C:\windows\system32\DRIVERS\avmunet.sys 20:54:29.0404 6060 AVMUNET - ok 20:54:29.0482 6060 AVP - ok 20:54:29.0529 6060 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll 20:54:29.0575 6060 AxInstSV - ok 20:54:29.0607 6060 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 20:54:29.0638 6060 b06bdrv - ok 20:54:29.0669 6060 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 20:54:29.0685 6060 b57nd60x - ok 20:54:29.0716 6060 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll 20:54:29.0731 6060 BDESVC - ok 20:54:29.0747 6060 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 20:54:29.0778 6060 Beep - ok 20:54:29.0856 6060 BFE (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll 20:54:29.0887 6060 BFE - ok 20:54:29.0919 6060 BITS (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll 20:54:29.0950 6060 BITS - ok 20:54:29.0997 6060 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 20:54:30.0028 6060 blbdrive - ok 20:54:30.0043 6060 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys 20:54:30.0059 6060 bowser - ok 20:54:30.0075 6060 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 20:54:30.0090 6060 BrFiltLo - ok 20:54:30.0106 6060 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 20:54:30.0121 6060 BrFiltUp - ok 20:54:30.0168 6060 Browser (3daa727b5b0a45039b0e1c9a211b8400) C:\windows\System32\browser.dll 20:54:30.0184 6060 Browser - ok 20:54:30.0215 6060 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 20:54:30.0231 6060 Brserid - ok 20:54:30.0246 6060 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 20:54:30.0262 6060 BrSerWdm - ok 20:54:30.0277 6060 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 20:54:30.0293 6060 BrUsbMdm - ok 20:54:30.0309 6060 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 20:54:30.0324 6060 BrUsbSer - ok 20:54:30.0340 6060 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 20:54:30.0355 6060 BTHMODEM - ok 20:54:30.0387 6060 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll 20:54:30.0418 6060 bthserv - ok 20:54:30.0433 6060 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 20:54:30.0465 6060 cdfs - ok 20:54:30.0465 6060 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\drivers\cdrom.sys 20:54:30.0480 6060 cdrom - ok 20:54:30.0527 6060 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 20:54:30.0558 6060 CertPropSvc - ok 20:54:30.0589 6060 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 20:54:30.0605 6060 circlass - ok 20:54:30.0621 6060 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 20:54:30.0636 6060 CLFS - ok 20:54:30.0699 6060 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 20:54:30.0714 6060 clr_optimization_v2.0.50727_32 - ok 20:54:30.0777 6060 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 20:54:30.0792 6060 clr_optimization_v4.0.30319_32 - ok 20:54:30.0808 6060 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 20:54:30.0823 6060 CmBatt - ok 20:54:30.0855 6060 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys 20:54:30.0870 6060 cmdide - ok 20:54:30.0933 6060 CNG (42f158036bd4c2ff3122bf142e60e6fd) C:\windows\system32\Drivers\cng.sys 20:54:30.0964 6060 CNG - ok 20:54:30.0979 6060 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 20:54:30.0995 6060 Compbatt - ok 20:54:31.0026 6060 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys 20:54:31.0042 6060 CompositeBus - ok 20:54:31.0042 6060 COMSysApp - ok 20:54:31.0073 6060 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 20:54:31.0089 6060 crcdisk - ok 20:54:31.0151 6060 CryptSvc (96c0e38905cfd788313be8e11dae3f2f) C:\windows\system32\cryptsvc.dll 20:54:31.0167 6060 CryptSvc - ok 20:54:31.0229 6060 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 20:54:31.0260 6060 DcomLaunch - ok 20:54:31.0291 6060 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll 20:54:31.0323 6060 defragsvc - ok 20:54:31.0369 6060 DfsC (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys 20:54:31.0401 6060 DfsC - ok 20:54:31.0416 6060 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll 20:54:31.0447 6060 Dhcp - ok 20:54:31.0479 6060 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 20:54:31.0510 6060 discache - ok 20:54:31.0525 6060 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 20:54:31.0541 6060 Disk - ok 20:54:31.0572 6060 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll 20:54:31.0588 6060 Dnscache - ok 20:54:31.0635 6060 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll 20:54:31.0666 6060 dot3svc - ok 20:54:31.0713 6060 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll 20:54:31.0744 6060 DPS - ok 20:54:31.0759 6060 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 20:54:31.0775 6060 drmkaud - ok 20:54:31.0822 6060 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys 20:54:31.0853 6060 DXGKrnl - ok 20:54:31.0884 6060 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll 20:54:31.0915 6060 EapHost - ok 20:54:32.0071 6060 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 20:54:32.0134 6060 ebdrv - ok 20:54:32.0274 6060 EFS (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe 20:54:32.0305 6060 EFS - ok 20:54:32.0399 6060 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe 20:54:32.0430 6060 ehRecvr - ok 20:54:32.0446 6060 ehSched (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe 20:54:32.0461 6060 ehSched - ok 20:54:32.0524 6060 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 20:54:32.0555 6060 elxstor - ok 20:54:32.0571 6060 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys 20:54:32.0586 6060 ErrDev - ok 20:54:32.0617 6060 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll 20:54:32.0664 6060 EventSystem - ok 20:54:32.0680 6060 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 20:54:32.0711 6060 exfat - ok 20:54:32.0711 6060 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 20:54:32.0742 6060 fastfat - ok 20:54:32.0805 6060 Fax (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe 20:54:32.0820 6060 Fax - ok 20:54:32.0836 6060 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 20:54:32.0851 6060 fdc - ok 20:54:32.0867 6060 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll 20:54:32.0898 6060 fdPHost - ok 20:54:32.0914 6060 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll 20:54:32.0945 6060 FDResPub - ok 20:54:32.0961 6060 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 20:54:32.0976 6060 FileInfo - ok 20:54:32.0992 6060 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 20:54:33.0023 6060 Filetrace - ok 20:54:33.0039 6060 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 20:54:33.0054 6060 flpydisk - ok 20:54:33.0070 6060 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 20:54:33.0085 6060 FltMgr - ok 20:54:33.0163 6060 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll 20:54:33.0179 6060 FontCache - ok 20:54:33.0257 6060 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 20:54:33.0273 6060 FontCache3.0.0.0 - ok 20:54:33.0304 6060 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 20:54:33.0319 6060 FsDepends - ok 20:54:33.0335 6060 fssfltr (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys 20:54:33.0351 6060 fssfltr - ok 20:54:33.0444 6060 fsssvc (45b52394f9624237f33a8a3d73c0b221) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 20:54:33.0475 6060 fsssvc - ok 20:54:33.0507 6060 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys 20:54:33.0522 6060 Fs_Rec - ok 20:54:33.0569 6060 fvevol (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys 20:54:33.0600 6060 fvevol - ok 20:54:33.0631 6060 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 20:54:33.0647 6060 gagp30kx - ok 20:54:33.0709 6060 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll 20:54:33.0756 6060 gpsvc - ok 20:54:33.0772 6060 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 20:54:33.0787 6060 hcw85cir - ok 20:54:33.0803 6060 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys 20:54:33.0834 6060 HdAudAddService - ok 20:54:33.0850 6060 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys 20:54:33.0865 6060 HDAudBus - ok 20:54:33.0881 6060 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 20:54:33.0912 6060 HidBatt - ok 20:54:33.0928 6060 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 20:54:33.0943 6060 HidBth - ok 20:54:33.0959 6060 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 20:54:33.0975 6060 HidIr - ok 20:54:34.0006 6060 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll 20:54:34.0037 6060 hidserv - ok 20:54:34.0053 6060 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\drivers\hidusb.sys 20:54:34.0068 6060 HidUsb - ok 20:54:34.0115 6060 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll 20:54:34.0162 6060 hkmsvc - ok 20:54:34.0209 6060 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll 20:54:34.0255 6060 HomeGroupListener - ok 20:54:34.0302 6060 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll 20:54:34.0318 6060 HomeGroupProvider - ok 20:54:34.0333 6060 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys 20:54:34.0349 6060 HpSAMD - ok 20:54:34.0443 6060 HTTP (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys 20:54:34.0489 6060 HTTP - ok 20:54:34.0505 6060 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys 20:54:34.0521 6060 hwpolicy - ok 20:54:34.0536 6060 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys 20:54:34.0552 6060 i8042prt - ok 20:54:34.0583 6060 iaStor (0baa4115dfffd6a6d809a89d65e1281a) C:\windows\system32\DRIVERS\iaStor.sys 20:54:34.0599 6060 iaStor - ok 20:54:34.0630 6060 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys 20:54:34.0645 6060 iaStorV - ok 20:54:34.0770 6060 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 20:54:34.0801 6060 idsvc - ok 20:54:35.0035 6060 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys 20:54:35.0113 6060 igfx - ok 20:54:35.0223 6060 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 20:54:35.0254 6060 iirsp - ok 20:54:35.0316 6060 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll 20:54:35.0363 6060 IKEEXT - ok 20:54:35.0503 6060 IntcAzAudAddService (3202e26501e5e18c35dc2cc74709a704) C:\windows\system32\drivers\RTKVHDA.sys 20:54:35.0566 6060 IntcAzAudAddService - ok 20:54:35.0675 6060 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys 20:54:35.0706 6060 intelide - ok 20:54:35.0722 6060 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 20:54:35.0737 6060 intelppm - ok 20:54:35.0769 6060 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll 20:54:35.0800 6060 IPBusEnum - ok 20:54:35.0800 6060 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 20:54:35.0831 6060 IpFilterDriver - ok 20:54:35.0909 6060 iphlpsvc (58f67245d041fbe7af88f4eaf79df0fa) C:\windows\System32\iphlpsvc.dll 20:54:35.0940 6060 iphlpsvc - ok 20:54:35.0971 6060 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys 20:54:36.0003 6060 IPMIDRV - ok 20:54:36.0018 6060 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 20:54:36.0049 6060 IPNAT - ok 20:54:36.0065 6060 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 20:54:36.0081 6060 IRENUM - ok 20:54:36.0112 6060 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys 20:54:36.0127 6060 isapnp - ok 20:54:36.0143 6060 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys 20:54:36.0159 6060 iScsiPrt - ok 20:54:36.0174 6060 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys 20:54:36.0190 6060 kbdclass - ok 20:54:36.0205 6060 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys 20:54:36.0221 6060 kbdhid - ok 20:54:36.0283 6060 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:54:36.0315 6060 KeyIso - ok 20:54:36.0361 6060 KL1 (ea26cb00f83686856f2c79673c00c686) C:\windows\system32\DRIVERS\kl1.sys 20:54:36.0393 6060 KL1 - ok 20:54:36.0439 6060 KLIF (fbc7f840f1118d358d2afb8c1714b384) C:\windows\system32\DRIVERS\klif.sys 20:54:36.0471 6060 KLIF - ok 20:54:36.0486 6060 KLIM6 (af127fe7dd5ed2bbc9049fd8a00defc2) C:\windows\system32\DRIVERS\klim6.sys 20:54:36.0502 6060 KLIM6 - ok 20:54:36.0502 6060 klkbdflt (24aebad59d1de8a7cc36e8f09f999362) C:\windows\system32\DRIVERS\klkbdflt.sys 20:54:36.0517 6060 klkbdflt - ok 20:54:36.0517 6060 klmouflt (a58507c2827c3ae1d4ccb2746aab349f) C:\windows\system32\DRIVERS\klmouflt.sys 20:54:36.0533 6060 klmouflt - ok 20:54:36.0549 6060 kltdi (53c0df6c5139cb78a631e7afcd893730) C:\windows\system32\DRIVERS\kltdi.sys 20:54:36.0564 6060 kltdi - ok 20:54:36.0580 6060 kneps (71a38c123600172511c26bfabd0ef579) C:\windows\system32\DRIVERS\kneps.sys 20:54:36.0595 6060 kneps - ok 20:54:36.0642 6060 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\windows\system32\Drivers\ksecdd.sys 20:54:36.0658 6060 KSecDD - ok 20:54:36.0705 6060 KSecPkg (5fe1abf1af591a3458c9cf24ed9a4d35) C:\windows\system32\Drivers\ksecpkg.sys 20:54:36.0720 6060 KSecPkg - ok 20:54:36.0751 6060 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll 20:54:36.0783 6060 KtmRm - ok 20:54:36.0845 6060 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll 20:54:36.0876 6060 LanmanServer - ok 20:54:36.0907 6060 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll 20:54:36.0939 6060 LanmanWorkstation - ok 20:54:36.0970 6060 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 20:54:37.0001 6060 lltdio - ok 20:54:37.0032 6060 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll 20:54:37.0063 6060 lltdsvc - ok 20:54:37.0079 6060 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll 20:54:37.0110 6060 lmhosts - ok 20:54:37.0141 6060 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 20:54:37.0157 6060 LSI_FC - ok 20:54:37.0173 6060 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 20:54:37.0188 6060 LSI_SAS - ok 20:54:37.0204 6060 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 20:54:37.0219 6060 LSI_SAS2 - ok 20:54:37.0219 6060 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 20:54:37.0235 6060 LSI_SCSI - ok 20:54:37.0266 6060 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 20:54:37.0297 6060 luafv - ok 20:54:37.0344 6060 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll 20:54:37.0375 6060 Mcx2Svc - ok 20:54:37.0469 6060 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe 20:54:37.0469 6060 MDM ( UnsignedFile.Multi.Generic ) - warning 20:54:37.0469 6060 MDM - detected UnsignedFile.Multi.Generic (1) 20:54:37.0516 6060 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 20:54:37.0531 6060 megasas - ok 20:54:37.0547 6060 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 20:54:37.0563 6060 MegaSR - ok 20:54:37.0641 6060 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 20:54:37.0656 6060 Microsoft Office Groove Audit Service - ok 20:54:37.0687 6060 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 20:54:37.0719 6060 MMCSS - ok 20:54:37.0750 6060 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 20:54:37.0781 6060 Modem - ok 20:54:37.0797 6060 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 20:54:37.0812 6060 monitor - ok 20:54:37.0843 6060 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\drivers\mouclass.sys 20:54:37.0859 6060 mouclass - ok 20:54:37.0875 6060 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 20:54:37.0890 6060 mouhid - ok 20:54:37.0937 6060 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys 20:54:37.0953 6060 mountmgr - ok 20:54:37.0984 6060 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys 20:54:37.0999 6060 mpio - ok 20:54:38.0031 6060 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 20:54:38.0062 6060 mpsdrv - ok 20:54:38.0140 6060 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll 20:54:38.0171 6060 MpsSvc - ok 20:54:38.0218 6060 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys 20:54:38.0233 6060 MRxDAV - ok 20:54:38.0265 6060 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys 20:54:38.0280 6060 mrxsmb - ok 20:54:38.0296 6060 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys 20:54:38.0311 6060 mrxsmb10 - ok 20:54:38.0327 6060 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys 20:54:38.0343 6060 mrxsmb20 - ok 20:54:38.0389 6060 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys 20:54:38.0405 6060 msahci - ok 20:54:38.0421 6060 msdsm (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys 20:54:38.0436 6060 msdsm - ok 20:54:38.0467 6060 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe 20:54:38.0483 6060 MSDTC - ok 20:54:38.0514 6060 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 20:54:38.0545 6060 Msfs - ok 20:54:38.0545 6060 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 20:54:38.0577 6060 mshidkmdf - ok 20:54:38.0592 6060 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys 20:54:38.0608 6060 msisadrv - ok 20:54:38.0639 6060 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll 20:54:38.0670 6060 MSiSCSI - ok 20:54:38.0670 6060 msiserver - ok 20:54:38.0686 6060 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 20:54:38.0717 6060 MSKSSRV - ok 20:54:38.0717 6060 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 20:54:38.0748 6060 MSPCLOCK - ok 20:54:38.0764 6060 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 20:54:38.0795 6060 MSPQM - ok 20:54:38.0826 6060 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 20:54:38.0842 6060 MsRPC - ok 20:54:38.0873 6060 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys 20:54:38.0889 6060 mssmbios - ok 20:54:38.0889 6060 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 20:54:38.0920 6060 MSTEE - ok 20:54:38.0935 6060 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 20:54:38.0951 6060 MTConfig - ok 20:54:38.0967 6060 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 20:54:38.0982 6060 Mup - ok 20:54:39.0029 6060 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll 20:54:39.0060 6060 napagent - ok 20:54:39.0091 6060 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 20:54:39.0107 6060 NativeWifiP - ok 20:54:39.0201 6060 NDIS (8c9c922d71f1cd4def73f186416b7896) C:\windows\system32\drivers\ndis.sys 20:54:39.0247 6060 NDIS - ok 20:54:39.0263 6060 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 20:54:39.0294 6060 NdisCap - ok 20:54:39.0294 6060 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 20:54:39.0325 6060 NdisTapi - ok 20:54:39.0372 6060 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys 20:54:39.0388 6060 Ndisuio - ok 20:54:39.0450 6060 NdisWan (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys 20:54:39.0481 6060 NdisWan - ok 20:54:39.0497 6060 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys 20:54:39.0528 6060 NDProxy - ok 20:54:39.0575 6060 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 20:54:39.0606 6060 NetBIOS - ok 20:54:39.0606 6060 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys 20:54:39.0637 6060 NetBT - ok 20:54:39.0684 6060 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:54:39.0715 6060 Netlogon - ok 20:54:39.0747 6060 Netman (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll 20:54:39.0793 6060 Netman - ok 20:54:39.0809 6060 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll 20:54:39.0840 6060 netprofm - ok 20:54:39.0934 6060 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 20:54:39.0965 6060 NetTcpPortSharing - ok 20:54:39.0996 6060 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 20:54:40.0012 6060 nfrd960 - ok 20:54:40.0059 6060 NlaSvc (374071043f9e4231ee43be2bb48dd36d) C:\windows\System32\nlasvc.dll 20:54:40.0074 6060 NlaSvc - ok 20:54:40.0105 6060 nmwcd (712bc0c22ba00b2ba324c6b8df668ee7) C:\windows\system32\drivers\ccdcmb.sys 20:54:40.0137 6060 nmwcd - ok 20:54:40.0152 6060 nmwcdc (7312987b6ccde6f6cee32c14bed1ca2e) C:\windows\system32\drivers\ccdcmbo.sys 20:54:40.0183 6060 nmwcdc - ok 20:54:40.0215 6060 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys 20:54:40.0246 6060 nmwcdnsu - ok 20:54:40.0293 6060 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 20:54:40.0339 6060 Npfs - ok 20:54:40.0371 6060 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll 20:54:40.0402 6060 nsi - ok 20:54:40.0417 6060 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 20:54:40.0449 6060 nsiproxy - ok 20:54:40.0542 6060 Ntfs (0d87503986bb3dfed58e343fe39dde13) C:\windows\system32\drivers\Ntfs.sys 20:54:40.0573 6060 Ntfs - ok 20:54:40.0605 6060 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 20:54:40.0636 6060 Null - ok 20:54:40.0667 6060 NVHDA (d2f4c4b22969236382ca853b8daa2d4e) C:\windows\system32\drivers\nvhda32v.sys 20:54:40.0667 6060 NVHDA - ok 20:54:41.0073 6060 nvlddmkm (104c0fe08dd64965cf788d91ccbb2cc6) C:\windows\system32\DRIVERS\nvlddmkm.sys 20:54:41.0229 6060 nvlddmkm - ok 20:54:41.0353 6060 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys 20:54:41.0385 6060 nvraid - ok 20:54:41.0400 6060 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys 20:54:41.0416 6060 nvstor - ok 20:54:41.0463 6060 nvsvc (63a9cace87c31a46bdf4ad448d9a033a) C:\windows\system32\nvvsvc.exe 20:54:41.0494 6060 nvsvc - ok 20:54:41.0494 6060 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys 20:54:41.0525 6060 nv_agp - ok 20:54:41.0572 6060 OberonGameConsoleService (b5d5da8230d3d3525839d939a9196c3e) C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe 20:54:41.0587 6060 OberonGameConsoleService - ok 20:54:41.0681 6060 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 20:54:41.0697 6060 odserv - ok 20:54:41.0728 6060 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys 20:54:41.0743 6060 ohci1394 - ok 20:54:41.0775 6060 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:54:41.0790 6060 ose - ok 20:54:41.0821 6060 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 20:54:41.0853 6060 p2pimsvc - ok 20:54:41.0868 6060 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll 20:54:41.0884 6060 p2psvc - ok 20:54:41.0915 6060 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 20:54:41.0946 6060 Parport - ok 20:54:41.0977 6060 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys 20:54:41.0993 6060 partmgr - ok 20:54:42.0009 6060 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 20:54:42.0024 6060 Parvdm - ok 20:54:42.0040 6060 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll 20:54:42.0071 6060 PcaSvc - ok 20:54:42.0102 6060 pci (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys 20:54:42.0118 6060 pci - ok 20:54:42.0133 6060 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys 20:54:42.0149 6060 pciide - ok 20:54:42.0180 6060 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 20:54:42.0196 6060 pcmcia - ok 20:54:42.0211 6060 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 20:54:42.0227 6060 pcw - ok 20:54:42.0274 6060 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 20:54:42.0305 6060 PEAUTH - ok 20:54:42.0414 6060 pla (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll 20:54:42.0461 6060 pla - ok 20:54:42.0570 6060 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll 20:54:42.0617 6060 PlugPlay - ok 20:54:42.0633 6060 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll 20:54:42.0648 6060 PNRPAutoReg - ok 20:54:42.0679 6060 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll 20:54:42.0695 6060 PNRPsvc - ok 20:54:42.0742 6060 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll 20:54:42.0773 6060 PolicyAgent - ok 20:54:42.0820 6060 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll 20:54:42.0851 6060 Power - ok 20:54:42.0882 6060 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 20:54:42.0929 6060 PptpMiniport - ok 20:54:42.0945 6060 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 20:54:42.0960 6060 Processor - ok 20:54:43.0007 6060 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll 20:54:43.0038 6060 ProfSvc - ok 20:54:43.0085 6060 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:54:43.0101 6060 ProtectedStorage - ok 20:54:43.0116 6060 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 20:54:43.0147 6060 Psched - ok 20:54:43.0225 6060 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 20:54:43.0288 6060 ql2300 - ok 20:54:43.0381 6060 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 20:54:43.0413 6060 ql40xx - ok 20:54:43.0444 6060 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll 20:54:43.0475 6060 QWAVE - ok 20:54:43.0491 6060 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 20:54:43.0506 6060 QWAVEdrv - ok 20:54:43.0506 6060 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 20:54:43.0537 6060 RasAcd - ok 20:54:43.0553 6060 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 20:54:43.0584 6060 RasAgileVpn - ok 20:54:43.0600 6060 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll 20:54:43.0631 6060 RasAuto - ok 20:54:43.0647 6060 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 20:54:43.0678 6060 Rasl2tp - ok 20:54:43.0725 6060 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll 20:54:43.0787 6060 RasMan - ok 20:54:43.0818 6060 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 20:54:43.0849 6060 RasPppoe - ok 20:54:43.0865 6060 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 20:54:43.0896 6060 RasSstp - ok 20:54:43.0943 6060 rdbss (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys 20:54:43.0990 6060 rdbss - ok 20:54:44.0005 6060 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 20:54:44.0021 6060 rdpbus - ok 20:54:44.0068 6060 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys 20:54:44.0083 6060 RDPCDD - ok 20:54:44.0099 6060 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 20:54:44.0130 6060 RDPENCDD - ok 20:54:44.0146 6060 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 20:54:44.0177 6060 RDPREFMP - ok 20:54:44.0224 6060 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys 20:54:44.0255 6060 RDPWD - ok 20:54:44.0302 6060 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys 20:54:44.0333 6060 rdyboost - ok 20:54:44.0380 6060 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll 20:54:44.0427 6060 RemoteAccess - ok 20:54:44.0458 6060 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll 20:54:44.0489 6060 RemoteRegistry - ok 20:54:44.0583 6060 RichVideo (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe 20:54:44.0598 6060 RichVideo - ok 20:54:44.0614 6060 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll 20:54:44.0645 6060 RpcEptMapper - ok 20:54:44.0676 6060 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe 20:54:44.0692 6060 RpcLocator - ok 20:54:44.0754 6060 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll 20:54:44.0785 6060 RpcSs - ok 20:54:44.0817 6060 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 20:54:44.0848 6060 rspndr - ok 20:54:44.0863 6060 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys 20:54:44.0879 6060 RTL8167 - ok 20:54:44.0910 6060 SABI (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys 20:54:44.0926 6060 SABI - ok 20:54:44.0957 6060 SamSs (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:54:44.0973 6060 SamSs - ok 20:54:45.0004 6060 sbp2port (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys 20:54:45.0019 6060 sbp2port - ok 20:54:45.0051 6060 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll 20:54:45.0082 6060 SCardSvr - ok 20:54:45.0129 6060 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys 20:54:45.0160 6060 scfilter - ok 20:54:45.0222 6060 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll 20:54:45.0285 6060 Schedule - ok 20:54:45.0347 6060 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll 20:54:45.0378 6060 SCPolicySvc - ok 20:54:45.0425 6060 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll 20:54:45.0441 6060 SDRSVC - ok 20:54:45.0472 6060 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 20:54:45.0503 6060 secdrv - ok 20:54:45.0519 6060 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll 20:54:45.0550 6060 seclogon - ok 20:54:45.0565 6060 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll 20:54:45.0597 6060 SENS - ok 20:54:45.0612 6060 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll 20:54:45.0643 6060 SensrSvc - ok 20:54:45.0659 6060 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 20:54:45.0675 6060 Serenum - ok 20:54:45.0690 6060 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 20:54:45.0706 6060 Serial - ok 20:54:45.0737 6060 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 20:54:45.0753 6060 sermouse - ok 20:54:45.0815 6060 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll 20:54:45.0846 6060 SessionEnv - ok 20:54:45.0877 6060 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys 20:54:45.0893 6060 sffdisk - ok 20:54:45.0893 6060 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys 20:54:45.0909 6060 sffp_mmc - ok 20:54:45.0924 6060 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys 20:54:45.0940 6060 sffp_sd - ok 20:54:45.0971 6060 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 20:54:45.0987 6060 sfloppy - ok 20:54:46.0018 6060 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll 20:54:46.0049 6060 SharedAccess - ok 20:54:46.0111 6060 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll 20:54:46.0158 6060 ShellHWDetection - ok 20:54:46.0174 6060 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys 20:54:46.0189 6060 sisagp - ok 20:54:46.0221 6060 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 20:54:46.0236 6060 SiSRaid2 - ok 20:54:46.0252 6060 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 20:54:46.0267 6060 SiSRaid4 - ok 20:54:46.0283 6060 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 20:54:46.0314 6060 Smb - ok 20:54:46.0330 6060 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe 20:54:46.0345 6060 SNMPTRAP - ok 20:54:46.0361 6060 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 20:54:46.0377 6060 spldr - ok 20:54:46.0439 6060 Spooler (9aea093b8f9c37cf45538382caba2475) C:\windows\System32\spoolsv.exe 20:54:46.0486 6060 Spooler - ok 20:54:46.0657 6060 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe 20:54:46.0735 6060 sppsvc - ok 20:54:46.0845 6060 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll 20:54:46.0891 6060 sppuinotify - ok 20:54:46.0938 6060 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys 20:54:46.0954 6060 srv - ok 20:54:47.0001 6060 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys 20:54:47.0016 6060 srv2 - ok 20:54:47.0032 6060 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys 20:54:47.0047 6060 srvnet - ok 20:54:47.0079 6060 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll 20:54:47.0110 6060 SSDPSRV - ok 20:54:47.0125 6060 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll 20:54:47.0157 6060 SstpSvc - ok 20:54:47.0203 6060 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 20:54:47.0219 6060 stexstor - ok 20:54:47.0266 6060 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll 20:54:47.0297 6060 StiSvc - ok 20:54:47.0328 6060 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys 20:54:47.0344 6060 swenum - ok 20:54:47.0375 6060 swprv (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll 20:54:47.0422 6060 swprv - ok 20:54:47.0453 6060 SynTP (215a45246c6e2d0a9c263ce1786c8d8a) C:\windows\system32\DRIVERS\SynTP.sys 20:54:47.0469 6060 SynTP - ok 20:54:47.0562 6060 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll 20:54:47.0593 6060 SysMain - ok 20:54:47.0656 6060 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll 20:54:47.0671 6060 TabletInputService - ok 20:54:47.0718 6060 TapiSrv (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll 20:54:47.0765 6060 TapiSrv - ok 20:54:47.0796 6060 TBS (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll 20:54:47.0827 6060 TBS - ok 20:54:47.0952 6060 Tcpip (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\drivers\tcpip.sys 20:54:47.0983 6060 Tcpip - ok 20:54:47.0999 6060 TCPIP6 (e23a56f843e2aebbb209d0acca73c640) C:\windows\system32\DRIVERS\tcpip.sys 20:54:48.0046 6060 TCPIP6 - ok 20:54:48.0061 6060 tcpipreg (3eebd3bd93da46a26e89893c7ab2ff3b) C:\windows\system32\drivers\tcpipreg.sys 20:54:48.0077 6060 tcpipreg - ok 20:54:48.0124 6060 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys 20:54:48.0139 6060 TDPIPE - ok 20:54:48.0186 6060 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys 20:54:48.0202 6060 TDTCP - ok 20:54:48.0217 6060 tdx (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys 20:54:48.0249 6060 tdx - ok 20:54:48.0264 6060 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys 20:54:48.0280 6060 TermDD - ok 20:54:48.0342 6060 TermService (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll 20:54:48.0373 6060 TermService - ok 20:54:48.0389 6060 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll 20:54:48.0405 6060 Themes - ok 20:54:48.0436 6060 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll 20:54:48.0467 6060 THREADORDER - ok 20:54:48.0483 6060 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll 20:54:48.0514 6060 TrkWks - ok 20:54:48.0592 6060 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe 20:54:48.0654 6060 TrustedInstaller - ok 20:54:48.0654 6060 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys 20:54:48.0685 6060 tssecsrv - ok 20:54:48.0732 6060 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys 20:54:48.0748 6060 TsUsbFlt - ok 20:54:48.0795 6060 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys 20:54:48.0826 6060 tunnel - ok 20:54:48.0841 6060 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 20:54:48.0857 6060 uagp35 - ok 20:54:48.0919 6060 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys 20:54:48.0966 6060 udfs - ok 20:54:49.0013 6060 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe 20:54:49.0029 6060 UI0Detect - ok 20:54:49.0044 6060 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys 20:54:49.0060 6060 uliagpkx - ok 20:54:49.0091 6060 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys 20:54:49.0107 6060 umbus - ok 20:54:49.0122 6060 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 20:54:49.0138 6060 UmPass - ok 20:54:49.0153 6060 upnphost (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll 20:54:49.0200 6060 upnphost - ok 20:54:49.0231 6060 upperdev (7062ed67a10f1c83b2ab951736e24f11) C:\windows\system32\DRIVERS\usbser_lowerflt.sys 20:54:49.0263 6060 upperdev - ok 20:54:49.0263 6060 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys 20:54:49.0278 6060 usbccgp - ok 20:54:49.0294 6060 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys 20:54:49.0309 6060 usbcir - ok 20:54:49.0325 6060 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\DRIVERS\usbehci.sys 20:54:49.0341 6060 usbehci - ok 20:54:49.0356 6060 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys 20:54:49.0372 6060 usbhub - ok 20:54:49.0387 6060 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys 20:54:49.0403 6060 usbohci - ok 20:54:49.0419 6060 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 20:54:49.0434 6060 usbprint - ok 20:54:49.0450 6060 usbser (31181de6190b39fc8007dffd1a48ffd6) C:\windows\system32\drivers\usbser.sys 20:54:49.0465 6060 usbser - ok 20:54:49.0481 6060 UsbserFilt (b76d8039f5b595c4ca551b3d5dd15a98) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys 20:54:49.0512 6060 UsbserFilt - ok 20:54:49.0528 6060 USBSTOR (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS 20:54:49.0543 6060 USBSTOR - ok 20:54:49.0543 6060 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\DRIVERS\usbuhci.sys 20:54:49.0559 6060 usbuhci - ok 20:54:49.0590 6060 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys 20:54:49.0606 6060 usbvideo - ok 20:54:49.0637 6060 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll 20:54:49.0668 6060 UxSms - ok 20:54:49.0715 6060 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe 20:54:49.0746 6060 VaultSvc - ok 20:54:49.0777 6060 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys 20:54:49.0793 6060 vdrvroot - ok 20:54:49.0855 6060 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe 20:54:49.0902 6060 vds - ok 20:54:49.0918 6060 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 20:54:49.0933 6060 vga - ok 20:54:49.0949 6060 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 20:54:49.0980 6060 VgaSave - ok 20:54:50.0011 6060 vhdmp (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys 20:54:50.0027 6060 vhdmp - ok 20:54:50.0058 6060 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys 20:54:50.0074 6060 viaagp - ok 20:54:50.0089 6060 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 20:54:50.0105 6060 ViaC7 - ok 20:54:50.0121 6060 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys 20:54:50.0136 6060 viaide - ok 20:54:50.0167 6060 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys 20:54:50.0183 6060 volmgr - ok 20:54:50.0230 6060 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 20:54:50.0245 6060 volmgrx - ok 20:54:50.0277 6060 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys 20:54:50.0292 6060 volsnap - ok 20:54:50.0323 6060 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 20:54:50.0339 6060 vsmraid - ok 20:54:50.0448 6060 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe 20:54:50.0495 6060 VSS - ok 20:54:50.0526 6060 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 20:54:50.0542 6060 vwifibus - ok 20:54:50.0573 6060 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 20:54:50.0604 6060 vwififlt - ok 20:54:50.0620 6060 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys 20:54:50.0651 6060 vwifimp - ok 20:54:50.0682 6060 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll 20:54:50.0713 6060 W32Time - ok 20:54:50.0729 6060 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 20:54:50.0745 6060 WacomPen - ok 20:54:50.0791 6060 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 20:54:50.0838 6060 WANARP - ok 20:54:50.0854 6060 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys 20:54:50.0869 6060 Wanarpv6 - ok 20:54:50.0963 6060 wbengine (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe 20:54:51.0010 6060 wbengine - ok 20:54:51.0025 6060 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll 20:54:51.0041 6060 WbioSrvc - ok 20:54:51.0088 6060 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll 20:54:51.0119 6060 wcncsvc - ok 20:54:51.0135 6060 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll 20:54:51.0166 6060 WcsPlugInService - ok 20:54:51.0197 6060 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 20:54:51.0213 6060 Wd - ok 20:54:51.0291 6060 Wdf01000 (a840213f1acdcc175b4d1d5aaeac0d7a) C:\windows\system32\drivers\Wdf01000.sys 20:54:51.0322 6060 Wdf01000 - ok 20:54:51.0337 6060 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 20:54:51.0353 6060 WdiServiceHost - ok 20:54:51.0369 6060 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll 20:54:51.0384 6060 WdiSystemHost - ok 20:54:51.0431 6060 WebClient (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll 20:54:51.0478 6060 WebClient - ok 20:54:51.0493 6060 Wecsvc (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll 20:54:51.0525 6060 Wecsvc - ok 20:54:51.0556 6060 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll 20:54:51.0587 6060 wercplsupport - ok 20:54:51.0603 6060 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll 20:54:51.0634 6060 WerSvc - ok 20:54:51.0649 6060 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 20:54:51.0681 6060 WfpLwf - ok 20:54:51.0696 6060 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 20:54:51.0712 6060 WIMMount - ok 20:54:51.0790 6060 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll 20:54:51.0805 6060 WinDefend - ok 20:54:51.0821 6060 WinHttpAutoProxySvc - ok 20:54:51.0868 6060 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll 20:54:51.0899 6060 Winmgmt - ok 20:54:52.0008 6060 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll 20:54:52.0055 6060 WinRM - ok 20:54:52.0117 6060 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll 20:54:52.0149 6060 Wlansvc - ok 20:54:52.0289 6060 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 20:54:52.0320 6060 wlidsvc - ok 20:54:52.0429 6060 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys 20:54:52.0461 6060 WmiAcpi - ok 20:54:52.0507 6060 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe 20:54:52.0523 6060 wmiApSrv - ok 20:54:52.0632 6060 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe 20:54:52.0663 6060 WMPNetworkSvc - ok 20:54:52.0679 6060 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll 20:54:52.0710 6060 WPCSvc - ok 20:54:52.0741 6060 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll 20:54:52.0773 6060 WPDBusEnum - ok 20:54:52.0804 6060 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 20:54:52.0835 6060 ws2ifsl - ok 20:54:52.0866 6060 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll 20:54:52.0882 6060 wscsvc - ok 20:54:52.0882 6060 WSearch - ok 20:54:53.0007 6060 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll 20:54:53.0069 6060 wuauserv - ok 20:54:53.0194 6060 WudfPf (06e6f32c8d0a3f66d956f57b43a2e070) C:\windows\system32\drivers\WudfPf.sys 20:54:53.0225 6060 WudfPf - ok 20:54:53.0256 6060 WUDFRd (867c301e8b790040ae9cf6486e8041df) C:\windows\system32\DRIVERS\WUDFRd.sys 20:54:53.0272 6060 WUDFRd - ok 20:54:53.0287 6060 wudfsvc (fe47b7bc8ea320c2d9b5e5bf6e303765) C:\windows\System32\WUDFSvc.dll 20:54:53.0303 6060 wudfsvc - ok 20:54:53.0334 6060 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll 20:54:53.0350 6060 WwanSvc - ok 20:54:53.0381 6060 yukonw7 (4e2e09afdb9da5d0c2a3a01a903797a8) C:\windows\system32\DRIVERS\yk62x86.sys 20:54:53.0397 6060 yukonw7 - ok 20:54:53.0428 6060 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0 20:54:53.0755 6060 \Device\Harddisk0\DR0 - ok 20:54:53.0755 6060 Boot (0x1200) (f92b9d6b59fd66260c04087457a4d6e1) \Device\Harddisk0\DR0\Partition0 20:54:53.0771 6060 \Device\Harddisk0\DR0\Partition0 - ok 20:54:53.0802 6060 Boot (0x1200) (a54264fcf4b94baa8cab49688cf6a61a) \Device\Harddisk0\DR0\Partition1 20:54:53.0802 6060 \Device\Harddisk0\DR0\Partition1 - ok 20:54:53.0802 6060 ============================================================ 20:54:53.0802 6060 Scan finished 20:54:53.0802 6060 ============================================================ 20:54:53.0818 4360 Detected object count: 1 20:54:53.0818 4360 Actual detected object count: 1 21:03:57.0371 4360 MDM ( UnsignedFile.Multi.Generic ) - skipped by user 21:03:57.0371 4360 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:04:00.0007 4480 Deinitialize success Ich hoffe es ist das was du meinst !!!? Gruß Mirko |
|
03.01.2013, 19:43
| #10 | |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 20:18
| #11 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Combofix Logfile: Code:
ATTFilter ComboFix 13-01-03.05 - samsung 03.01.2013 19:59:12.1.2 - x86
ausgeführt von:: c:\users\samsung\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\ErrLog.txt
c:\programdata\FullRemove.exe
c:\programdata\ntuser.dat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\51776774_danimarinov_OneTwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\56220905_moses698_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\56902220_jasmina6_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\57758202_karadogan_onetwelve.mat
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Recent\Wikipedia.url
c:\windows\$NtUninstallKB1688$
c:\windows\$NtUninstallKB1688$\1027095456\cfg.ini
c:\windows\$NtUninstallKB1688$\2387151705
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-12-03 bis 2013-01-03 ))))))))))))))))))))))))))))))
.
.
2013-01-03 19:08 . 2013-01-03 19:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-02 19:54 . 2013-01-02 19:54 -------- d-----w- C:\TDSSKiller_Quarantine
2013-01-01 12:21 . 2013-01-01 12:21 -------- d-----w- c:\program files\Common Files\Java
2013-01-01 12:20 . 2013-01-01 12:20 93640 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-01-01 12:20 . 2013-01-01 12:20 -------- d-----w- c:\program files\Java
2012-12-29 17:10 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-29 17:10 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-14 19:23 . 2012-11-22 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-14 19:21 . 2012-11-09 04:42 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-14 18:50 . 2012-12-14 18:50 -------- d-----w- c:\users\samsung\AppData\Roaming\Claro
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\users\samsung\AppData\Roaming\PerformerSoft
2012-12-14 18:49 . 2012-12-14 19:11 -------- d-----w- c:\program files\PC Performer
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\users\samsung\AppData\Roaming\Babylon
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\programdata\Babylon
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\programdata\IBUpdaterService
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\windows\system32\Extensions
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\windows\system32\searchplugins
2012-12-14 18:49 . 2012-12-14 18:49 -------- d-----w- c:\programdata\PC Performer Manager
2012-12-14 18:44 . 2012-12-14 19:11 -------- d-----w- c:\program files\Streamripper
2012-12-14 18:21 . 2012-12-14 18:21 -------- d-----w- c:\programdata\DivX
2012-12-14 18:21 . 2012-12-14 19:11 -------- d-----w- c:\program files\Winamp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 19:08 . 2013-01-03 19:08 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEC52D5C-318D-466C-BFB2-0544206CB435}\offreg.dll
2013-01-01 12:20 . 2012-05-09 16:30 859072 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-12-11 20:17 . 2012-04-08 14:34 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-11 20:17 . 2011-06-05 12:46 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-15 18:32 . 2012-06-08 09:38 43608 ----a-w- c:\windows\system32\drivers\kltdi.sys
2012-11-08 18:00 . 2013-01-01 09:45 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{FEC52D5C-318D-466C-BFB2-0544206CB435}\mpengine.dll
2012-10-16 07:39 . 2012-11-28 18:19 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 17:40 . 2012-11-16 05:11 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-16 05:11 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-11-04 13830760]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-21 8092192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-10-10 1578280]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504]
"RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432]
"PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472]
"UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-07-21 210216]
"APLangApp"="c:\program files\AnyPC Client\APLangApp.exe" [2009-10-20 13312]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2012-11-15 356376]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
c:\users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-07-31 11:20 38872 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2012-06-28 15:40 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\DRIVERS\avmunet.sys [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02 114688 ----a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 20:17]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = fritz.box
IE: {{07BA1DA9-F501-4796-8728-74D1B91A6CD5} - c:\program files\PokerStars.EU\PokerStarsUpdate.exe
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
MSConfigStartUp-BearShare - c:\program files\BearShare\BearShare.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\taskhost.exe
c:\program files\Samsung\Samsung Update Plus\SUPBackground.exe
c:\program files\AnyPC Client\APLanMgrC.exe
c:\program files\Samsung\Samsung Support Center\SSCKbdHk.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\DllHost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-01-03 20:14:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-01-03 19:14
.
Vor Suchlauf: 11 Verzeichnis(se), 183.815.929.856 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 183.362.408.448 Bytes frei
.
- - End Of File - - 586F94664C0B154E7F18833A1656DA97
Hoffe das ist das Richtige !!! |
|
03.01.2013, 20:21
| #12 |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Hi malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
03.01.2013, 21:34
| #13 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Malwarebytes Anti-Malware (Test) 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.03.06 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 samsung :: SAMSUNG-PC [Administrator] Schutz: Aktiviert 03.01.2013 20:31:32 mbam-log-2013-01-03 (20-31-32).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 332573 Laufzeit: 57 Minute(n), 42 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 1 C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 1 C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Hat bis jetzt Alles gut geklappt !! Und nun? Lieber Gruß Sorry dachte Combofix wurde nicht online gestellt. Kaspersky findet immernoch Malware HEUR:Exploit.Java.CVE-2012-4681.gen Und was nun? Bitte um Hilfe !!! Gruß Mirko |
|
05.01.2013, 16:31
| #14 |
| /// Malware-holic | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? poste mal die Pfadangabe von Kaspersky, mit Datum. Wie leere ich den Java-Cache? leere den Cache von Java. lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
05.01.2013, 18:13
| #15 |
| | Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? Hallo Markus C:\Documents and Settings\samsung\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5c9af9c5-5449ab32 Ereignis: Gefunden: Heur:Exploit.Java.CVE-2012-4681.gen Datum = 04.01.2013 um 18.48.14 Uhr |
|
| Themen zu Wie entferne ich HEUR:Exploit.Java.CVE-2012-4681.gen von meinem Rechner ? |
| ahnung, beste, besten, control, eingefangen, erklärung, heur:exploit.java.cve-2012-4681.gen, installieren, interne, internet, java, kaspersky, laptop, löschen, natürlich, neuste, nicht löschen, pup.installbrain, rechner, trojaner, version, versuche, virus, windows |
Linear-Darstellung
