|
Log-Analyse und Auswertung: oracle america.inc zerstört meinen Computer!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.01.2013, 19:49 | #1 |
| oracle america.inc zerstört meinen Computer! Hilfe und zwar mein Bildschirm flackert durchegehend ich brauche dringend hilfe bitte...ich bekomme andauernd eine meldung ob oracle america zugriff auf meinen computer nehmen darf.Nach der zeit wird mein Bildschirm schwarz und lässt sich nur per Knopfdruck ausschalten bin am ende weiß nicht mehr weiter danke |
15.01.2013, 19:53 | #2 |
/// Malware-holic | oracle america.inc zerstört meinen Computer! Hi
__________________was für eine Meldung genau? wer zeigt diese an? Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex netsvcs msconfig %SYSTEMDRIVE%\*. %PROGRAMFILES%\*.exe %LOCALAPPDATA%\*.exe %systemroot%\*. /mp /s C:\Windows\system32\*.tsp /md5start userinit.exe eventlog.dll scecli.dll netlogon.dll cngaudit.dll ws2ifsl.sys sceclt.dll ntelogon.dll winlogon.exe logevent.dll user32.DLL explorer.exe iaStor.sys nvstor.sys atapi.sys IdeChnDr.sys viasraid.sys AGP440.sys vaxscsi.sys nvatabus.sys viamraid.sys nvata.sys nvgts.sys iastorv.sys ViPrt.sys eNetHook.dll ahcix86.sys KR10N.sys nvstor32.sys ahcix86s.sys /md5stop %systemroot%\system32\drivers\*.sys /lockedfiles %systemroot%\System32\config\*.sav %systemroot%\system32\*.dll /lockedfiles %USERPROFILE%\*.* %USERPROFILE%\Local Settings\Temp\*.exe %USERPROFILE%\Local Settings\Temp\*.dll %USERPROFILE%\Application Data\*.exe HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs CREATERESTOREPOINT
__________________ |
15.01.2013, 20:04 | #3 |
| oracle america.inc zerstört meinen Computer! ich kann einen anderen hintergrund sehen sozusagen hinter meinem desktop als würde noch jemand mit mir den pc benutzen. das update kommt von java
__________________OTL Logfile: Code:
ATTFilter OTL logfile created on: 1/15/2013 8:08:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco Voigt\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 49.41% Memory free 6.00 Gb Paging File | 3.82 Gb Available in Paging File | 63.68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 890.41 Gb Total Space | 827.01 Gb Free Space | 92.88% Space Free | Partition Type: NTFS Drive D: | 40.00 Gb Total Space | 16.94 Gb Free Space | 42.36% Space Free | Partition Type: NTFS Drive E: | 142.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: MARCOVOIGT-PC | User Name: Marco Voigt | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/15 20:07:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marco Voigt\Downloads\OTL (2).exe PRC - [2012/12/21 11:00:48 | 000,541,760 | ---- | M] (Valve Corporation) -- C:\Program Files\Common Files\Steam\SteamService.exe PRC - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/12/05 11:54:13 | 001,613,368 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe PRC - [2012/12/05 11:53:23 | 001,343,032 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe PRC - [2012/12/03 22:13:23 | 001,354,736 | ---- | M] (Valve Corporation) -- C:\Program Files\Steam\Steam.exe PRC - [2012/11/30 04:07:41 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe PRC - [2012/11/13 19:32:27 | 000,055,544 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe PRC - [2012/10/28 15:54:00 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2012/10/28 15:52:52 | 000,451,072 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2012/10/25 16:31:06 | 000,309,424 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Bitdefender 2013\downloader.exe PRC - [2012/06/17 08:51:58 | 000,466,704 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieCtrl.exe PRC - [2012/06/17 08:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) -- C:\Program Files\Sandboxie\SbieSvc.exe PRC - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/09/24 18:21:18 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe PRC - [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2010/03/04 04:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2009/11/02 22:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe ========== Modules (No Company Name) ========== MOD - [2013/01/11 13:35:52 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll MOD - [2013/01/10 15:03:57 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\07e052b2219f181a8b3da6b7b26cff06\System.Web.ni.dll MOD - [2013/01/10 15:03:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll MOD - [2013/01/10 15:03:25 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c6fb88c8055653672314c29ca4b78a7e\System.Windows.Forms.ni.dll MOD - [2013/01/10 15:03:17 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll MOD - [2013/01/10 15:03:03 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll MOD - [2013/01/10 15:02:58 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll MOD - [2013/01/10 15:02:53 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll MOD - [2013/01/10 15:02:52 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll MOD - [2013/01/10 15:02:34 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll MOD - [2013/01/08 01:06:22 | 000,460,392 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll MOD - [2013/01/08 01:06:21 | 012,459,624 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\PepperFlash\pepflashplayer.dll MOD - [2013/01/08 01:06:19 | 004,012,648 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll MOD - [2013/01/08 01:05:29 | 000,598,120 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\libglesv2.dll MOD - [2013/01/08 01:05:28 | 000,124,520 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\libegl.dll MOD - [2013/01/08 01:05:25 | 001,553,000 | ---- | M] () -- C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\ffmpegsumo.dll MOD - [2012/12/21 11:01:33 | 000,647,168 | ---- | M] () -- C:\Program Files\Steam\SDL.dll MOD - [2012/12/21 11:00:48 | 020,320,240 | ---- | M] () -- C:\Program Files\Steam\bin\libcef.dll MOD - [2012/12/21 11:00:45 | 001,100,800 | ---- | M] () -- C:\Program Files\Steam\bin\avcodec-53.dll MOD - [2012/12/21 11:00:45 | 000,969,280 | ---- | M] () -- C:\Program Files\Steam\bin\chromehtml.DLL MOD - [2012/12/21 11:00:45 | 000,192,000 | ---- | M] () -- C:\Program Files\Steam\bin\avformat-53.dll MOD - [2012/12/21 11:00:45 | 000,124,416 | ---- | M] () -- C:\Program Files\Steam\bin\avutil-51.dll MOD - [2012/11/13 19:13:19 | 000,203,840 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\txmlutil.dll MOD - [2012/05/30 19:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/05/30 19:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2012/04/27 15:08:08 | 000,092,600 | ---- | M] () -- C:\Program Files\Bitdefender\Bitdefender 2013\bdmetrics.dll MOD - [2011/09/24 18:21:18 | 003,077,528 | ---- | M] () -- C:\Program Files\Pando Networks\Media Booster\PMB.exe MOD - [2011/05/28 21:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\rarext.dll MOD - [2010/05/12 14:12:50 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2010/05/12 14:12:47 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll MOD - [2009/11/02 22:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll MOD - [2009/11/02 22:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll ========== Services (SafeList) ========== SRV - [2013/01/09 21:13:48 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/12/21 11:00:48 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/12/05 11:53:23 | 001,343,032 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV) SRV - [2012/11/22 18:11:45 | 000,061,736 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental) SRV - [2012/11/13 19:32:27 | 000,055,544 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV) SRV - [2012/11/09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/10/28 15:54:00 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012/06/17 08:51:58 | 000,075,536 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc) SRV - [2011/10/01 08:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 08:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2008/04/07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys -- (Profos) DRV - [2012/11/02 13:17:14 | 000,242,504 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avchv.sys -- (avchv) DRV - [2012/10/31 12:13:10 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos) DRV - [2012/10/28 15:53:56 | 009,334,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag) DRV - [2012/10/28 15:52:55 | 000,275,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap) DRV - [2012/10/10 14:00:08 | 000,481,464 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\avckf.sys -- (avckf) DRV - [2012/10/10 14:00:04 | 000,622,616 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3) DRV - [2012/10/02 11:31:18 | 000,134,136 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\bdselfpr.sys -- (bdselfpr) DRV - [2012/09/21 17:16:36 | 000,066,392 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\bdsandbox.sys -- (BDSandBox) DRV - [2012/08/29 17:24:08 | 000,161,312 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt) DRV - [2012/07/06 14:13:12 | 000,077,192 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys -- (BdfNdisf) DRV - [2012/06/17 08:51:54 | 000,137,488 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv) DRV - [2011/11/14 19:16:27 | 000,090,704 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf) DRV - [2011/10/01 08:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol) DRV - [2011/10/01 08:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir) DRV - [2011/10/01 08:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay) DRV - [2011/10/01 08:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs) DRV - [2011/08/19 09:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2010/11/25 06:59:16 | 000,603,240 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su) DRV - [2010/05/06 10:21:42 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2009/07/14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb) DRV - [2009/03/31 08:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/03/20 09:01:26 | 000,121,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdm.sys -- (ss_bmdm) DRV - [2009/03/20 09:01:26 | 000,090,112 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bbus.sys -- (ss_bbus) DRV - [2009/03/20 09:01:26 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bmdfl.sys -- (ss_bmdfl) DRV - [2005/03/09 19:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\libusb0.sys -- (libusb0) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110819&tt=280612_6_&babsrc=SP_ss&mntrId=5ef7949100000000000074f06d25d0a1 IE - HKCU\..\SearchScopes\{32764E3E-A544-4854-BC1B-35EBC405252F}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SKPT_deDE430 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@otee.dk/UnityWebPlayer: C:\Program Files\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll (OverTheEdge I/S) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marco Voigt\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marco Voigt\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Marco Voigt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013/01/14 22:32:32 | 000,000,000 | ---D | M] [2011/05/21 09:44:20 | 000,002,047 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml ========== Chrome ========== CHR - homepage: Google CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}, CHR - homepage: Google CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - plugin: Unity Web Player (Enabled) = C:\Program Files\OverTheEdge\Unity\WebPlayer\loader\npUnityWeb32.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Marco Voigt\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: Skype Click to Call = C:\Users\Marco Voigt\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\ O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [EADM] C:\Program Files\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe File not found O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D) O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\Marco Voigt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FIFA 09-Registrierung.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube Download - C:\Users\Marco Voigt\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {444785F1-DE89-4295-863A-D46C3A781394} hxxp://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab (Reg Error: Key error.) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.42.43.62 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer = 78.42.43.62 192.168.0.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013/01/15 14:59:35 | 000,000,000 | ---D | C] -- C:\Windows\System32\SPReview [2013/01/14 23:05:36 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2013/01/14 22:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013 [2013/01/14 22:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging [2013/01/14 22:32:30 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys [2013/01/14 22:32:30 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys [2013/01/14 22:32:25 | 000,622,616 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys [2013/01/14 22:32:25 | 000,481,464 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys [2013/01/14 22:32:25 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys [2013/01/14 22:28:48 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Roaming\Bitdefender [2013/01/14 22:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2013/01/14 22:27:09 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Roaming\QuickScan [2013/01/14 22:25:51 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys [2013/01/14 22:25:51 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys [2013/01/14 22:25:51 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender [2013/01/14 22:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender [2013/01/11 18:24:46 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Roaming\Notepad++ [2013/01/11 18:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++ [2013/01/11 13:42:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/01/11 13:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/01/11 13:41:28 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/01/11 13:41:28 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013/01/09 21:29:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nostale(DE) [2013/01/09 20:20:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live [2013/01/04 20:02:50 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Local\Chromium [2013/01/04 19:47:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monopoly 3 [2013/01/02 17:47:54 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Local\Programs [2013/01/02 16:00:01 | 000,000,000 | ---D | C] -- C:\Users\Marco Voigt\AppData\Local\Gameforge4d [2013/01/02 15:59:48 | 000,000,000 | ---D | C] -- C:\Program Files\GameforgeLive [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/15 20:13:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/01/15 20:04:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/01/15 19:45:28 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/15 19:45:28 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/15 19:37:33 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/15 19:36:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/15 19:36:48 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys [2013/01/15 19:25:11 | 000,001,144 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001UA.job [2013/01/14 23:05:36 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2013/01/14 22:34:13 | 000,634,325 | ---- | M] () -- C:\ProgramData\1358198744.bdinstall.bin [2013/01/14 22:33:43 | 000,000,385 | ---- | M] () -- C:\Windows\System32\user_gensett.xml [2013/01/14 22:32:53 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01 [2013/01/14 22:32:53 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr [2013/01/14 22:32:53 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01 [2013/01/14 22:32:43 | 000,002,130 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2013/01/14 22:32:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2013/01/14 22:29:04 | 000,001,596 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013/01/13 16:52:04 | 000,654,594 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013/01/13 16:52:04 | 000,616,476 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013/01/13 16:52:04 | 000,130,208 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013/01/13 16:52:04 | 000,106,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013/01/13 16:49:08 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001Core.job [2013/01/13 16:45:13 | 000,002,407 | ---- | M] () -- C:\Users\Marco Voigt\Desktop\Google Chrome.lnk [2013/01/12 15:15:37 | 000,001,398 | ---- | M] () -- C:\Users\Marco Voigt\Desktop\Google.lnk [2013/01/11 13:42:02 | 000,001,757 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/01/10 15:01:08 | 000,276,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013/01/09 21:29:58 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\NosTale.lnk [2013/01/09 20:20:54 | 000,001,033 | ---- | M] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/14 22:34:13 | 000,634,325 | ---- | C] () -- C:\ProgramData\1358198744.bdinstall.bin [2013/01/14 22:33:43 | 000,000,385 | ---- | C] () -- C:\Windows\System32\user_gensett.xml [2013/01/14 22:32:53 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01 [2013/01/14 22:32:43 | 000,002,130 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2013/01/14 22:32:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf [2013/01/14 22:28:45 | 035,184,777 | -H-- | C] () -- C:\bdr-im01.gz [2013/01/14 22:28:45 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01 [2013/01/14 22:28:45 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01 [2013/01/14 22:28:45 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr [2013/01/12 15:12:55 | 000,001,398 | ---- | C] () -- C:\Users\Marco Voigt\Desktop\Google.lnk [2013/01/11 13:42:02 | 000,001,757 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/01/09 21:29:58 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\NosTale.lnk [2013/01/09 20:20:54 | 000,001,033 | ---- | C] () -- C:\Users\Public\Desktop\Gameforge Live.lnk [2012/10/28 15:55:28 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat [2012/10/28 15:54:57 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat [2012/10/28 15:54:13 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat [2012/10/28 15:52:53 | 000,601,728 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat [2012/07/27 16:59:46 | 000,001,596 | ---- | C] () -- C:\Windows\Sandboxie.ini [2012/07/03 20:56:10 | 000,033,792 | ---- | C] () -- C:\Windows\System32\drivers\libusb0.sys [2012/01/22 10:49:08 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2011/11/09 09:11:26 | 000,000,008 | ---- | C] () -- C:\Users\Marco Voigt\AppData\Roaming\i0bi7rzvv1a4u2di.dat [2011/08/25 15:17:26 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2011/07/26 06:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll [2011/06/06 20:19:00 | 000,138,056 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011/06/06 20:19:00 | 000,138,056 | ---- | C] () -- C:\Users\Marco Voigt\AppData\Roaming\PnkBstrK.sys [2011/06/06 20:18:32 | 000,189,248 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011/06/06 20:18:30 | 000,075,136 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011/05/29 20:03:54 | 000,000,017 | ---- | C] () -- C:\Users\Marco Voigt\AppData\Local\resmon.resmoncfg [2011/05/28 14:33:46 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat [2011/05/17 09:54:51 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/05/17 09:54:51 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys ========== ZeroAccess Check ========== [2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012/06/30 13:28:15 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Babylon [2013/01/14 22:28:48 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Bitdefender [2012/01/19 22:06:22 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2012/11/30 13:41:09 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\DVDVideoSoft [2012/11/30 13:40:34 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\DVDVideoSoftIEHelpers [2013/01/06 16:50:19 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Electronic Arts [2012/10/21 09:46:14 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Leadertech [2013/01/11 18:28:38 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Notepad++ [2012/10/19 13:03:49 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\OpenCandy [2012/11/29 22:32:16 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Origin [2011/05/17 10:03:00 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\PC Suite [2013/01/14 22:27:09 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\QuickScan [2011/08/24 19:33:40 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\Samsung [2013/01/14 23:02:19 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\SoftGrid Client [2012/01/13 23:30:43 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\TeamViewer [2011/10/07 13:33:48 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\TP [2011/09/14 16:35:16 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\TS3Client [2012/06/30 10:10:09 | 000,000,000 | ---D | M] -- C:\Users\Marco Voigt\AppData\Roaming\TuneUp Software ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2011/07/13 18:42:52 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN [2012/07/11 22:03:42 | 000,000,000 | ---D | M] -- C:\Aerosoft [2010/07/01 22:54:47 | 000,000,000 | ---D | M] -- C:\ATI [2013/01/11 13:42:48 | 000,000,000 | -HSD | M] -- C:\Config.Msi [2011/05/03 20:59:00 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2011/07/05 14:54:01 | 000,000,000 | ---D | M] -- C:\Fiaa [2011/10/07 13:41:10 | 000,000,000 | RH-D | M] -- C:\MSOCache [2013/01/15 14:08:37 | 000,000,000 | R--D | M] -- C:\Program Files [2013/01/15 14:08:38 | 000,000,000 | -H-D | M] -- C:\ProgramData [2011/05/04 11:50:44 | 000,000,000 | ---D | M] -- C:\Recover [2012/07/22 10:25:50 | 000,000,000 | -HSD | M] -- C:\Recovery [2011/05/05 18:06:53 | 000,000,000 | R--D | M] -- C:\Sandbox [2013/01/15 20:10:49 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2011/11/08 20:58:18 | 000,000,000 | R--D | M] -- C:\Users [2013/01/15 19:13:12 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < C:\Windows\system32\*.tsp > [2009/07/14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp [2009/07/14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp [2009/07/14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp [2009/07/14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp [2009/07/14 02:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp [2009/07/14 05:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT [2011/05/04 19:00:44 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [2011/05/04 19:00:45 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [2012/04/09 20:33:39 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job [2012/08/03 21:15:21 | 000,001,092 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001Core.job [2012/08/03 21:15:21 | 000,001,144 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001UA.job < MD5 for: AGP440.SYS > [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys < MD5 for: AHCIX86S.SYS > [2007/11/14 18:44:42 | 000,129,552 | ---- | M] (Promise Technology, Inc.) MD5=58CB1FA96B24DFE2196548E959B1996B -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys [2009/10/26 18:41:10 | 000,189,496 | ---- | M] (Advanced Micro Devices, Inc) MD5=6C27F0A964EA98F457CAAB9A47030538 -- C:\ATI\Win7_Vista\8_741\Packages\Drivers\SBDrv\SB6xx\RAID\W7\ahcix86s.sys < MD5 for: ATAPI.SYS > [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys < MD5 for: CNGAUDIT.DLL > [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll < MD5 for: EXPLORER.EXE > [2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe [2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe [2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe [2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe [2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe [2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe [2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe [2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe < MD5 for: IASTOR.SYS > [2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\drivers\iaStor.sys [2010/03/04 03:33:26 | 000,435,736 | ---- | M] (Intel Corporation) MD5=26541A068572F650A2FA490726FE81BE -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_e8a55be84650e755\iaStor.sys < MD5 for: IASTORV.SYS > [2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys [2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\drivers\iaStorV.sys [2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0033117673c16921\iaStorV.sys [2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys [2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys [2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys [2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys < MD5 for: NETLOGON.DLL > [2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll < MD5 for: NVSTOR.SYS > [2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys [2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys [2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys [2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys [2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys [2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys [2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys < MD5 for: SCECLI.DLL > [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll [2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll < MD5 for: USER32.DLL > [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll [2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll [2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll < MD5 for: USERINIT.EXE > [2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe [2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe < MD5 for: WINLOGON.EXE > [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe [2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe [2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe [2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe [2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe < MD5 for: WS2IFSL.SYS > [2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys [2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys < %systemroot%\system32\drivers\*.sys /lockedfiles > [2012/08/29 17:24:08 | 000,161,312 | ---- | M] (BitDefender LLC) Unable to obtain MD5 -- C:\Windows\system32\drivers\gzflt.sys < %systemroot%\System32\config\*.sav > < %systemroot%\system32\*.dll /lockedfiles > [2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\LocationApi.dll < %USERPROFILE%\*.* > [2013/01/15 20:27:17 | 002,883,584 | -HS- | M] () -- C:\Users\Marco Voigt\NTUSER.DAT [2013/01/15 20:27:17 | 000,262,144 | -HS- | M] () -- C:\Users\Marco Voigt\ntuser.dat.LOG1 [2011/05/03 21:08:26 | 000,000,000 | -HS- | M] () -- C:\Users\Marco Voigt\ntuser.dat.LOG2 [2011/05/03 21:43:11 | 000,065,536 | -HS- | M] () -- C:\Users\Marco Voigt\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf [2011/05/03 21:43:11 | 000,524,288 | -HS- | M] () -- C:\Users\Marco Voigt\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms [2011/05/03 21:43:11 | 000,524,288 | -HS- | M] () -- C:\Users\Marco Voigt\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms [2011/05/03 21:08:26 | 000,000,020 | -HS- | M] () -- C:\Users\Marco Voigt\ntuser.ini < %USERPROFILE%\Local Settings\Temp\*.exe > < %USERPROFILE%\Local Settings\Temp\*.dll > < %USERPROFILE%\Application Data\*.exe > < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < > < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 1/15/2013 8:08:21 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marco Voigt\Downloads Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3.00 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 49.41% Memory free 6.00 Gb Paging File | 3.82 Gb Available in Paging File | 63.68% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 890.41 Gb Total Space | 827.01 Gb Free Space | 92.88% Space Free | Partition Type: NTFS Drive D: | 40.00 Gb Total Space | 16.94 Gb Free Space | 42.36% Space Free | Partition Type: NTFS Drive E: | 142.39 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: MARCOVOIGT-PC | User Name: Marco Voigt | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{19CCBCC4-CDDA-48C5-8EF9-053D33130734}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{1CB14706-A5EC-4775-A8C4-BC85DFA1D39B}" = lport=445 | protocol=6 | dir=in | app=system | "{2110A935-4753-459C-AF91-A745EFEFACF1}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{2359D346-A09E-4C44-8E97-D26EE0AE6AF4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{2419FE32-7FB5-413D-A25E-6F5D23F846A3}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{2FC8126B-7237-4263-9D0F-B3A03B46F65D}" = rport=10243 | protocol=6 | dir=out | app=system | "{31DDB9D6-DE63-4B2C-BE8A-8C7E3C37FB92}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{334A5B3F-C535-4EBC-86D6-F24CEFF5E132}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{3EE73248-DEE2-4613-A0EB-7F16F21EB125}" = rport=445 | protocol=6 | dir=out | app=system | "{44BF77AB-A3A8-4F41-944D-99AA36C29EFA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{49CABBC3-362D-4EAE-A1EC-4970B6D05266}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{4E2954EA-A301-4E8B-9294-4C2C1454F8A8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4FA4683C-4B16-4EBB-8AAA-DFD4E2C5F5EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5305CB1D-63A8-4DF8-9425-3E6C11A76954}" = lport=2869 | protocol=6 | dir=in | app=system | "{58948ADF-D1AC-45EF-A02B-6120339D018F}" = lport=3390 | protocol=6 | dir=in | app=system | "{6D0B9DE4-1AC9-485E-8627-5E731CA1A902}" = rport=138 | protocol=17 | dir=out | app=system | "{711C61C5-7138-4738-9185-4F121AE4274C}" = lport=10244 | protocol=6 | dir=in | app=system | "{7AABA0F0-D3F1-45EC-93A1-C4A2A3E458DC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7C27DE54-FD84-484E-A3A3-95840AA232EE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7F667E3C-4782-4F27-B390-28A1C3486B56}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8424A377-2613-4E84-82E8-25DF4922623E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{87899234-A143-49D2-B84E-BA9C1F5BF3BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{89B074A3-88DC-4572-81AC-3D2BF7AD90B7}" = rport=137 | protocol=17 | dir=out | app=system | "{8A4326BC-9C32-4158-9FE5-144B194D973C}" = lport=139 | protocol=6 | dir=in | app=system | "{8C2E0B5E-DC77-44BA-BE1A-3FDFA3EC93A8}" = lport=138 | protocol=17 | dir=in | app=system | "{908F6D4C-FAE5-4C7F-B918-D5D215246CF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{9754F0DF-9764-45C0-8212-2B09FF78D8EF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{97D39220-FD11-4D17-959F-1F70F4EAF66F}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{A4B25FED-2436-41D9-B702-C795AE415954}" = lport=137 | protocol=17 | dir=in | app=system | "{A7834D3D-EA96-40B7-A19D-C789D84D0A07}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{AB2E8ECC-EB27-4BEE-9CD9-88D9DCC4D6A5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B019B2D0-1DF7-4E8F-A682-9FB1E702009C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B17CA4DE-3B9F-425E-8E2E-70E2519E4620}" = lport=2869 | protocol=6 | dir=in | app=system | "{B756FCE1-FAA1-4111-A2CB-249615C5ED96}" = lport=3390 | protocol=6 | dir=in | app=system | "{BBE21C6A-118E-47A7-B90E-5A2B8C51623E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{BD85ED55-5185-45CC-BF96-A5E70950865A}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{C2CFE67F-BD09-480C-AE06-7018BF70EF85}" = lport=10243 | protocol=6 | dir=in | app=system | "{C89E54A4-B228-42F9-BFA6-D0C92A3C9D7E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{C8A75301-FBAD-4C2F-9730-591115568720}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CB4A3F91-84E8-4D7A-AA72-32516287784B}" = lport=2869 | protocol=6 | dir=in | app=system | "{D2EA9F93-8557-477E-BF37-436A383D416D}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E73A697A-1436-45C0-85FA-78E7F523B738}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E7E2D87D-E63D-4FAE-A3E6-CF641198E320}" = lport=10244 | protocol=6 | dir=in | app=system | "{E81BB7FE-6343-4E36-A5FD-23CE8507D6A3}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{EBAE05DB-29C3-4696-BDE3-822D2E747629}" = lport=2869 | protocol=6 | dir=in | app=system | "{EF5BDDCB-BB94-4F71-8846-C20A2CAB016F}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F1936AE2-B3A1-4210-AC9A-743D4D8A08C7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe | "{FE213354-27DB-4391-AA2A-D5BC36CAE061}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{FFA064AB-0F1A-43CC-9D2F-C68F0564AB48}" = rport=139 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{020D148A-D5B6-4932-B539-EDEF9FBAB71E}" = protocol=17 | dir=in | app=c:\users\marco voigt\downloads\facemoods.exe | "{03E17409-AC37-40B4-9FF8-F9ECEA145856}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\the sims 3 trailer\smp.exe | "{058734CA-0CCC-4DA5-91CB-08D11262360B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{06361DFD-498E-418C-87C7-70E4E4CF62F9}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{08DEF208-7C14-47E4-8864-B4501C8988E1}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{0A3C2A94-73A8-49F6-A792-A50023E826C4}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{0B9D2563-0A75-41A4-8BA3-11CA97A0AC40}" = protocol=6 | dir=in | app=c:\program files\origin games\fifa manager 13\manager13.exe | "{0CB959E3-67F1-40F7-9E9A-6DEEE7796F37}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0E4B2DD3-911A-439E-A0D1-7E32D92E1432}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1707A1A3-AACC-4B47-98DA-4DBF130766D0}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{17DC9787-7448-4717-8199-A6B0EBBA5A63}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{18BC5C34-0403-490F-B1EE-DFDA04D22DA2}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhd.exe | "{1C4A6A77-87A3-48A4-94F8-635375786B65}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe | "{1E120F4F-0F79-4D40-9983-F8CD3782B507}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{218F7B7C-42EA-4A1B-A4AC-2ED385B8E4A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{28356EC2-1926-4A70-ADEA-4A9E01518C3A}" = protocol=17 | dir=in | app=c:\program files\origin games\fifa manager 13\manager13.exe | "{2B855DE5-112D-46FD-980B-B939AC59253D}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{2CF1C518-FD45-4B8C-8022-79017D7BAEFC}" = protocol=17 | dir=in | app=c:\program files\novalogic\delta force task force dagger\dftfd.exe | "{31A87341-B8CB-43AA-BB55-DAB61C1F9432}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | "{32D317F6-71A6-4A2B-B8A1-346CDB4DF9D8}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{3628060B-3BBE-4258-BF63-4B8D3012DBF8}" = protocol=17 | dir=in | app=c:\users\marco voigt\appdata\local\microsoft\windows\temporary internet files\content.ie5\fnrm7ue3\facemoods.exe | "{36E62F14-2681-4EE1-B3C9-075F3BEAED80}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | "{39213CD7-F82E-4D8B-A339-B63D893F90AA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{460FB721-BF8C-4065-AD98-417C2A3A7BBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{474990C4-02D6-4A0A-A255-A9F15AB5BF92}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | "{502CDFE8-C2E8-4F8A-A936-0BCA0912B179}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{55749FBA-CD0A-4C73-BD66-9E15D621A511}" = protocol=17 | dir=in | app=c:\users\marco voigt\desktop\dftfd.exe | "{594523CF-EE65-4416-9164-B27EEEFB4668}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5DFFA4F6-42DC-4ABB-A40E-64970898A48C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{5EE395BA-98F1-437F-8833-9CC2A3F46316}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{61F40944-3FB4-4EEC-8734-DCACBA9A77A5}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force black hawk down\dfbhd.exe | "{637222AC-3655-446A-A2F4-9F15B630F29F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{64D24AD6-1DB7-461D-989A-2951F25EBA62}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\amd driver updater, vista and 7, 32 bit\setup.exe | "{652533D0-048D-4297-AA8A-9BFF368A48A9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{68AA2DB5-AC03-445C-A1B7-B038B836D996}" = protocol=6 | dir=in | app=c:\users\marco voigt\desktop\dftfd.exe | "{6B18CCC2-4DD0-42AA-831F-CB3E13BE6FED}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{777DDCF3-F060-4F6A-8131-25570D0E1CBD}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe | "{797038D7-9D0F-48EC-AC02-B3984A78ED44}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{7CCB91F0-15D5-4C3B-B630-6E2F5B263ED5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{81C94A41-1995-4F9D-8797-E9C9BC51DE25}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{86FD70FD-84EF-4EAE-981F-1D2738D05F2E}" = protocol=6 | dir=in | app=c:\users\marco voigt\appdata\local\microsoft\windows\temporary internet files\content.ie5\fnrm7ue3\facemoods.exe | "{87D0406B-3E16-40B8-B543-D6DAD094B9BD}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{8BF2D2B0-2FD2-4F88-B0E3-E1183742850E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8DB800C2-020B-4A91-86A2-45C066E150E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{969E024D-EFB4-4837-B698-4EADD8B50B1C}" = protocol=6 | dir=out | app=system | "{9C2D4D4A-D75C-452A-AF0E-36F0417AC5FB}" = protocol=6 | dir=in | app=c:\program files\novalogic\delta force task force dagger\dftfd.exe | "{AEEEF0C9-9B0B-434B-9C0A-A6BF9B89F22E}" = protocol=6 | dir=in | app=c:\users\marco voigt\downloads\facemoods.exe | "{B077A7B0-9C77-4336-90F2-9AEC3B81262E}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{B21F9B88-4861-40E6-92BD-A1259453B974}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{B2B04804-41C2-4819-817B-727EA3E729C0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{B2FB5FD9-34F2-4F56-A30A-7384166828D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{B58F41F2-8378-4FEE-99E3-6819CBA84098}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B756A0B1-ABB8-4FE5-9140-9E1DEA0F0DC2}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{B769EBF9-2E65-47CC-A27F-D3637608B9D1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{B8BD3F69-A66A-4203-8B93-CFAE28619B83}" = dir=in | app=c:\program files\itunes\itunes.exe | "{BB6B0578-A475-49EA-A9D7-CA6D2EF5F7B5}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe | "{C13E1B13-81D4-40FB-8F57-DB3534F6FFCE}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{C1F63C60-6182-485F-9775-71E8F7D255E2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | "{C97E01CA-81EF-4209-B7F7-6AD995B14AFF}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{CF915E5C-CFE4-468B-A585-C5F50639D175}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D08FBB4C-81EB-4A1B-BDB9-4842EC9BD284}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{D5AF1A21-B646-4C41-9EF3-24CE720B0746}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{EA28E00F-853C-43CC-A4FB-C2877EC8E765}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{EFA0B4A3-94A0-4AA7-91CD-C4B7C7BACAB9}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe | "{EFF18DDD-175E-4051-BB42-980665E34394}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{F0E9787B-09DF-402C-911F-2EBEE1FEB613}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F3B65300-D476-4AA4-9EE8-CD8B13BE71CA}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\the sims 3 trailer\smp.exe | "{F92242BF-2558-495C-A774-440E91F1CDE0}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "TCP Query User{62417B3E-0CDB-4C40-AF57-AA7DEC736570}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{631B17ED-E4EB-4C2A-99A1-4A5D674A1F41}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "TCP Query User{81339A52-6711-4024-8EE3-95954911AB59}C:\program files\microsoft games\age of empires ii trial\empires2.exe" = protocol=6 | dir=in | app=c:\program files\microsoft games\age of empires ii trial\empires2.exe | "UDP Query User{0A5D2A60-720C-4153-89FB-8FF40D4E0FBE}C:\program files\microsoft games\age of empires ii trial\empires2.exe" = protocol=17 | dir=in | app=c:\program files\microsoft games\age of empires ii trial\empires2.exe | "UDP Query User{7D7A41C8-DBA6-4C7B-AF89-E98E83057E60}C:\program files\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield play4free\bfp4f.exe | "UDP Query User{C371A3C6-CF9F-476D-A833-C5C2813354F5}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{05B2AAA8-F30A-163D-76E4-9E618DBDAFB1}" = Catalyst Control Center InstallProxy "{093561FF-BC54-CD42-77BD-4885F16C60B7}" = CCC Help Danish "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{17D39326-BF2B-FCE9-DE84-58EE76F945CD}" = CCC Help French "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A4940D6-418E-867B-F214-2B0C58E7961D}" = CCC Help Swedish "{4D5308D2-6B0A-4BB0-809F-AE1000048101}" = Microsoft Flight "{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync "{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{701BDB1B-8D00-8C67-6F64-BDD3B58EC827}" = CCC Help Norwegian "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13 "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend" "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema "{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B355AD55-ED88-4A46-015D-51AAD00EB57D}" = CCC Help Japanese "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B95FB6E3-8373-52BC-C824-8DDB1D6DD049}" = CCC Help Dutch "{B9BA9CC8-B0A2-00C8-780E-B82A066E48C6}" = AMD Catalyst Install Manager "{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU] "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die*Sims™*3 "{C09C15F5-DDB7-3820-CF1A-798051174EC7}" = CCC Help Italian "{C2214950-8342-4878-1286-31D0F07FDC34}" = Catalyst Control Center Localization All "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C39F6C00-142E-48AC-633F-15E6AA7E24D8}" = Catalyst Control Center Graphics Previews Vista "{C47D990B-5D5C-B6A6-A04D-676379D39170}" = CCC Help English "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CF52C7EA-BDEF-A58F-6F33-0431076766C8}" = ccc-utility "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D7C7EA35-4C51-F874-3AB7-95DC40DDA494}" = CCC Help German "{D81845B4-5239-AD56-39A5-9FCFE528330F}" = ccc-core-static "{DFD284CD-501F-B36C-67D9-05D4D7D590AB}" = CCC Help Spanish "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EAC1A606-1D31-AC37-90DD-5684A6E7D2E8}" = CCC Help Finnish "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Bitdefender" = Bitdefender Internet Security 2013 "Free YouTube Download_is1" = Free YouTube Download version 3.1.40.1031 "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go "InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint "InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "NosTale(DE)_is1" = Nostale(DE) "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "Origin" = Origin "SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set "Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software "SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software "SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software "SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software "Sandboxie" = Sandboxie 3.72 (32-bit) "Uninstall_is1" = Uninstall 1.0.0.1 "UnityWebPlayer" = Unity Web Player "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.01 (32-Bit) ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 8/22/2012 3:58:44 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8159 Error - 8/22/2012 3:58:45 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 8/22/2012 3:58:45 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9173 Error - 8/22/2012 3:58:45 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9173 Error - 8/22/2012 3:58:47 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 8/22/2012 3:58:47 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 10468 Error - 8/22/2012 3:58:47 PM | Computer Name = MarcoVoigt-PC | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10468 Error - 8/23/2012 3:38:14 PM | Computer Name = MarcoVoigt-PC | Source = Application Hang | ID = 1002 Description = Programm nostale.exe, Version 1.0.2.29 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 17a0 Startzeit: 01cd8166cbba4c42 Endzeit: 0 Anwendungspfad: C:\Program Files\NosTale(DE)\nostale.exe Berichts-ID: 0d4050d5-ed5a-11e1-b449-6c626d5c94bd Error - 8/23/2012 4:01:51 PM | Computer Name = MarcoVoigt-PC | Source = Application Hang | ID = 1002 Description = Programm nostale.exe, Version 1.0.2.29 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1500 Startzeit: 01cd816a186efa98 Endzeit: 31 Anwendungspfad: C:\Program Files\NosTale(DE)\nostale.exe Berichts-ID: 5f3125e5-ed5d-11e1-b449-6c626d5c94bd Error - 8/24/2012 3:25:02 AM | Computer Name = MarcoVoigt-PC | Source = CVHSVC | ID = 100 Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: [ Media Center Events ] Error - 11/9/2011 2:55:14 AM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 07:55:14 - Fehler beim Herstellen der Internetverbindung. 07:55:14 - Serververbindung konnte nicht hergestellt werden.. Error - 11/9/2011 2:55:24 AM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 07:55:19 - Fehler beim Herstellen der Internetverbindung. 07:55:19 - Serververbindung konnte nicht hergestellt werden.. Error - 12/27/2011 9:55:21 PM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 02:55:21 - Fehler beim Herstellen der Internetverbindung. 02:55:21 - Serververbindung konnte nicht hergestellt werden.. Error - 12/27/2011 9:55:52 PM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 02:55:50 - Fehler beim Herstellen der Internetverbindung. 02:55:50 - Serververbindung konnte nicht hergestellt werden.. Error - 12/27/2011 10:56:27 PM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 03:56:27 - Fehler beim Herstellen der Internetverbindung. 03:56:27 - Serververbindung konnte nicht hergestellt werden.. Error - 12/27/2011 10:56:59 PM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 03:56:56 - Fehler beim Herstellen der Internetverbindung. 03:56:56 - Serververbindung konnte nicht hergestellt werden.. Error - 12/28/2011 2:00:19 AM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 07:00:19 - Fehler beim Herstellen der Internetverbindung. 07:00:19 - Serververbindung konnte nicht hergestellt werden.. Error - 12/28/2011 2:00:50 AM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 07:00:48 - Fehler beim Herstellen der Internetverbindung. 07:00:48 - Serververbindung konnte nicht hergestellt werden.. Error - 1/25/2012 8:23:34 AM | Computer Name = MarcoVoigt-PC | Source = MCUpdate | ID = 0 Description = 13:23:33 - Directory konnte nicht abgerufen werden (Fehler: Der Remotename konnte nicht aufgelöst werden: 'data.tvdownload.microsoft.com') [ System Events ] Error - 1/3/2013 5:24:41 PM | Computer Name = MarcoVoigt-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?03.?01.?2013 um 22:23:26 unerwartet heruntergefahren. Error - 1/4/2013 4:32:06 PM | Computer Name = MarcoVoigt-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht. Error - 1/4/2013 9:55:52 PM | Computer Name = MarcoVoigt-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht. Error - 1/5/2013 10:04:39 AM | Computer Name = MarcoVoigt-PC | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht. Error - 1/14/2013 9:41:59 AM | Computer Name = MarcoVoigt-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?14.?01.?2013 um 14:38:22 unerwartet heruntergefahren. Error - 1/14/2013 6:03:38 PM | Computer Name = MarcoVoigt-PC | Source = Service Control Manager | ID = 7043 Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error - 1/15/2013 10:03:31 AM | Computer Name = MarcoVoigt-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Windows 7 Service Pack 1 (KB976932) Error - 1/15/2013 1:09:20 PM | Computer Name = MarcoVoigt-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?15.?01.?2013 um 18:06:37 unerwartet heruntergefahren. Error - 1/15/2013 1:48:01 PM | Computer Name = MarcoVoigt-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?15.?01.?2013 um 18:37:46 unerwartet heruntergefahren. Error - 1/15/2013 1:59:16 PM | Computer Name = MarcoVoigt-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?15.?01.?2013 um 18:49:29 unerwartet heruntergefahren. < End of report > und jetzt? |
16.01.2013, 15:52 | #4 |
/// Malware-holic | oracle america.inc zerstört meinen Computer! hi wieso bekommt dein Windows keine Updates, Servicepack 1 fehlt zb. download tdss killer: http://www.trojaner-board.de/82358-t...entfernen.html Klicke auf Change parameters • Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system • Klick auf OK und anschließend auf Start scan - bei funden erst mal immer skip wählen, log posten c: öffnen, tdsskiller-datum-version.txt öffnen, Inhal posten
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
16.01.2013, 19:17 | #5 |
| oracle america.inc zerstört meinen Computer! 19:13:46.0177 5312 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 19:13:46.0304 5312 ============================================================ 19:13:46.0304 5312 Current date / time: 2013/01/16 19:13:46.0304 19:13:46.0304 5312 SystemInfo: 19:13:46.0304 5312 19:13:46.0304 5312 OS Version: 6.1.7600 ServicePack: 0.0 19:13:46.0304 5312 Product type: Workstation 19:13:46.0304 5312 ComputerName: MARCOVOIGT-PC 19:13:46.0305 5312 UserName: Marco Voigt 19:13:46.0305 5312 Windows directory: C:\Windows 19:13:46.0305 5312 System windows directory: C:\Windows 19:13:46.0305 5312 Processor architecture: Intel x86 19:13:46.0305 5312 Number of processors: 2 19:13:46.0305 5312 Page size: 0x1000 19:13:46.0305 5312 Boot type: Normal boot 19:13:46.0305 5312 ============================================================ 19:13:48.0031 5312 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 19:13:48.0043 5312 ============================================================ 19:13:48.0044 5312 \Device\Harddisk0\DR0: 19:13:48.0044 5312 MBR partitions: 19:13:48.0044 5312 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:13:48.0044 5312 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F4D3000 19:13:48.0044 5312 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6F505800, BlocksNum 0x5000000 19:13:48.0044 5312 ============================================================ 19:13:48.0074 5312 C: <-> \Device\Harddisk0\DR0\Partition2 19:13:48.0129 5312 D: <-> \Device\Harddisk0\DR0\Partition3 19:13:48.0129 5312 ============================================================ 19:13:48.0129 5312 Initialize success 19:13:48.0129 5312 ============================================================ 19:14:34.0375 5920 ============================================================ 19:14:34.0375 5920 Scan started 19:14:34.0375 5920 Mode: Manual; SigCheck; TDLFS; 19:14:34.0375 5920 ============================================================ 19:14:35.0569 5920 ================ Scan system memory ======================== 19:14:35.0569 5920 System memory - ok 19:14:35.0569 5920 ================ Scan services ============================= 19:14:35.0778 5920 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 19:14:35.0996 5920 1394ohci - ok 19:14:36.0021 5920 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 19:14:36.0035 5920 ACPI - ok 19:14:36.0051 5920 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 19:14:36.0141 5920 AcpiPmi - ok 19:14:36.0247 5920 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 19:14:36.0272 5920 AdobeARMservice - ok 19:14:36.0334 5920 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 19:14:36.0377 5920 AdobeFlashPlayerUpdateSvc - ok 19:14:36.0419 5920 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:14:36.0445 5920 adp94xx - ok 19:14:36.0457 5920 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:14:36.0494 5920 adpahci - ok 19:14:36.0524 5920 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:14:36.0542 5920 adpu320 - ok 19:14:36.0559 5920 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:14:36.0592 5920 AeLookupSvc - ok 19:14:36.0645 5920 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys 19:14:36.0719 5920 AFD - ok 19:14:36.0743 5920 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 19:14:36.0789 5920 agp440 - ok 19:14:36.0817 5920 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 19:14:36.0833 5920 aic78xx - ok 19:14:36.0856 5920 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 19:14:36.0890 5920 ALG - ok 19:14:36.0906 5920 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 19:14:36.0928 5920 aliide - ok 19:14:36.0973 5920 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:14:37.0040 5920 AMD External Events Utility - ok 19:14:37.0060 5920 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys 19:14:37.0078 5920 amdagp - ok 19:14:37.0093 5920 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys 19:14:37.0110 5920 amdide - ok 19:14:37.0138 5920 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:14:37.0164 5920 AmdK8 - ok 19:14:37.0340 5920 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:14:37.0671 5920 amdkmdag - ok 19:14:37.0706 5920 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:14:37.0760 5920 amdkmdap - ok 19:14:37.0792 5920 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:14:37.0841 5920 AmdPPM - ok 19:14:37.0863 5920 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:14:37.0883 5920 amdsata - ok 19:14:37.0905 5920 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:14:37.0936 5920 amdsbs - ok 19:14:37.0953 5920 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:14:37.0981 5920 amdxata - ok 19:14:38.0168 5920 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 19:14:38.0189 5920 AntiVirSchedulerService - ok 19:14:38.0219 5920 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 19:14:38.0239 5920 AntiVirService - ok 19:14:38.0262 5920 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys 19:14:38.0350 5920 AppID - ok 19:14:38.0379 5920 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:14:38.0471 5920 AppIDSvc - ok 19:14:38.0489 5920 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll 19:14:38.0533 5920 Appinfo - ok 19:14:38.0581 5920 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:14:38.0594 5920 Apple Mobile Device - ok 19:14:38.0652 5920 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 19:14:38.0697 5920 arc - ok 19:14:38.0716 5920 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:14:38.0756 5920 arcsas - ok 19:14:38.0776 5920 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:14:38.0880 5920 AsyncMac - ok 19:14:38.0918 5920 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys 19:14:38.0956 5920 atapi - ok 19:14:39.0001 5920 [ 8DF873D0587596C1D35A9CECECC61DA1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 19:14:39.0049 5920 AtiHdmiService - ok 19:14:39.0088 5920 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:14:39.0128 5920 AudioEndpointBuilder - ok 19:14:39.0136 5920 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll 19:14:39.0161 5920 Audiosrv - ok 19:14:39.0205 5920 [ A5C175039B1D6D85D0E79F5855828E4D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 19:14:39.0238 5920 avgntflt - ok 19:14:39.0276 5920 [ 37B854C7D1F477E66C5B49C7700C47CC ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 19:14:39.0323 5920 avipbb - ok 19:14:39.0352 5920 [ CC4EBA25D80DE42BBC2BF3E553219388 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 19:14:39.0396 5920 avkmgr - ok 19:14:39.0427 5920 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:14:39.0493 5920 AxInstSV - ok 19:14:39.0531 5920 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 19:14:39.0623 5920 b06bdrv - ok 19:14:39.0658 5920 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 19:14:39.0710 5920 b57nd60x - ok 19:14:39.0762 5920 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 19:14:39.0845 5920 BDESVC - ok 19:14:39.0858 5920 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 19:14:39.0921 5920 Beep - ok 19:14:39.0961 5920 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll 19:14:40.0005 5920 BFE - ok 19:14:40.0060 5920 [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe 19:14:40.0074 5920 BingDesktopUpdate - ok 19:14:40.0106 5920 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll 19:14:40.0150 5920 BITS - ok 19:14:40.0166 5920 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:14:40.0200 5920 blbdrive - ok 19:14:40.0259 5920 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:14:40.0282 5920 Bonjour Service - ok 19:14:40.0312 5920 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:14:40.0358 5920 bowser - ok 19:14:40.0386 5920 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:14:40.0415 5920 BrFiltLo - ok 19:14:40.0429 5920 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:14:40.0491 5920 BrFiltUp - ok 19:14:40.0515 5920 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll 19:14:40.0576 5920 Browser - ok 19:14:40.0598 5920 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:14:40.0685 5920 Brserid - ok 19:14:40.0711 5920 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:14:40.0776 5920 BrSerWdm - ok 19:14:40.0802 5920 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:14:40.0881 5920 BrUsbMdm - ok 19:14:40.0921 5920 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:14:40.0983 5920 BrUsbSer - ok 19:14:41.0009 5920 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:14:41.0037 5920 BTHMODEM - ok 19:14:41.0067 5920 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 19:14:41.0151 5920 bthserv - ok 19:14:41.0186 5920 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:14:41.0234 5920 cdfs - ok 19:14:41.0260 5920 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:14:41.0299 5920 cdrom - ok 19:14:41.0322 5920 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll 19:14:41.0351 5920 CertPropSvc - ok 19:14:41.0368 5920 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:14:41.0407 5920 circlass - ok 19:14:41.0428 5920 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 19:14:41.0441 5920 CLFS - ok 19:14:41.0499 5920 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:14:41.0547 5920 clr_optimization_v2.0.50727_32 - ok 19:14:41.0593 5920 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:14:41.0620 5920 clr_optimization_v4.0.30319_32 - ok 19:14:41.0653 5920 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:14:41.0705 5920 CmBatt - ok 19:14:41.0729 5920 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 19:14:41.0754 5920 cmdide - ok 19:14:41.0780 5920 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys 19:14:41.0824 5920 CNG - ok 19:14:41.0841 5920 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:14:41.0869 5920 Compbatt - ok 19:14:41.0909 5920 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:14:41.0951 5920 CompositeBus - ok 19:14:41.0962 5920 COMSysApp - ok 19:14:41.0983 5920 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:14:42.0011 5920 crcdisk - ok 19:14:42.0040 5920 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:14:42.0068 5920 CryptSvc - ok 19:14:42.0129 5920 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 19:14:42.0172 5920 cvhsvc - ok 19:14:42.0208 5920 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll 19:14:42.0252 5920 DcomLaunch - ok 19:14:42.0281 5920 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 19:14:42.0309 5920 defragsvc - ok 19:14:42.0339 5920 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:14:42.0406 5920 DfsC - ok 19:14:42.0423 5920 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll 19:14:42.0456 5920 Dhcp - ok 19:14:42.0475 5920 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 19:14:42.0506 5920 discache - ok 19:14:42.0523 5920 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:14:42.0539 5920 Disk - ok 19:14:42.0563 5920 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:14:42.0590 5920 Dnscache - ok 19:14:42.0643 5920 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll 19:14:42.0672 5920 dot3svc - ok 19:14:42.0684 5920 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll 19:14:42.0729 5920 DPS - ok 19:14:42.0767 5920 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:14:42.0823 5920 drmkaud - ok 19:14:42.0858 5920 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:14:42.0906 5920 DXGKrnl - ok 19:14:42.0937 5920 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 19:14:42.0964 5920 EapHost - ok 19:14:43.0026 5920 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 19:14:43.0118 5920 ebdrv - ok 19:14:43.0148 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe 19:14:43.0182 5920 EFS - ok 19:14:43.0229 5920 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:14:43.0305 5920 ehRecvr - ok 19:14:43.0328 5920 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 19:14:43.0383 5920 ehSched - ok 19:14:43.0416 5920 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:14:43.0460 5920 elxstor - ok 19:14:43.0475 5920 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 19:14:43.0512 5920 ErrDev - ok 19:14:43.0537 5920 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 19:14:43.0579 5920 EventSystem - ok 19:14:43.0601 5920 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 19:14:43.0680 5920 exfat - ok 19:14:43.0700 5920 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:14:43.0766 5920 fastfat - ok 19:14:43.0792 5920 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe 19:14:43.0812 5920 Fax - ok 19:14:43.0826 5920 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:14:43.0846 5920 fdc - ok 19:14:43.0865 5920 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 19:14:43.0904 5920 fdPHost - ok 19:14:43.0918 5920 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 19:14:43.0975 5920 FDResPub - ok 19:14:43.0992 5920 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:14:44.0016 5920 FileInfo - ok 19:14:44.0032 5920 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:14:44.0094 5920 Filetrace - ok 19:14:44.0114 5920 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:14:44.0154 5920 flpydisk - ok 19:14:44.0169 5920 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:14:44.0206 5920 FltMgr - ok 19:14:44.0241 5920 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll 19:14:44.0290 5920 FontCache - ok 19:14:44.0332 5920 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 19:14:44.0375 5920 FontCache3.0.0.0 - ok 19:14:44.0400 5920 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:14:44.0431 5920 FsDepends - ok 19:14:44.0493 5920 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS 19:14:44.0521 5920 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 19:14:44.0521 5920 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 19:14:44.0558 5920 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:14:44.0588 5920 Fs_Rec - ok 19:14:44.0643 5920 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:14:44.0703 5920 fvevol - ok 19:14:44.0725 5920 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:14:44.0756 5920 gagp30kx - ok 19:14:44.0792 5920 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:14:44.0817 5920 GEARAspiWDM - ok 19:14:44.0857 5920 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll 19:14:44.0901 5920 gpsvc - ok 19:14:44.0952 5920 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 19:14:44.0962 5920 gupdate - ok 19:14:44.0983 5920 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 19:14:44.0993 5920 gupdatem - ok 19:14:45.0039 5920 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 19:14:45.0051 5920 gusvc - ok 19:14:45.0077 5920 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:14:45.0136 5920 hcw85cir - ok 19:14:45.0159 5920 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:14:45.0216 5920 HdAudAddService - ok 19:14:45.0238 5920 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:14:45.0282 5920 HDAudBus - ok 19:14:45.0311 5920 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:14:45.0372 5920 HidBatt - ok 19:14:45.0392 5920 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:14:45.0437 5920 HidBth - ok 19:14:45.0459 5920 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:14:45.0506 5920 HidIr - ok 19:14:45.0525 5920 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 19:14:45.0562 5920 hidserv - ok 19:14:45.0594 5920 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:14:45.0675 5920 HidUsb - ok 19:14:45.0694 5920 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:14:45.0728 5920 hkmsvc - ok 19:14:45.0739 5920 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:14:45.0775 5920 HomeGroupListener - ok 19:14:45.0807 5920 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:14:45.0844 5920 HomeGroupProvider - ok 19:14:45.0880 5920 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 19:14:45.0914 5920 HpSAMD - ok 19:14:45.0948 5920 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:14:46.0003 5920 HTTP - ok 19:14:46.0023 5920 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:14:46.0038 5920 hwpolicy - ok 19:14:46.0061 5920 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:14:46.0101 5920 i8042prt - ok 19:14:46.0119 5920 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 19:14:46.0132 5920 iaStor - ok 19:14:46.0188 5920 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:14:46.0205 5920 IAStorDataMgrSvc - ok 19:14:46.0232 5920 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:14:46.0263 5920 iaStorV - ok 19:14:46.0312 5920 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:14:46.0353 5920 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:14:46.0353 5920 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:14:46.0394 5920 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:14:46.0449 5920 idsvc - ok 19:14:46.0569 5920 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 19:14:46.0691 5920 igfx - ok 19:14:46.0705 5920 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:14:46.0730 5920 iirsp - ok 19:14:46.0770 5920 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll 19:14:46.0804 5920 IKEEXT - ok 19:14:46.0888 5920 [ F4427E5DF32CDE359B2E2E5512D18001 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 19:14:46.0968 5920 IntcAzAudAddService - ok 19:14:46.0996 5920 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys 19:14:47.0024 5920 intelide - ok 19:14:47.0048 5920 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:14:47.0061 5920 intelppm - ok 19:14:47.0090 5920 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:14:47.0118 5920 IPBusEnum - ok 19:14:47.0132 5920 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:14:47.0187 5920 IpFilterDriver - ok 19:14:47.0215 5920 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:14:47.0250 5920 iphlpsvc - ok 19:14:47.0265 5920 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 19:14:47.0306 5920 IPMIDRV - ok 19:14:47.0330 5920 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:14:47.0388 5920 IPNAT - ok 19:14:47.0432 5920 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:14:47.0446 5920 iPod Service - ok 19:14:47.0459 5920 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:14:47.0505 5920 IRENUM - ok 19:14:47.0528 5920 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 19:14:47.0568 5920 isapnp - ok 19:14:47.0597 5920 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 19:14:47.0659 5920 iScsiPrt - ok 19:14:47.0697 5920 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:14:47.0742 5920 kbdclass - ok 19:14:47.0768 5920 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:14:47.0811 5920 kbdhid - ok 19:14:47.0823 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe 19:14:47.0836 5920 KeyIso - ok 19:14:47.0856 5920 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:14:47.0902 5920 KSecDD - ok 19:14:47.0931 5920 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:14:47.0967 5920 KSecPkg - ok 19:14:47.0992 5920 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 19:14:48.0043 5920 KtmRm - ok 19:14:48.0067 5920 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll 19:14:48.0098 5920 LanmanServer - ok 19:14:48.0119 5920 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:14:48.0155 5920 LanmanWorkstation - ok 19:14:48.0207 5920 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys 19:14:48.0241 5920 libusb0 ( UnsignedFile.Multi.Generic ) - warning 19:14:48.0241 5920 libusb0 - detected UnsignedFile.Multi.Generic (1) 19:14:48.0264 5920 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:14:48.0324 5920 lltdio - ok 19:14:48.0342 5920 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:14:48.0370 5920 lltdsvc - ok 19:14:48.0383 5920 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 19:14:48.0412 5920 lmhosts - ok 19:14:48.0427 5920 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:14:48.0458 5920 LSI_FC - ok 19:14:48.0484 5920 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:14:48.0501 5920 LSI_SAS - ok 19:14:48.0524 5920 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:14:48.0550 5920 LSI_SAS2 - ok 19:14:48.0555 5920 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:14:48.0572 5920 LSI_SCSI - ok 19:14:48.0599 5920 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 19:14:48.0684 5920 luafv - ok 19:14:48.0719 5920 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys 19:14:48.0757 5920 LVRS - ok 19:14:48.0784 5920 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:14:48.0804 5920 Mcx2Svc - ok 19:14:48.0822 5920 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:14:48.0854 5920 megasas - ok 19:14:48.0876 5920 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:14:48.0899 5920 MegaSR - ok 19:14:48.0910 5920 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 19:14:48.0938 5920 MMCSS - ok 19:14:48.0954 5920 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 19:14:49.0019 5920 Modem - ok 19:14:49.0041 5920 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:14:49.0075 5920 monitor - ok 19:14:49.0101 5920 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:14:49.0130 5920 mouclass - ok 19:14:49.0149 5920 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:14:49.0183 5920 mouhid - ok 19:14:49.0210 5920 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:14:49.0226 5920 mountmgr - ok 19:14:49.0241 5920 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys 19:14:49.0269 5920 mpio - ok 19:14:49.0288 5920 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:14:49.0339 5920 mpsdrv - ok 19:14:49.0366 5920 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll 19:14:49.0413 5920 MpsSvc - ok 19:14:49.0433 5920 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:14:49.0471 5920 MRxDAV - ok 19:14:49.0497 5920 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:14:49.0530 5920 mrxsmb - ok 19:14:49.0553 5920 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:14:49.0602 5920 mrxsmb10 - ok 19:14:49.0627 5920 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:14:49.0653 5920 mrxsmb20 - ok 19:14:49.0672 5920 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 19:14:49.0700 5920 msahci - ok 19:14:49.0718 5920 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 19:14:49.0736 5920 msdsm - ok 19:14:49.0747 5920 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 19:14:49.0777 5920 MSDTC - ok 19:14:49.0797 5920 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:14:49.0861 5920 Msfs - ok 19:14:49.0875 5920 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:14:49.0911 5920 mshidkmdf - ok 19:14:49.0920 5920 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 19:14:49.0949 5920 msisadrv - ok 19:14:49.0984 5920 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:14:50.0011 5920 MSiSCSI - ok 19:14:50.0015 5920 msiserver - ok 19:14:50.0045 5920 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:14:50.0096 5920 MSKSSRV - ok 19:14:50.0110 5920 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:14:50.0161 5920 MSPCLOCK - ok 19:14:50.0166 5920 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:14:50.0196 5920 MSPQM - ok 19:14:50.0216 5920 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:14:50.0249 5920 MsRPC - ok 19:14:50.0276 5920 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:14:50.0286 5920 mssmbios - ok 19:14:50.0296 5920 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:14:50.0328 5920 MSTEE - ok 19:14:50.0343 5920 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:14:50.0375 5920 MTConfig - ok 19:14:50.0397 5920 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 19:14:50.0425 5920 Mup - ok 19:14:50.0460 5920 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll 19:14:50.0484 5920 napagent - ok 19:14:50.0509 5920 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:14:50.0564 5920 NativeWifiP - ok 19:14:50.0590 5920 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:14:50.0615 5920 NDIS - ok 19:14:50.0635 5920 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:14:50.0688 5920 NdisCap - ok 19:14:50.0724 5920 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:14:50.0771 5920 NdisTapi - ok 19:14:50.0789 5920 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:14:50.0840 5920 Ndisuio - ok 19:14:50.0858 5920 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:14:50.0909 5920 NdisWan - ok 19:14:50.0924 5920 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:14:50.0955 5920 NDProxy - ok 19:14:50.0979 5920 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:14:51.0058 5920 NetBIOS - ok 19:14:51.0070 5920 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:14:51.0119 5920 NetBT - ok 19:14:51.0131 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe 19:14:51.0142 5920 Netlogon - ok 19:14:51.0176 5920 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 19:14:51.0207 5920 Netman - ok 19:14:51.0222 5920 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 19:14:51.0247 5920 netprofm - ok 19:14:51.0272 5920 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:14:51.0289 5920 NetTcpPortSharing - ok 19:14:51.0303 5920 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:14:51.0330 5920 nfrd960 - ok 19:14:51.0353 5920 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll 19:14:51.0384 5920 NlaSvc - ok 19:14:51.0397 5920 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:14:51.0438 5920 Npfs - ok 19:14:51.0454 5920 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 19:14:51.0481 5920 nsi - ok 19:14:51.0499 5920 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:14:51.0566 5920 nsiproxy - ok 19:14:51.0612 5920 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:14:51.0681 5920 Ntfs - ok 19:14:51.0702 5920 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 19:14:51.0746 5920 Null - ok 19:14:51.0769 5920 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:14:51.0799 5920 nvraid - ok 19:14:51.0821 5920 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:14:51.0852 5920 nvstor - ok 19:14:51.0879 5920 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 19:14:51.0922 5920 nv_agp - ok 19:14:51.0938 5920 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 19:14:51.0996 5920 ohci1394 - ok 19:14:52.0058 5920 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:14:52.0081 5920 ose - ok 19:14:52.0176 5920 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:14:52.0299 5920 osppsvc - ok 19:14:52.0336 5920 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:14:52.0362 5920 p2pimsvc - ok 19:14:52.0385 5920 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 19:14:52.0399 5920 p2psvc - ok 19:14:52.0411 5920 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:14:52.0449 5920 Parport - ok 19:14:52.0477 5920 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:14:52.0493 5920 partmgr - ok 19:14:52.0517 5920 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 19:14:52.0562 5920 Parvdm - ok 19:14:52.0580 5920 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:14:52.0612 5920 PcaSvc - ok 19:14:52.0638 5920 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys 19:14:52.0653 5920 pci - ok 19:14:52.0668 5920 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys 19:14:52.0695 5920 pciide - ok 19:14:52.0722 5920 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:14:52.0742 5920 pcmcia - ok 19:14:52.0761 5920 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 19:14:52.0790 5920 pcw - ok 19:14:52.0821 5920 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:14:52.0883 5920 PEAUTH - ok 19:14:52.0929 5920 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll 19:14:52.0969 5920 pla - ok 19:14:52.0998 5920 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:14:53.0063 5920 PlugPlay - ok 19:14:53.0111 5920 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\Windows\system32\PnkBstrA.exe 19:14:53.0120 5920 PnkBstrA - ok 19:14:53.0143 5920 [ 27F1BE4A53441C9F1F48B9ADC145B0A5 ] PnkBstrB C:\Windows\system32\PnkBstrB.exe 19:14:53.0153 5920 PnkBstrB - ok 19:14:53.0174 5920 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:14:53.0199 5920 PNRPAutoReg - ok 19:14:53.0211 5920 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:14:53.0224 5920 PNRPsvc - ok 19:14:53.0248 5920 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:14:53.0280 5920 PolicyAgent - ok 19:14:53.0295 5920 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll 19:14:53.0325 5920 Power - ok 19:14:53.0349 5920 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:14:53.0376 5920 PptpMiniport - ok 19:14:53.0387 5920 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:14:53.0430 5920 Processor - ok 19:14:53.0457 5920 Profos - ok 19:14:53.0486 5920 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll 19:14:53.0519 5920 ProfSvc - ok 19:14:53.0531 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:14:53.0548 5920 ProtectedStorage - ok 19:14:53.0570 5920 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:14:53.0598 5920 Psched - ok 19:14:53.0651 5920 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 19:14:53.0672 5920 PSI_SVC_2 - ok 19:14:53.0714 5920 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:14:53.0778 5920 ql2300 - ok 19:14:53.0806 5920 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:14:53.0836 5920 ql40xx - ok 19:14:53.0871 5920 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 19:14:53.0924 5920 QWAVE - ok 19:14:53.0946 5920 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:14:53.0967 5920 QWAVEdrv - ok 19:14:53.0976 5920 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:14:54.0020 5920 RasAcd - ok 19:14:54.0038 5920 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:14:54.0091 5920 RasAgileVpn - ok 19:14:54.0114 5920 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 19:14:54.0144 5920 RasAuto - ok 19:14:54.0161 5920 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:14:54.0208 5920 Rasl2tp - ok 19:14:54.0232 5920 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll 19:14:54.0266 5920 RasMan - ok 19:14:54.0290 5920 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:14:54.0336 5920 RasPppoe - ok 19:14:54.0347 5920 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:14:54.0384 5920 RasSstp - ok 19:14:54.0399 5920 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:14:54.0459 5920 rdbss - ok 19:14:54.0488 5920 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:14:54.0554 5920 rdpbus - ok 19:14:54.0575 5920 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:14:54.0633 5920 RDPCDD - ok 19:14:54.0656 5920 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:14:54.0689 5920 RDPENCDD - ok 19:14:54.0702 5920 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:14:54.0752 5920 RDPREFMP - ok 19:14:54.0774 5920 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:14:54.0808 5920 RDPWD - ok 19:14:54.0837 5920 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:14:54.0857 5920 rdyboost - ok 19:14:54.0872 5920 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 19:14:54.0898 5920 RemoteAccess - ok 19:14:54.0912 5920 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:14:54.0946 5920 RemoteRegistry - ok 19:14:54.0959 5920 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:14:54.0987 5920 RpcEptMapper - ok 19:14:55.0000 5920 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 19:14:55.0018 5920 RpcLocator - ok 19:14:55.0032 5920 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll 19:14:55.0058 5920 RpcSs - ok 19:14:55.0072 5920 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:14:55.0123 5920 rspndr - ok 19:14:55.0155 5920 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 19:14:55.0189 5920 RTL8167 - ok 19:14:55.0227 5920 [ 9CE8DEFFAFFCCBF473015D76AE8EE514 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 19:14:55.0268 5920 RTL8192su - ok 19:14:55.0281 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe 19:14:55.0291 5920 SamSs - ok 19:14:55.0350 5920 [ 1FBD21895B768CD40E83B86C18E6454F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys 19:14:55.0400 5920 SbieDrv - ok 19:14:55.0416 5920 [ D5D875D6662F30C7FBF5F6879452B12B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe 19:14:55.0430 5920 SbieSvc - ok 19:14:55.0452 5920 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 19:14:55.0475 5920 sbp2port - ok 19:14:55.0506 5920 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:14:55.0535 5920 SCardSvr - ok 19:14:55.0553 5920 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:14:55.0616 5920 scfilter - ok 19:14:55.0651 5920 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll 19:14:55.0681 5920 Schedule - ok 19:14:55.0697 5920 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll 19:14:55.0719 5920 SCPolicySvc - ok 19:14:55.0726 5920 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:14:55.0751 5920 SDRSVC - ok 19:14:55.0769 5920 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:14:55.0820 5920 secdrv - ok 19:14:55.0842 5920 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 19:14:55.0872 5920 seclogon - ok 19:14:55.0891 5920 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 19:14:55.0918 5920 SENS - ok 19:14:55.0927 5920 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:14:55.0949 5920 SensrSvc - ok 19:14:55.0969 5920 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:14:56.0018 5920 Serenum - ok 19:14:56.0043 5920 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:14:56.0069 5920 Serial - ok 19:14:56.0079 5920 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:14:56.0118 5920 sermouse - ok 19:14:56.0186 5920 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 19:14:56.0227 5920 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning 19:14:56.0227 5920 ServiceLayer - detected UnsignedFile.Multi.Generic (1) 19:14:56.0261 5920 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll 19:14:56.0294 5920 SessionEnv - ok 19:14:56.0312 5920 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 19:14:56.0378 5920 sffdisk - ok 19:14:56.0394 5920 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 19:14:56.0429 5920 sffp_mmc - ok 19:14:56.0443 5920 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 19:14:56.0479 5920 sffp_sd - ok 19:14:56.0506 5920 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:14:56.0542 5920 sfloppy - ok 19:14:56.0571 5920 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 19:14:56.0621 5920 Sftfs - ok 19:14:56.0669 5920 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe 19:14:56.0694 5920 sftlist - ok 19:14:56.0708 5920 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 19:14:56.0744 5920 Sftplay - ok 19:14:56.0760 5920 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 19:14:56.0772 5920 Sftredir - ok 19:14:56.0785 5920 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 19:14:56.0815 5920 Sftvol - ok 19:14:56.0835 5920 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe 19:14:56.0859 5920 sftvsa - ok 19:14:56.0883 5920 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:14:56.0914 5920 SharedAccess - ok 19:14:56.0934 5920 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:14:56.0954 5920 ShellHWDetection - ok 19:14:56.0979 5920 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys 19:14:57.0025 5920 sisagp - ok 19:14:57.0053 5920 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:14:57.0083 5920 SiSRaid2 - ok 19:14:57.0107 5920 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:14:57.0137 5920 SiSRaid4 - ok 19:14:57.0209 5920 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 19:14:57.0290 5920 SkypeUpdate - ok 19:14:57.0308 5920 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:14:57.0346 5920 Smb - ok 19:14:57.0383 5920 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:14:57.0402 5920 SNMPTRAP - ok 19:14:57.0429 5920 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 19:14:57.0443 5920 spldr - ok 19:14:57.0480 5920 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe 19:14:57.0513 5920 Spooler - ok 19:14:57.0568 5920 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe 19:14:57.0643 5920 sppsvc - ok 19:14:57.0669 5920 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:14:57.0714 5920 sppuinotify - ok 19:14:57.0744 5920 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:14:57.0803 5920 srv - ok 19:14:57.0823 5920 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:14:57.0874 5920 srv2 - ok 19:14:57.0886 5920 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:14:57.0927 5920 srvnet - ok 19:14:57.0949 5920 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:14:57.0973 5920 SSDPSRV - ok 19:14:58.0009 5920 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 19:14:58.0044 5920 ssmdrv - ok 19:14:58.0062 5920 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:14:58.0095 5920 SstpSvc - ok 19:14:58.0126 5920 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys 19:14:58.0160 5920 ss_bbus - ok 19:14:58.0195 5920 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys 19:14:58.0210 5920 ss_bmdfl - ok 19:14:58.0225 5920 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys 19:14:58.0254 5920 ss_bmdm - ok 19:14:58.0291 5920 Steam Client Service - ok 19:14:58.0306 5920 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:14:58.0331 5920 stexstor - ok 19:14:58.0367 5920 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll 19:14:58.0396 5920 StiSvc - ok 19:14:58.0404 5920 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:14:58.0418 5920 swenum - ok 19:14:58.0451 5920 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 19:14:58.0479 5920 swprv - ok 19:14:58.0504 5920 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll 19:14:58.0528 5920 SysMain - ok 19:14:58.0541 5920 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:14:58.0568 5920 TabletInputService - ok 19:14:58.0581 5920 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll 19:14:58.0616 5920 TapiSrv - ok 19:14:58.0631 5920 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 19:14:58.0661 5920 TBS - ok 19:14:58.0704 5920 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:14:58.0772 5920 Tcpip - ok 19:14:58.0791 5920 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:14:58.0816 5920 TCPIP6 - ok 19:14:58.0845 5920 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:14:58.0933 5920 tcpipreg - ok 19:14:58.0961 5920 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:14:58.0979 5920 TDPIPE - ok 19:14:58.0996 5920 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:14:59.0043 5920 TDTCP - ok 19:14:59.0057 5920 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:14:59.0096 5920 tdx - ok 19:14:59.0112 5920 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:14:59.0144 5920 TermDD - ok 19:14:59.0169 5920 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll 19:14:59.0208 5920 TermService - ok 19:14:59.0223 5920 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 19:14:59.0247 5920 Themes - ok 19:14:59.0259 5920 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 19:14:59.0281 5920 THREADORDER - ok 19:14:59.0291 5920 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 19:14:59.0318 5920 TrkWks - ok 19:14:59.0345 5920 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:14:59.0366 5920 TrustedInstaller - ok 19:14:59.0394 5920 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:14:59.0419 5920 tssecsrv - ok 19:14:59.0448 5920 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:14:59.0487 5920 tunnel - ok 19:14:59.0512 5920 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:14:59.0542 5920 uagp35 - ok 19:14:59.0562 5920 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:14:59.0640 5920 udfs - ok 19:14:59.0665 5920 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:14:59.0681 5920 UI0Detect - ok 19:14:59.0708 5920 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 19:14:59.0740 5920 uliagpkx - ok 19:14:59.0760 5920 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:14:59.0802 5920 umbus - ok 19:14:59.0841 5920 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:14:59.0876 5920 UmPass - ok 19:14:59.0891 5920 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 19:14:59.0921 5920 upnphost - ok 19:14:59.0951 5920 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 19:14:59.0974 5920 USBAAPL ( UnsignedFile.Multi.Generic ) - warning 19:14:59.0974 5920 USBAAPL - detected UnsignedFile.Multi.Generic (1) 19:15:00.0017 5920 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:15:00.0048 5920 usbaudio - ok 19:15:00.0063 5920 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:15:00.0125 5920 usbccgp - ok 19:15:00.0147 5920 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 19:15:00.0185 5920 usbcir - ok 19:15:00.0206 5920 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:15:00.0246 5920 usbehci - ok 19:15:00.0276 5920 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:15:00.0340 5920 usbhub - ok 19:15:00.0363 5920 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:15:00.0400 5920 usbohci - ok 19:15:00.0426 5920 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:15:00.0482 5920 usbprint - ok 19:15:00.0506 5920 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:15:00.0548 5920 USBSTOR - ok 19:15:00.0559 5920 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 19:15:00.0607 5920 usbuhci - ok 19:15:00.0659 5920 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:15:00.0720 5920 usbvideo - ok 19:15:00.0746 5920 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 19:15:00.0780 5920 UxSms - ok 19:15:00.0784 5920 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe 19:15:00.0808 5920 VaultSvc - ok 19:15:00.0836 5920 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys 19:15:00.0854 5920 vdrvroot - ok 19:15:00.0873 5920 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe 19:15:00.0893 5920 vds - ok 19:15:00.0903 5920 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:15:00.0959 5920 vga - ok 19:15:00.0971 5920 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 19:15:01.0004 5920 VgaSave - ok 19:15:01.0024 5920 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 19:15:01.0044 5920 vhdmp - ok 19:15:01.0066 5920 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys 19:15:01.0082 5920 viaagp - ok 19:15:01.0090 5920 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 19:15:01.0129 5920 ViaC7 - ok 19:15:01.0137 5920 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys 19:15:01.0151 5920 viaide - ok 19:15:01.0171 5920 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys 19:15:01.0187 5920 volmgr - ok 19:15:01.0213 5920 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:15:01.0254 5920 volmgrx - ok 19:15:01.0277 5920 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:15:01.0299 5920 volsnap - ok 19:15:01.0326 5920 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:15:01.0344 5920 vsmraid - ok 19:15:01.0381 5920 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe 19:15:01.0407 5920 VSS - ok 19:15:01.0425 5920 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:15:01.0448 5920 vwifibus - ok 19:15:01.0462 5920 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:15:01.0499 5920 vwififlt - ok 19:15:01.0514 5920 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 19:15:01.0539 5920 W32Time - ok 19:15:01.0557 5920 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:15:01.0571 5920 WacomPen - ok 19:15:01.0590 5920 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:15:01.0679 5920 WANARP - ok 19:15:01.0683 5920 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:15:01.0708 5920 Wanarpv6 - ok 19:15:01.0744 5920 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe 19:15:01.0788 5920 wbengine - ok 19:15:01.0804 5920 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:15:01.0851 5920 WbioSrvc - ok 19:15:01.0882 5920 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:15:01.0912 5920 wcncsvc - ok 19:15:01.0926 5920 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:15:01.0960 5920 WcsPlugInService - ok 19:15:01.0975 5920 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:15:01.0989 5920 Wd - ok 19:15:02.0016 5920 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:15:02.0056 5920 Wdf01000 - ok 19:15:02.0088 5920 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:15:02.0111 5920 WdiServiceHost - ok 19:15:02.0115 5920 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:15:02.0130 5920 WdiSystemHost - ok 19:15:02.0160 5920 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll 19:15:02.0199 5920 WebClient - ok 19:15:02.0215 5920 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:15:02.0238 5920 Wecsvc - ok 19:15:02.0247 5920 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:15:02.0276 5920 wercplsupport - ok 19:15:02.0309 5920 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 19:15:02.0331 5920 WerSvc - ok 19:15:02.0358 5920 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:15:02.0381 5920 WfpLwf - ok 19:15:02.0393 5920 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:15:02.0407 5920 WIMMount - ok 19:15:02.0436 5920 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 19:15:02.0508 5920 WinDefend - ok 19:15:02.0514 5920 WinHttpAutoProxySvc - ok 19:15:02.0556 5920 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:15:02.0649 5920 Winmgmt - ok 19:15:02.0686 5920 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll 19:15:02.0735 5920 WinRM - ok 19:15:02.0791 5920 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:15:02.0853 5920 WinUsb - ok 19:15:02.0885 5920 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 19:15:02.0936 5920 Wlansvc - ok 19:15:03.0037 5920 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:15:03.0073 5920 wlidsvc - ok 19:15:03.0093 5920 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:15:03.0154 5920 WmiAcpi - ok 19:15:03.0191 5920 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:15:03.0256 5920 wmiApSrv - ok 19:15:03.0319 5920 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 19:15:03.0407 5920 WMPNetworkSvc - ok 19:15:03.0425 5920 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:15:03.0509 5920 WPCSvc - ok 19:15:03.0525 5920 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:15:03.0558 5920 WPDBusEnum - ok 19:15:03.0571 5920 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:15:03.0629 5920 ws2ifsl - ok 19:15:03.0650 5920 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll 19:15:03.0681 5920 wscsvc - ok 19:15:03.0685 5920 WSearch - ok 19:15:03.0727 5920 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 19:15:03.0770 5920 wuauserv - ok 19:15:03.0800 5920 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:15:03.0884 5920 WudfPf - ok 19:15:03.0902 5920 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:15:03.0932 5920 WUDFRd - ok 19:15:03.0962 5920 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:15:03.0995 5920 wudfsvc - ok 19:15:04.0025 5920 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 19:15:04.0079 5920 WwanSvc - ok 19:15:04.0102 5920 ================ Scan global =============================== 19:15:04.0122 5920 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll 19:15:04.0150 5920 [ A031E84E7A5884841171E13A73315A7B ] C:\Windows\system32\winsrv.dll 19:15:04.0167 5920 [ A031E84E7A5884841171E13A73315A7B ] C:\Windows\system32\winsrv.dll 19:15:04.0184 5920 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 19:15:04.0200 5920 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 19:15:04.0204 5920 [Global] - ok 19:15:04.0205 5920 ================ Scan MBR ================================== 19:15:04.0213 5920 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 19:15:06.0682 5920 \Device\Harddisk0\DR0 - ok 19:15:06.0685 5920 ================ Scan VBR ================================== 19:15:06.0719 5920 [ 1BE107C9CAED9080BC53B9126AFF71E3 ] \Device\Harddisk0\DR0\Partition1 19:15:06.0720 5920 \Device\Harddisk0\DR0\Partition1 - ok 19:15:06.0727 5920 [ 046BBD7303F14EB983A3F0C302651470 ] \Device\Harddisk0\DR0\Partition2 19:15:06.0729 5920 \Device\Harddisk0\DR0\Partition2 - ok 19:15:06.0765 5920 [ 376B50B18DD730F4A63E4B8227F4638C ] \Device\Harddisk0\DR0\Partition3 19:15:06.0766 5920 \Device\Harddisk0\DR0\Partition3 - ok 19:15:06.0767 5920 ============================================================ 19:15:06.0767 5920 Scan finished 19:15:06.0767 5920 ============================================================ 19:15:06.0784 4704 Detected object count: 5 19:15:06.0784 4704 Actual detected object count: 5 19:15:29.0253 4704 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 19:15:29.0253 4704 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:15:29.0256 4704 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:15:29.0256 4704 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:15:29.0259 4704 libusb0 ( UnsignedFile.Multi.Generic ) - skipped by user 19:15:29.0259 4704 libusb0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:15:29.0262 4704 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user 19:15:29.0262 4704 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:15:29.0264 4704 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user 19:15:29.0264 4704 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:15:57.0071 3304 ============================================================ 19:15:57.0071 3304 Scan started 19:15:57.0071 3304 Mode: Manual; SigCheck; TDLFS; 19:15:57.0071 3304 ============================================================ 19:15:57.0071 3304 ============================================================ 19:15:57.0071 3304 Scan finished 19:15:57.0071 3304 ============================================================ 19:15:57.0083 3680 Detected object count: 0 19:15:57.0083 3680 Actual detected object count: 0 19:15:57.0965 5756 ============================================================ 19:15:57.0965 5756 Scan started 19:15:57.0965 5756 Mode: Manual; SigCheck; TDLFS; 19:15:57.0965 5756 ============================================================ 19:15:57.0965 5756 ============================================================ 19:15:57.0965 5756 Scan finished 19:15:57.0965 5756 ============================================================ 19:15:57.0976 4876 Detected object count: 0 19:15:57.0976 4876 Actual detected object count: 0 19:15:58.0696 2108 ============================================================ 19:15:58.0697 2108 Scan started 19:15:58.0697 2108 Mode: Manual; SigCheck; TDLFS; 19:15:58.0697 2108 ============================================================ 19:15:58.0697 2108 ============================================================ 19:15:58.0697 2108 Scan finished 19:15:58.0697 2108 ============================================================ 19:15:58.0705 1956 Detected object count: 0 19:15:58.0705 1956 Actual detected object count: 0 19:16:04.0707 0848 ============================================================ 19:16:04.0707 0848 Scan started 19:16:04.0707 0848 Mode: Manual; SigCheck; TDLFS; 19:16:04.0707 0848 ============================================================ 19:16:04.0918 0848 ================ Scan system memory ======================== 19:16:04.0918 0848 System memory - ok 19:16:04.0919 0848 ================ Scan services ============================= 19:16:05.0050 0848 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 19:16:05.0078 0848 1394ohci - ok 19:16:05.0100 0848 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 19:16:05.0113 0848 ACPI - ok 19:16:05.0147 0848 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 19:16:05.0173 0848 AcpiPmi - ok 19:16:05.0236 0848 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 19:16:05.0259 0848 AdobeARMservice - ok 19:16:05.0306 0848 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 19:16:05.0331 0848 AdobeFlashPlayerUpdateSvc - ok 19:16:05.0349 0848 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:16:05.0365 0848 adp94xx - ok 19:16:05.0379 0848 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:16:05.0393 0848 adpahci - ok 19:16:05.0404 0848 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:16:05.0416 0848 adpu320 - ok 19:16:05.0439 0848 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:16:05.0450 0848 AeLookupSvc - ok 19:16:05.0475 0848 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys 19:16:05.0489 0848 AFD - ok 19:16:05.0507 0848 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 19:16:05.0517 0848 agp440 - ok 19:16:05.0531 0848 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 19:16:05.0541 0848 aic78xx - ok 19:16:05.0553 0848 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 19:16:05.0563 0848 ALG - ok 19:16:05.0578 0848 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 19:16:05.0587 0848 aliide - ok 19:16:05.0620 0848 [ 50EBBB86E493BD9AB7DDF914A90EEF8E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:16:05.0634 0848 AMD External Events Utility - ok 19:16:05.0648 0848 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys 19:16:05.0658 0848 amdagp - ok 19:16:05.0674 0848 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\DRIVERS\amdide.sys 19:16:05.0683 0848 amdide - ok 19:16:05.0693 0848 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:16:05.0705 0848 AmdK8 - ok 19:16:05.0845 0848 [ 70EB74785AB7FC603FEF19D87B7A7946 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:16:05.0942 0848 amdkmdag - ok 19:16:05.0978 0848 [ BA99833BBDE9C4FF389FC8114FB14843 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:16:05.0992 0848 amdkmdap - ok 19:16:06.0014 0848 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:16:06.0024 0848 AmdPPM - ok 19:16:06.0043 0848 [ 19CE906B4CDC11FC4FEF5745F33A63B6 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:16:06.0054 0848 amdsata - ok 19:16:06.0068 0848 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:16:06.0080 0848 amdsbs - ok 19:16:06.0092 0848 [ 869E67D66BE326A5A9159FBA8746FA70 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:16:06.0101 0848 amdxata - ok 19:16:06.0248 0848 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 19:16:06.0268 0848 AntiVirSchedulerService - ok 19:16:06.0283 0848 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 19:16:06.0302 0848 AntiVirService - ok 19:16:06.0318 0848 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys 19:16:06.0335 0848 AppID - ok 19:16:06.0351 0848 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:16:06.0370 0848 AppIDSvc - ok 19:16:06.0378 0848 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll 19:16:06.0388 0848 Appinfo - ok 19:16:06.0420 0848 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:16:06.0428 0848 Apple Mobile Device - ok 19:16:06.0441 0848 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 19:16:06.0451 0848 arc - ok 19:16:06.0463 0848 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:16:06.0474 0848 arcsas - ok 19:16:06.0490 0848 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:16:06.0510 0848 AsyncMac - ok 19:16:06.0523 0848 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\DRIVERS\atapi.sys 19:16:06.0533 0848 atapi - ok 19:16:06.0556 0848 [ 8DF873D0587596C1D35A9CECECC61DA1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 19:16:06.0566 0848 AtiHdmiService - ok 19:16:06.0598 0848 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:16:06.0623 0848 AudioEndpointBuilder - ok 19:16:06.0632 0848 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll 19:16:06.0656 0848 Audiosrv - ok 19:16:06.0685 0848 [ A5C175039B1D6D85D0E79F5855828E4D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 19:16:06.0694 0848 avgntflt - ok 19:16:06.0715 0848 [ 37B854C7D1F477E66C5B49C7700C47CC ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 19:16:06.0725 0848 avipbb - ok 19:16:06.0749 0848 [ CC4EBA25D80DE42BBC2BF3E553219388 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 19:16:06.0758 0848 avkmgr - ok 19:16:06.0774 0848 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:16:06.0786 0848 AxInstSV - ok 19:16:06.0810 0848 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 19:16:06.0836 0848 b06bdrv - ok 19:16:06.0855 0848 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 19:16:06.0866 0848 b57nd60x - ok 19:16:06.0884 0848 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 19:16:06.0895 0848 BDESVC - ok 19:16:06.0905 0848 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 19:16:06.0926 0848 Beep - ok 19:16:06.0950 0848 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll 19:16:06.0977 0848 BFE - ok 19:16:07.0016 0848 [ 8DC837789BBF0E1BEF252A8F7C101F7B ] BingDesktopUpdate C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe 19:16:07.0043 0848 BingDesktopUpdate - ok 19:16:07.0078 0848 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll 19:16:07.0105 0848 BITS - ok 19:16:07.0113 0848 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:16:07.0123 0848 blbdrive - ok 19:16:07.0164 0848 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:16:07.0190 0848 Bonjour Service - ok 19:16:07.0226 0848 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:16:07.0236 0848 bowser - ok 19:16:07.0258 0848 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:16:07.0269 0848 BrFiltLo - ok 19:16:07.0285 0848 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:16:07.0296 0848 BrFiltUp - ok 19:16:07.0328 0848 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll 19:16:07.0340 0848 Browser - ok 19:16:07.0356 0848 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:16:07.0369 0848 Brserid - ok 19:16:07.0383 0848 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:16:07.0395 0848 BrSerWdm - ok 19:16:07.0408 0848 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:16:07.0419 0848 BrUsbMdm - ok 19:16:07.0443 0848 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:16:07.0464 0848 BrUsbSer - ok 19:16:07.0490 0848 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:16:07.0502 0848 BTHMODEM - ok 19:16:07.0522 0848 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 19:16:07.0544 0848 bthserv - ok 19:16:07.0558 0848 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:16:07.0579 0848 cdfs - ok 19:16:07.0586 0848 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 19:16:07.0597 0848 cdrom - ok 19:16:07.0611 0848 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll 19:16:07.0634 0848 CertPropSvc - ok 19:16:07.0648 0848 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:16:07.0660 0848 circlass - ok 19:16:07.0675 0848 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 19:16:07.0690 0848 CLFS - ok 19:16:07.0729 0848 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:16:07.0752 0848 clr_optimization_v2.0.50727_32 - ok 19:16:07.0790 0848 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:16:07.0813 0848 clr_optimization_v4.0.30319_32 - ok 19:16:07.0842 0848 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:16:07.0852 0848 CmBatt - ok 19:16:07.0876 0848 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 19:16:07.0886 0848 cmdide - ok 19:16:07.0919 0848 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys 19:16:07.0937 0848 CNG - ok 19:16:07.0947 0848 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:16:07.0957 0848 Compbatt - ok 19:16:07.0973 0848 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 19:16:07.0985 0848 CompositeBus - ok 19:16:07.0990 0848 COMSysApp - ok 19:16:08.0005 0848 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:16:08.0014 0848 crcdisk - ok 19:16:08.0046 0848 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:16:08.0065 0848 CryptSvc - ok 19:16:08.0114 0848 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 19:16:08.0134 0848 cvhsvc - ok 19:16:08.0155 0848 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll 19:16:08.0179 0848 DcomLaunch - ok 19:16:08.0204 0848 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 19:16:08.0228 0848 defragsvc - ok 19:16:08.0245 0848 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:16:08.0260 0848 DfsC - ok 19:16:08.0279 0848 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll 19:16:08.0294 0848 Dhcp - ok 19:16:08.0314 0848 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 19:16:08.0335 0848 discache - ok 19:16:08.0346 0848 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:16:08.0356 0848 Disk - ok 19:16:08.0377 0848 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:16:08.0395 0848 Dnscache - ok 19:16:08.0423 0848 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll 19:16:08.0447 0848 dot3svc - ok 19:16:08.0457 0848 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll 19:16:08.0481 0848 DPS - ok 19:16:08.0514 0848 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:16:08.0526 0848 drmkaud - ok 19:16:08.0554 0848 [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:16:08.0573 0848 DXGKrnl - ok 19:16:08.0584 0848 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 19:16:08.0607 0848 EapHost - ok 19:16:08.0681 0848 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 19:16:08.0719 0848 ebdrv - ok 19:16:08.0745 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe 19:16:08.0756 0848 EFS - ok 19:16:08.0798 0848 [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:16:08.0813 0848 ehRecvr - ok 19:16:08.0832 0848 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 19:16:08.0844 0848 ehSched - ok 19:16:08.0870 0848 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:16:08.0884 0848 elxstor - ok 19:16:08.0896 0848 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 19:16:08.0906 0848 ErrDev - ok 19:16:08.0933 0848 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 19:16:08.0958 0848 EventSystem - ok 19:16:08.0975 0848 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 19:16:08.0997 0848 exfat - ok 19:16:09.0013 0848 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:16:09.0035 0848 fastfat - ok 19:16:09.0054 0848 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe 19:16:09.0072 0848 Fax - ok 19:16:09.0089 0848 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:16:09.0099 0848 fdc - ok 19:16:09.0111 0848 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 19:16:09.0133 0848 fdPHost - ok 19:16:09.0139 0848 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 19:16:09.0161 0848 FDResPub - ok 19:16:09.0180 0848 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:16:09.0191 0848 FileInfo - ok 19:16:09.0203 0848 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:16:09.0225 0848 Filetrace - ok 19:16:09.0243 0848 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:16:09.0254 0848 flpydisk - ok 19:16:09.0265 0848 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:16:09.0278 0848 FltMgr - ok 19:16:09.0322 0848 [ 7FE4995528A7529A761875151EE3D512 ] FontCache C:\Windows\system32\FntCache.dll 19:16:09.0361 0848 FontCache - ok 19:16:09.0403 0848 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 19:16:09.0411 0848 FontCache3.0.0.0 - ok 19:16:09.0430 0848 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:16:09.0440 0848 FsDepends - ok 19:16:09.0464 0848 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS 19:16:09.0469 0848 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 19:16:09.0469 0848 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 19:16:09.0488 0848 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:16:09.0497 0848 Fs_Rec - ok 19:16:09.0522 0848 [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:16:09.0535 0848 fvevol - ok 19:16:09.0555 0848 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:16:09.0565 0848 gagp30kx - ok 19:16:09.0582 0848 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:16:09.0589 0848 GEARAspiWDM - ok 19:16:09.0642 0848 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll 19:16:09.0663 0848 gpsvc - ok 19:16:09.0706 0848 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 19:16:09.0727 0848 gupdate - ok 19:16:09.0734 0848 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe Geändert von xTriickz (16.01.2013 um 19:23 Uhr) |
16.01.2013, 19:23 | #6 |
| oracle america.inc zerstört meinen Computer! 19:16:09.0745 0848 gupdatem - ok 19:16:09.0769 0848 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 19:16:09.0779 0848 gusvc - ok 19:16:09.0807 0848 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:16:09.0817 0848 hcw85cir - ok 19:16:09.0837 0848 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:16:09.0852 0848 HdAudAddService - ok 19:16:09.0868 0848 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 19:16:09.0881 0848 HDAudBus - ok 19:16:09.0891 0848 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:16:09.0901 0848 HidBatt - ok 19:16:09.0913 0848 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:16:09.0925 0848 HidBth - ok 19:16:09.0947 0848 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:16:09.0958 0848 HidIr - ok 19:16:09.0979 0848 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 19:16:10.0002 0848 hidserv - ok 19:16:10.0015 0848 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:16:10.0026 0848 HidUsb - ok 19:16:10.0040 0848 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:16:10.0062 0848 hkmsvc - ok 19:16:10.0076 0848 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:16:10.0097 0848 HomeGroupListener - ok 19:16:10.0129 0848 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:16:10.0142 0848 HomeGroupProvider - ok 19:16:10.0160 0848 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 19:16:10.0170 0848 HpSAMD - ok 19:16:10.0194 0848 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:16:10.0221 0848 HTTP - ok 19:16:10.0236 0848 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:16:10.0246 0848 hwpolicy - ok 19:16:10.0266 0848 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 19:16:10.0276 0848 i8042prt - ok 19:16:10.0290 0848 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 19:16:10.0306 0848 iaStor - ok 19:16:10.0351 0848 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 19:16:10.0368 0848 IAStorDataMgrSvc - ok 19:16:10.0396 0848 [ 71F1A494FEDF4B33C02C4A6A28D6D9E9 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:16:10.0428 0848 iaStorV - ok 19:16:10.0459 0848 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:16:10.0463 0848 IDriverT ( UnsignedFile.Multi.Generic ) - warning 19:16:10.0463 0848 IDriverT - detected UnsignedFile.Multi.Generic (1) 19:16:10.0499 0848 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:16:10.0518 0848 idsvc - ok 19:16:10.0613 0848 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 19:16:10.0666 0848 igfx - ok 19:16:10.0686 0848 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:16:10.0696 0848 iirsp - ok 19:16:10.0717 0848 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll 19:16:10.0748 0848 IKEEXT - ok 19:16:10.0803 0848 [ F4427E5DF32CDE359B2E2E5512D18001 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 19:16:10.0847 0848 IntcAzAudAddService - ok 19:16:10.0868 0848 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\DRIVERS\intelide.sys 19:16:10.0878 0848 intelide - ok 19:16:10.0895 0848 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:16:10.0906 0848 intelppm - ok 19:16:10.0921 0848 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:16:10.0943 0848 IPBusEnum - ok 19:16:10.0954 0848 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:16:10.0975 0848 IpFilterDriver - ok 19:16:11.0087 0848 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:16:11.0137 0848 iphlpsvc - ok 19:16:11.0154 0848 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 19:16:11.0165 0848 IPMIDRV - ok 19:16:11.0177 0848 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:16:11.0199 0848 IPNAT - ok 19:16:11.0221 0848 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:16:11.0236 0848 iPod Service - ok 19:16:11.0256 0848 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:16:11.0268 0848 IRENUM - ok 19:16:11.0284 0848 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 19:16:11.0294 0848 isapnp - ok 19:16:11.0314 0848 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 19:16:11.0326 0848 iScsiPrt - ok 19:16:11.0353 0848 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 19:16:11.0363 0848 kbdclass - ok 19:16:11.0374 0848 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 19:16:11.0384 0848 kbdhid - ok 19:16:11.0395 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe 19:16:11.0406 0848 KeyIso - ok 19:16:11.0420 0848 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:16:11.0431 0848 KSecDD - ok 19:16:11.0453 0848 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:16:11.0465 0848 KSecPkg - ok 19:16:11.0481 0848 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 19:16:11.0508 0848 KtmRm - ok 19:16:11.0526 0848 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll 19:16:11.0539 0848 LanmanServer - ok 19:16:11.0558 0848 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:16:11.0581 0848 LanmanWorkstation - ok 19:16:11.0613 0848 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys 19:16:11.0616 0848 libusb0 ( UnsignedFile.Multi.Generic ) - warning 19:16:11.0616 0848 libusb0 - detected UnsignedFile.Multi.Generic (1) 19:16:11.0645 0848 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:16:11.0665 0848 lltdio - ok 19:16:11.0690 0848 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:16:11.0714 0848 lltdsvc - ok 19:16:11.0723 0848 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 19:16:11.0745 0848 lmhosts - ok 19:16:11.0758 0848 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:16:11.0769 0848 LSI_FC - ok 19:16:11.0790 0848 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:16:11.0800 0848 LSI_SAS - ok 19:16:11.0822 0848 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:16:11.0832 0848 LSI_SAS2 - ok 19:16:11.0838 0848 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:16:11.0849 0848 LSI_SCSI - ok 19:16:11.0864 0848 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 19:16:11.0885 0848 luafv - ok 19:16:11.0908 0848 [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys 19:16:11.0920 0848 LVRS - ok 19:16:11.0939 0848 [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:16:11.0952 0848 Mcx2Svc - ok 19:16:11.0969 0848 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:16:11.0979 0848 megasas - ok 19:16:11.0990 0848 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:16:12.0002 0848 MegaSR - ok 19:16:12.0024 0848 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 19:16:12.0048 0848 MMCSS - ok 19:16:12.0060 0848 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 19:16:12.0080 0848 Modem - ok 19:16:12.0096 0848 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:16:12.0109 0848 monitor - ok 19:16:12.0124 0848 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:16:12.0134 0848 mouclass - ok 19:16:12.0139 0848 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:16:12.0150 0848 mouhid - ok 19:16:12.0165 0848 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:16:12.0176 0848 mountmgr - ok 19:16:12.0188 0848 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\DRIVERS\mpio.sys 19:16:12.0200 0848 mpio - ok 19:16:12.0210 0848 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:16:12.0230 0848 mpsdrv - ok 19:16:12.0247 0848 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll 19:16:12.0276 0848 MpsSvc - ok 19:16:12.0288 0848 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:16:12.0302 0848 MRxDAV - ok 19:16:12.0328 0848 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:16:12.0344 0848 mrxsmb - ok 19:16:12.0367 0848 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:16:12.0379 0848 mrxsmb10 - ok 19:16:12.0392 0848 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:16:12.0402 0848 mrxsmb20 - ok 19:16:12.0420 0848 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 19:16:12.0430 0848 msahci - ok 19:16:12.0440 0848 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 19:16:12.0451 0848 msdsm - ok 19:16:12.0462 0848 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 19:16:12.0475 0848 MSDTC - ok 19:16:12.0495 0848 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:16:12.0516 0848 Msfs - ok 19:16:12.0523 0848 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:16:12.0543 0848 mshidkmdf - ok 19:16:12.0551 0848 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 19:16:12.0561 0848 msisadrv - ok 19:16:12.0582 0848 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:16:12.0604 0848 MSiSCSI - ok 19:16:12.0609 0848 msiserver - ok 19:16:12.0626 0848 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:16:12.0647 0848 MSKSSRV - ok 19:16:12.0657 0848 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:16:12.0677 0848 MSPCLOCK - ok 19:16:12.0682 0848 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:16:12.0703 0848 MSPQM - ok 19:16:12.0714 0848 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:16:12.0725 0848 MsRPC - ok 19:16:12.0740 0848 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 19:16:12.0751 0848 mssmbios - ok 19:16:12.0769 0848 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:16:12.0790 0848 MSTEE - ok 19:16:12.0807 0848 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:16:12.0818 0848 MTConfig - ok 19:16:12.0870 0848 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 19:16:12.0892 0848 Mup - ok 19:16:12.0937 0848 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll 19:16:12.0969 0848 napagent - ok 19:16:12.0982 0848 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:16:12.0998 0848 NativeWifiP - ok 19:16:13.0021 0848 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:16:13.0043 0848 NDIS - ok 19:16:13.0058 0848 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:16:13.0078 0848 NdisCap - ok 19:16:13.0088 0848 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:16:13.0108 0848 NdisTapi - ok 19:16:13.0120 0848 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:16:13.0141 0848 Ndisuio - ok 19:16:13.0156 0848 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:16:13.0178 0848 NdisWan - ok 19:16:13.0188 0848 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:16:13.0212 0848 NDProxy - ok 19:16:13.0227 0848 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:16:13.0248 0848 NetBIOS - ok 19:16:13.0268 0848 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:16:13.0289 0848 NetBT - ok 19:16:13.0304 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe 19:16:13.0315 0848 Netlogon - ok 19:16:13.0340 0848 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 19:16:13.0366 0848 Netman - ok 19:16:13.0378 0848 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 19:16:13.0404 0848 netprofm - ok 19:16:13.0428 0848 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:16:13.0437 0848 NetTcpPortSharing - ok 19:16:13.0451 0848 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:16:13.0461 0848 nfrd960 - ok 19:16:13.0476 0848 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll 19:16:13.0501 0848 NlaSvc - ok 19:16:13.0511 0848 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:16:13.0533 0848 Npfs - ok 19:16:13.0543 0848 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 19:16:13.0565 0848 nsi - ok 19:16:13.0580 0848 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:16:13.0601 0848 nsiproxy - ok 19:16:13.0648 0848 [ 5126C5402C730C2A953275D8497A4715 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:16:13.0673 0848 Ntfs - ok 19:16:13.0683 0848 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 19:16:13.0704 0848 Null - ok 19:16:13.0725 0848 [ F1B0BED906F97E16F6D0C3629D2F21C6 ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:16:13.0736 0848 nvraid - ok 19:16:13.0744 0848 [ 4520B63899E867F354EE012D34E11536 ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:16:13.0756 0848 nvstor - ok 19:16:13.0769 0848 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 19:16:13.0779 0848 nv_agp - ok 19:16:13.0794 0848 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 19:16:13.0805 0848 ohci1394 - ok 19:16:13.0821 0848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:16:13.0831 0848 ose - ok 19:16:13.0919 0848 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:16:13.0988 0848 osppsvc - ok 19:16:14.0017 0848 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:16:14.0043 0848 p2pimsvc - ok 19:16:14.0066 0848 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 19:16:14.0082 0848 p2psvc - ok 19:16:14.0092 0848 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:16:14.0103 0848 Parport - ok 19:16:14.0125 0848 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:16:14.0135 0848 partmgr - ok 19:16:14.0156 0848 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 19:16:14.0166 0848 Parvdm - ok 19:16:14.0185 0848 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:16:14.0201 0848 PcaSvc - ok 19:16:14.0227 0848 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\DRIVERS\pci.sys 19:16:14.0240 0848 pci - ok 19:16:14.0257 0848 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\DRIVERS\pciide.sys 19:16:14.0268 0848 pciide - ok 19:16:14.0286 0848 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:16:14.0299 0848 pcmcia - ok 19:16:14.0309 0848 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 19:16:14.0319 0848 pcw - ok 19:16:14.0335 0848 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:16:14.0362 0848 PEAUTH - ok 19:16:14.0410 0848 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll 19:16:14.0452 0848 pla - ok 19:16:14.0479 0848 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:16:14.0494 0848 PlugPlay - ok 19:16:14.0517 0848 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\Windows\system32\PnkBstrA.exe 19:16:14.0526 0848 PnkBstrA - ok 19:16:14.0548 0848 [ 27F1BE4A53441C9F1F48B9ADC145B0A5 ] PnkBstrB C:\Windows\system32\PnkBstrB.exe 19:16:14.0560 0848 PnkBstrB - ok 19:16:14.0571 0848 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:16:14.0583 0848 PNRPAutoReg - ok 19:16:14.0605 0848 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:16:14.0619 0848 PNRPsvc - ok 19:16:14.0646 0848 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:16:14.0672 0848 PolicyAgent - ok 19:16:14.0701 0848 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll 19:16:14.0726 0848 Power - ok 19:16:14.0746 0848 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:16:14.0769 0848 PptpMiniport - ok 19:16:14.0785 0848 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:16:14.0795 0848 Processor - ok 19:16:14.0798 0848 Profos - ok 19:16:14.0826 0848 [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc C:\Windows\system32\profsvc.dll 19:16:14.0850 0848 ProfSvc - ok 19:16:14.0862 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:16:14.0872 0848 ProtectedStorage - ok 19:16:14.0884 0848 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:16:14.0907 0848 Psched - ok 19:16:14.0931 0848 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 19:16:14.0941 0848 PSI_SVC_2 - ok 19:16:14.0986 0848 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:16:15.0013 0848 ql2300 - ok 19:16:15.0037 0848 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:16:15.0048 0848 ql40xx - ok 19:16:15.0076 0848 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 19:16:15.0093 0848 QWAVE - ok 19:16:15.0101 0848 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:16:15.0114 0848 QWAVEdrv - ok 19:16:15.0124 0848 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:16:15.0145 0848 RasAcd - ok 19:16:15.0160 0848 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:16:15.0180 0848 RasAgileVpn - ok 19:16:15.0195 0848 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 19:16:15.0220 0848 RasAuto - ok 19:16:15.0259 0848 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:16:15.0281 0848 Rasl2tp - ok 19:16:15.0296 0848 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll 19:16:15.0322 0848 RasMan - ok 19:16:15.0337 0848 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:16:15.0359 0848 RasPppoe - ok 19:16:15.0369 0848 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:16:15.0389 0848 RasSstp - ok 19:16:15.0405 0848 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:16:15.0428 0848 rdbss - ok 19:16:15.0444 0848 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:16:15.0455 0848 rdpbus - ok 19:16:15.0481 0848 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:16:15.0502 0848 RDPCDD - ok 19:16:15.0512 0848 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:16:15.0532 0848 RDPENCDD - ok 19:16:15.0541 0848 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:16:15.0560 0848 RDPREFMP - ok 19:16:15.0580 0848 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:16:15.0598 0848 RDPWD - ok 19:16:15.0605 0848 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:16:15.0616 0848 rdyboost - ok 19:16:15.0637 0848 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 19:16:15.0659 0848 RemoteAccess - ok 19:16:15.0676 0848 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:16:15.0700 0848 RemoteRegistry - ok 19:16:15.0715 0848 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:16:15.0739 0848 RpcEptMapper - ok 19:16:15.0747 0848 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 19:16:15.0759 0848 RpcLocator - ok 19:16:15.0780 0848 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll 19:16:15.0805 0848 RpcSs - ok 19:16:15.0820 0848 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:16:15.0841 0848 rspndr - ok 19:16:15.0869 0848 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 19:16:15.0881 0848 RTL8167 - ok 19:16:15.0900 0848 [ 9CE8DEFFAFFCCBF473015D76AE8EE514 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 19:16:15.0915 0848 RTL8192su - ok 19:16:15.0928 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe 19:16:15.0939 0848 SamSs - ok 19:16:15.0981 0848 [ 1FBD21895B768CD40E83B86C18E6454F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys 19:16:15.0995 0848 SbieDrv - ok 19:16:16.0006 0848 [ D5D875D6662F30C7FBF5F6879452B12B ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe 19:16:16.0017 0848 SbieSvc - ok 19:16:16.0033 0848 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 19:16:16.0045 0848 sbp2port - ok 19:16:16.0076 0848 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:16:16.0099 0848 SCardSvr - ok 19:16:16.0142 0848 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:16:16.0163 0848 scfilter - ok 19:16:16.0190 0848 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll 19:16:16.0212 0848 Schedule - ok 19:16:16.0220 0848 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll 19:16:16.0243 0848 SCPolicySvc - ok 19:16:16.0253 0848 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:16:16.0275 0848 SDRSVC - ok 19:16:16.0284 0848 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:16:16.0304 0848 secdrv - ok 19:16:16.0315 0848 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 19:16:16.0337 0848 seclogon - ok 19:16:16.0355 0848 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 19:16:16.0378 0848 SENS - ok 19:16:16.0383 0848 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:16:16.0405 0848 SensrSvc - ok 19:16:16.0425 0848 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:16:16.0436 0848 Serenum - ok 19:16:16.0457 0848 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:16:16.0469 0848 Serial - ok 19:16:16.0485 0848 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:16:16.0495 0848 sermouse - ok 19:16:16.0532 0848 [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe 19:16:16.0540 0848 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning 19:16:16.0540 0848 ServiceLayer - detected UnsignedFile.Multi.Generic (1) 19:16:16.0575 0848 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll 19:16:16.0598 0848 SessionEnv - ok 19:16:16.0626 0848 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 19:16:16.0642 0848 sffdisk - ok 19:16:16.0658 0848 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 19:16:16.0668 0848 sffp_mmc - ok 19:16:16.0682 0848 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 19:16:16.0692 0848 sffp_sd - ok 19:16:16.0717 0848 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:16:16.0727 0848 sfloppy - ok 19:16:16.0752 0848 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 19:16:16.0768 0848 Sftfs - ok 19:16:16.0807 0848 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe 19:16:16.0820 0848 sftlist - ok 19:16:16.0839 0848 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 19:16:16.0851 0848 Sftplay - ok 19:16:16.0866 0848 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 19:16:16.0874 0848 Sftredir - ok 19:16:16.0883 0848 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 19:16:16.0891 0848 Sftvol - ok 19:16:16.0907 0848 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe 19:16:16.0917 0848 sftvsa - ok 19:16:16.0940 0848 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:16:16.0966 0848 SharedAccess - ok 19:16:16.0990 0848 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:16:17.0007 0848 ShellHWDetection - ok 19:16:17.0035 0848 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys 19:16:17.0046 0848 sisagp - ok 19:16:17.0059 0848 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:16:17.0070 0848 SiSRaid2 - ok 19:16:17.0096 0848 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:16:17.0106 0848 SiSRaid4 - ok 19:16:17.0140 0848 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 19:16:17.0149 0848 SkypeUpdate - ok 19:16:17.0164 0848 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:16:17.0187 0848 Smb - ok 19:16:17.0206 0848 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:16:17.0218 0848 SNMPTRAP - ok 19:16:17.0227 0848 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 19:16:17.0237 0848 spldr - ok 19:16:17.0270 0848 [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler C:\Windows\System32\spoolsv.exe 19:16:17.0294 0848 Spooler - ok 19:16:17.0356 0848 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe 19:16:17.0412 0848 sppsvc - ok 19:16:17.0425 0848 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:16:17.0448 0848 sppuinotify - ok 19:16:17.0467 0848 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys 19:16:17.0485 0848 srv - ok 19:16:17.0504 0848 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:16:17.0518 0848 srv2 - ok 19:16:17.0534 0848 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:16:17.0545 0848 srvnet - ok 19:16:17.0555 0848 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:16:17.0580 0848 SSDPSRV - ok 19:16:17.0607 0848 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 19:16:17.0615 0848 ssmdrv - ok 19:16:17.0651 0848 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:16:17.0673 0848 SstpSvc - ok 19:16:17.0691 0848 [ EAA66218CD39F5BB1B4853A78C67C787 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys 19:16:17.0700 0848 ss_bbus - ok 19:16:17.0726 0848 [ 91765F99914ED8693D8BC76524F21581 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys 19:16:17.0734 0848 ss_bmdfl - ok 19:16:17.0748 0848 [ 840E7B738B03C10EE91D9B7D3D6EFF15 ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys 19:16:17.0756 0848 ss_bmdm - ok 19:16:17.0764 0848 Steam Client Service - ok 19:16:17.0779 0848 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:16:17.0789 0848 stexstor - ok 19:16:17.0815 0848 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll 19:16:17.0832 0848 StiSvc - ok 19:16:17.0844 0848 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 19:16:17.0853 0848 swenum - ok 19:16:17.0874 0848 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 19:16:17.0902 0848 swprv - ok 19:16:17.0927 0848 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll 19:16:17.0952 0848 SysMain - ok 19:16:17.0964 0848 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:16:17.0979 0848 TabletInputService - ok 19:16:17.0995 0848 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll 19:16:18.0023 0848 TapiSrv - ok 19:16:18.0037 0848 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 19:16:18.0061 0848 TBS - ok 19:16:18.0101 0848 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:16:18.0127 0848 Tcpip - ok 19:16:18.0147 0848 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:16:18.0172 0848 TCPIP6 - ok 19:16:18.0201 0848 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:16:18.0222 0848 tcpipreg - ok 19:16:18.0234 0848 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:16:18.0252 0848 TDPIPE - ok 19:16:18.0269 0848 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:16:18.0280 0848 TDTCP - ok 19:16:18.0288 0848 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:16:18.0310 0848 tdx - ok 19:16:18.0318 0848 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 19:16:18.0328 0848 TermDD - ok 19:16:18.0351 0848 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll 19:16:18.0380 0848 TermService - ok 19:16:18.0396 0848 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 19:16:18.0409 0848 Themes - ok 19:16:18.0423 0848 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 19:16:18.0445 0848 THREADORDER - ok 19:16:18.0456 0848 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 19:16:18.0479 0848 TrkWks - ok 19:16:18.0510 0848 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:16:18.0522 0848 TrustedInstaller - ok 19:16:18.0550 0848 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:16:18.0571 0848 tssecsrv - ok 19:16:18.0588 0848 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:16:18.0610 0848 tunnel - ok 19:16:18.0635 0848 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:16:18.0646 0848 uagp35 - ok 19:16:18.0660 0848 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:16:18.0682 0848 udfs - ok 19:16:18.0704 0848 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:16:18.0717 0848 UI0Detect - ok 19:16:18.0730 0848 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 19:16:18.0741 0848 uliagpkx - ok 19:16:18.0758 0848 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys 19:16:18.0768 0848 umbus - ok 19:16:18.0788 0848 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:16:18.0799 0848 UmPass - ok 19:16:18.0813 0848 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 19:16:18.0837 0848 upnphost - ok 19:16:18.0858 0848 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 19:16:18.0862 0848 USBAAPL ( UnsignedFile.Multi.Generic ) - warning 19:16:18.0862 0848 USBAAPL - detected UnsignedFile.Multi.Generic (1) 19:16:18.0882 0848 [ 2436A42AAB4AD48A9B714E5B0F344627 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:16:18.0894 0848 usbaudio - ok 19:16:18.0902 0848 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:16:18.0922 0848 usbccgp - ok 19:16:18.0945 0848 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 19:16:18.0957 0848 usbcir - ok 19:16:18.0970 0848 [ E4C436D914768CE965D5E659BA7EEBD8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:16:18.0993 0848 usbehci - ok 19:16:19.0015 0848 [ BDCD7156EC37448F08633FD899823620 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:16:19.0028 0848 usbhub - ok 19:16:19.0044 0848 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys 19:16:19.0054 0848 usbohci - ok 19:16:19.0082 0848 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:16:19.0094 0848 usbprint - ok 19:16:19.0111 0848 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:16:19.0122 0848 USBSTOR - ok 19:16:19.0130 0848 [ 22480BF4E5A09192E5E30BA4DDE79FA4 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 19:16:19.0140 0848 usbuhci - ok 19:16:19.0164 0848 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 19:16:19.0183 0848 usbvideo - ok 19:16:19.0210 0848 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 19:16:19.0233 0848 UxSms - ok 19:16:19.0245 0848 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe 19:16:19.0255 0848 VaultSvc - ok 19:16:19.0275 0848 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys 19:16:19.0286 0848 vdrvroot - ok 19:16:19.0303 0848 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe 19:16:19.0321 0848 vds - ok 19:16:19.0333 0848 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:16:19.0345 0848 vga - ok 19:16:19.0360 0848 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 19:16:19.0381 0848 VgaSave - ok 19:16:19.0395 0848 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 19:16:19.0407 0848 vhdmp - ok 19:16:19.0421 0848 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys 19:16:19.0432 0848 viaagp - ok 19:16:19.0445 0848 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 19:16:19.0456 0848 ViaC7 - ok 19:16:19.0468 0848 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\DRIVERS\viaide.sys 19:16:19.0478 0848 viaide - ok 19:16:19.0493 0848 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys 19:16:19.0503 0848 volmgr - ok 19:16:19.0517 0848 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:16:19.0531 0848 volmgrx - ok 19:16:19.0558 0848 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:16:19.0570 0848 volsnap - ok 19:16:19.0603 0848 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:16:19.0614 0848 vsmraid - ok 19:16:19.0644 0848 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe 19:16:19.0670 0848 VSS - ok 19:16:19.0680 0848 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:16:19.0692 0848 vwifibus - ok 19:16:19.0701 0848 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:16:19.0714 0848 vwififlt - ok 19:16:19.0736 0848 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 19:16:19.0762 0848 W32Time - ok 19:16:19.0787 0848 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:16:19.0798 0848 WacomPen - ok 19:16:19.0812 0848 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:16:19.0833 0848 WANARP - ok 19:16:19.0837 0848 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:16:19.0859 0848 Wanarpv6 - ok 19:16:19.0883 0848 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe 19:16:19.0910 0848 wbengine - ok 19:16:19.0926 0848 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:16:19.0942 0848 WbioSrvc - ok 19:16:19.0963 0848 [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:16:19.0984 0848 wcncsvc - ok 19:16:20.0006 0848 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:16:20.0023 0848 WcsPlugInService - ok 19:16:20.0038 0848 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:16:20.0049 0848 Wd - ok 19:16:20.0079 0848 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:16:20.0097 0848 Wdf01000 - ok 19:16:20.0110 0848 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:16:20.0124 0848 WdiServiceHost - ok 19:16:20.0128 0848 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:16:20.0142 0848 WdiSystemHost - ok 19:16:20.0165 0848 [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient C:\Windows\System32\webclnt.dll 19:16:20.0187 0848 WebClient - ok 19:16:20.0211 0848 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:16:20.0235 0848 Wecsvc - ok 19:16:20.0244 0848 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:16:20.0265 0848 wercplsupport - ok 19:16:20.0272 0848 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 19:16:20.0295 0848 WerSvc - ok 19:16:20.0313 0848 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:16:20.0334 0848 WfpLwf - ok 19:16:20.0348 0848 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:16:20.0358 0848 WIMMount - ok 19:16:20.0402 0848 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 19:16:20.0437 0848 WinDefend - ok 19:16:20.0444 0848 WinHttpAutoProxySvc - ok 19:16:20.0486 0848 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:16:20.0512 0848 Winmgmt - ok 19:16:20.0550 0848 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll 19:16:20.0584 0848 WinRM - ok 19:16:20.0622 0848 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:16:20.0635 0848 WinUsb - ok 19:16:20.0656 0848 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 19:16:20.0677 0848 Wlansvc - ok 19:16:20.0742 0848 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:16:20.0779 0848 wlidsvc - ok 19:16:20.0798 0848 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 19:16:20.0808 0848 WmiAcpi - ok 19:16:20.0830 0848 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:16:20.0841 0848 wmiApSrv - ok 19:16:20.0887 0848 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 19:16:20.0908 0848 WMPNetworkSvc - ok 19:16:20.0922 0848 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:16:20.0934 0848 WPCSvc - ok 19:16:20.0947 0848 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:16:20.0959 0848 WPDBusEnum - ok 19:16:20.0976 0848 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:16:20.0997 0848 ws2ifsl - ok 19:16:21.0014 0848 [ A661A76333057B383A06E65F0073222F ] wscsvc C:\Windows\System32\wscsvc.dll 19:16:21.0026 0848 wscsvc - ok 19:16:21.0030 0848 WSearch - ok 19:16:21.0099 0848 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 19:16:21.0165 0848 wuauserv - ok 19:16:21.0184 0848 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:16:21.0205 0848 WudfPf - ok 19:16:21.0224 0848 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:16:21.0235 0848 WUDFRd - ok 19:16:21.0251 0848 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:16:21.0263 0848 wudfsvc - ok 19:16:21.0288 0848 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll 19:16:21.0305 0848 WwanSvc - ok 19:16:21.0312 0848 ================ Scan global =============================== 19:16:21.0327 0848 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll 19:16:21.0355 0848 [ A031E84E7A5884841171E13A73315A7B ] C:\Windows\system32\winsrv.dll 19:16:21.0362 0848 [ A031E84E7A5884841171E13A73315A7B ] C:\Windows\system32\winsrv.dll 19:16:21.0372 0848 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 19:16:21.0389 0848 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 19:16:21.0393 0848 [Global] - ok 19:16:21.0393 0848 ================ Scan MBR ================================== 19:16:21.0401 0848 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 19:16:23.0700 0848 \Device\Harddisk0\DR0 - ok 19:16:23.0700 0848 ================ Scan VBR ================================== 19:16:23.0704 0848 [ 1BE107C9CAED9080BC53B9126AFF71E3 ] \Device\Harddisk0\DR0\Partition1 19:16:23.0707 0848 \Device\Harddisk0\DR0\Partition1 - ok 19:16:23.0741 0848 [ 046BBD7303F14EB983A3F0C302651470 ] \Device\Harddisk0\DR0\Partition2 19:16:23.0743 0848 \Device\Harddisk0\DR0\Partition2 - ok 19:16:23.0779 0848 [ 376B50B18DD730F4A63E4B8227F4638C ] \Device\Harddisk0\DR0\Partition3 19:16:23.0780 0848 \Device\Harddisk0\DR0\Partition3 - ok 19:16:23.0781 0848 ============================================================ 19:16:23.0781 0848 Scan finished 19:16:23.0781 0848 ============================================================ 19:16:23.0795 2404 Detected object count: 5 19:16:23.0795 2404 Actual detected object count: 5 19:18:31.0332 2404 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 19:18:31.0332 2404 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:18:31.0334 2404 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user 19:18:31.0335 2404 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:18:31.0337 2404 libusb0 ( UnsignedFile.Multi.Generic ) - skipped by user 19:18:31.0337 2404 libusb0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:18:31.0340 2404 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user 19:18:31.0340 2404 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 19:18:31.0342 2404 USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user 19:18:31.0342 2404 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip |
17.01.2013, 20:04 | #7 | |
/// Malware-holic | oracle america.inc zerstört meinen Computer! hi combofix: Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!Downloade dir bitte Combofix von einem dieser Downloadspiegel Link 1 Link 2 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
17.01.2013, 22:42 | #8 |
| oracle america.inc zerstört meinen Computer! Combofix Logfile: Code:
ATTFilter ComboFix 13-01-17.03 - Marco Voigt 17.01.2013 22:32:49.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.49.1031.18.3071.1735 [GMT 1:00] ausgeführt von:: c:\users\Marco Voigt\Downloads\ComboFix.exe AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\1358198744.bdinstall.bin c:\programdata\1358355043.bdinstall.bin c:\programdata\ntuser.dat . . ((((((((((((((((((((((( Dateien erstellt von 2012-12-17 bis 2013-01-17 )))))))))))))))))))))))))))))) . . 2013-01-16 18:29 . 2013-01-16 18:29 -------- d-----w- c:\windows\system32\SPReview 2013-01-16 17:01 . 2013-01-16 17:01 -------- d-----w- c:\users\Marco Voigt\AppData\Roaming\Avira 2013-01-16 16:55 . 2012-11-27 09:01 83944 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2013-01-16 16:55 . 2012-11-22 14:51 36552 ----a-w- c:\windows\system32\drivers\avkmgr.sys 2013-01-16 16:55 . 2012-11-22 14:50 134336 ----a-w- c:\windows\system32\drivers\avipbb.sys 2013-01-16 16:55 . 2013-01-16 16:55 -------- d-----w- c:\programdata\Avira 2013-01-16 16:55 . 2013-01-16 16:55 -------- d-----w- c:\program files\Avira 2013-01-16 13:12 . 2013-01-16 13:12 -------- d-----w- c:\program files\Common Files\Symantec Shared 2013-01-16 13:07 . 2013-01-16 16:47 -------- d-----w- c:\programdata\Symantec 2013-01-16 13:06 . 2013-01-16 13:06 -------- d-----w- c:\programdata\NortonInstaller 2013-01-16 12:10 . 2013-01-16 12:10 -------- d-----w- c:\program files\Microsoft 2013-01-14 21:32 . 2013-01-14 21:32 -------- d-----w- c:\programdata\BDLogging 2013-01-14 21:32 . 2007-04-11 09:11 511328 ----a-w- c:\windows\capicom.dll 2013-01-14 21:32 . 2009-07-14 21:27 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll 2013-01-14 21:27 . 2013-01-14 21:27 -------- d-----w- c:\users\Marco Voigt\AppData\Roaming\QuickScan 2013-01-14 21:25 . 2013-01-16 18:02 -------- d-----w- c:\program files\Bitdefender 2013-01-14 21:23 . 2013-01-16 16:51 -------- d-----w- c:\program files\Common Files\Bitdefender 2013-01-11 17:24 . 2013-01-11 17:28 -------- d-----w- c:\users\Marco Voigt\AppData\Roaming\Notepad++ 2013-01-11 17:24 . 2013-01-11 17:28 -------- d-----w- c:\program files\Notepad++ 2013-01-11 12:41 . 2013-01-11 12:42 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-01-11 12:41 . 2013-01-11 12:42 -------- d-----w- c:\program files\iTunes 2013-01-11 12:41 . 2013-01-11 12:41 -------- d-----w- c:\program files\iPod 2013-01-09 14:04 . 2012-11-22 09:33 627712 ----a-w- c:\windows\system32\usp10.dll 2013-01-09 14:04 . 2012-11-23 03:06 2344960 ----a-w- c:\windows\system32\win32k.sys 2013-01-09 14:04 . 2012-11-09 04:49 492032 ----a-w- c:\windows\system32\win32spl.dll 2013-01-09 14:02 . 2012-12-07 05:04 308736 ----a-w- c:\windows\system32\Wpc.dll 2013-01-09 14:00 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{647AD2AD-2C8F-4413-843C-87C5131EE647}\mpengine.dll 2013-01-04 19:02 . 2013-01-04 19:02 -------- d-----w- c:\users\Marco Voigt\AppData\Local\Chromium 2013-01-02 16:47 . 2013-01-02 16:47 -------- d-----w- c:\users\Marco Voigt\AppData\Local\Programs 2013-01-02 15:00 . 2013-01-02 15:00 -------- d-----w- c:\users\Marco Voigt\AppData\Local\Gameforge4d 2013-01-02 14:59 . 2013-01-09 19:20 -------- d-----w- c:\program files\GameforgeLive 2012-12-21 10:43 . 2012-12-16 14:25 295424 ----a-w- c:\windows\system32\atmfd.dll 2012-12-21 10:43 . 2012-12-16 14:25 34304 ----a-w- c:\windows\system32\atmlib.dll . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-17 21:30 . 2011-11-09 07:56 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2013-01-17 21:30 . 2011-11-09 07:55 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2013-01-17 21:30 . 2011-05-04 12:09 1236816 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2013-01-09 20:13 . 2012-04-09 19:33 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-01-09 20:13 . 2011-05-17 09:12 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-15 22:54 . 2012-12-15 23:02 447752 ----a-w- c:\windows\system32\vp6vfw.dll 2012-11-24 18:47 . 2011-05-04 12:09 893552 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-11-24 18:46 . 2011-05-04 12:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-11-14 02:09 . 2012-12-12 22:51 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-11-14 01:58 . 2012-12-12 22:51 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-14 01:57 . 2012-12-12 22:51 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-11-14 01:49 . 2012-12-12 22:51 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-11-14 01:48 . 2012-12-12 22:51 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-11-14 01:44 . 2012-12-12 22:51 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-11-09 04:49 . 2012-12-12 20:07 2048 ----a-w- c:\windows\system32\tzres.dll 2012-11-02 04:48 . 2012-12-12 20:07 376832 ----a-w- c:\windows\system32\dpnet.dll 2012-10-28 14:56 . 2012-10-28 14:56 53760 ----a-w- c:\windows\system32\atimpc32.dll 2012-10-28 14:56 . 2012-10-28 14:56 53760 ----a-w- c:\windows\system32\amdpcom32.dll 2012-10-28 14:56 . 2012-10-28 14:56 33280 ----a-w- c:\windows\system32\atigktxx.dll 2012-10-28 14:56 . 2012-10-28 14:55 294912 ----a-w- c:\windows\system32\ATIODE.exe 2012-10-28 14:55 . 2010-05-27 16:24 32256 ----a-w- c:\windows\system32\atiu9pag.dll 2012-10-28 14:55 . 2010-05-27 16:35 52736 ----a-w- c:\windows\system32\coinst.dll 2012-10-28 14:55 . 2010-05-27 16:37 6203392 ----a-w- c:\windows\system32\atiumdag.dll 2012-10-28 14:55 . 2012-10-28 14:55 20992 ----a-w- c:\windows\system32\atimuixx.dll 2012-10-28 14:55 . 2012-10-28 14:55 118784 ----a-w- c:\windows\system32\atibtmon.exe 2012-10-28 14:55 . 2010-05-27 17:02 909312 ----a-w- c:\windows\system32\aticfx32.dll 2012-10-28 14:55 . 2012-10-28 14:55 44032 ----a-w- c:\windows\system32\aticalcl.dll 2012-10-28 14:55 . 2012-10-28 14:55 1831424 ----a-w- c:\windows\system32\atiumdmv.dll 2012-10-28 14:55 . 2012-10-28 14:54 19753984 ----a-w- c:\windows\system32\atioglxx.dll 2012-10-28 14:54 . 2010-05-27 16:54 6800896 ----a-w- c:\windows\system32\atidxx32.dll 2012-10-28 14:54 . 2012-10-28 14:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2012-10-28 14:54 . 2012-10-28 14:54 360448 ----a-w- c:\windows\system32\atiadlxx.dll 2012-10-28 14:54 . 2010-05-27 16:24 41984 ----a-w- c:\windows\system32\atiuxpag.dll 2012-10-28 14:54 . 2012-10-28 14:54 46080 ----a-w- c:\windows\system32\aticalrt.dll 2012-10-28 14:54 . 2012-10-28 14:54 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2012-10-28 14:54 . 2012-10-28 14:52 13764096 ----a-w- c:\windows\system32\aticaldd.dll 2012-10-28 14:54 . 2012-10-28 14:53 217600 ----a-w- c:\windows\system32\atiesrxx.exe 2012-10-28 14:53 . 2012-10-28 14:52 9334784 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2012-10-28 14:53 . 2012-10-28 14:53 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll 2012-10-28 14:53 . 2010-05-27 16:31 4795904 ----a-w- c:\windows\system32\atiumdva.dll 2012-10-28 14:52 . 2012-10-28 14:52 275968 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2012-10-28 14:52 . 2012-10-28 14:52 45056 ----a-w- c:\windows\system32\ATIODCLI.exe 2012-10-28 14:52 . 2012-10-28 14:52 451072 ----a-w- c:\windows\system32\atieclxx.exe 2012-10-28 14:52 . 2012-10-28 14:52 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2012-10-28 14:52 . 2012-10-28 14:52 14848 ----a-w- c:\windows\system32\atiglpxx.dll 2012-10-28 14:52 . 2012-10-28 14:52 159744 ----a-w- c:\windows\system32\atiapfxx.exe 2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts 2012-10-21 08:46 . 2012-10-21 08:46 1952 ----a-w- c:\windows\system32\ealregsnapshot1.reg . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2011-09-24 3077528] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-04 39408] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-06-17 466704] "Steam"="c:\program files\Steam\Steam.exe" [2012-12-03 1354736] "EADM"="c:\program files\Origin\Origin.exe" [2013-01-16 3494992] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-07 8555040] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544] "BingDesktop"="c:\program files\Microsoft\BingDesktop\BingDesktop.exe" [2012-11-22 2127896] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-12-04 384800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] . c:\users\Marco Voigt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ FIFA 09-Registrierung.lnk - c:\program files\EA Sports\FIFA 09\Support\EAregister.exe [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x] R3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [x] R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [x] R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [x] R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [x] R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [x] S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files\Microsoft\BingDesktop\BingDesktopUpdater.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x] S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x] . . Inhalt des "geplante Tasks" Ordners . 2013-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 20:13] . 2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-04 18:00] . 2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-05-04 18:00] . 2013-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001Core.job - c:\users\Marco Voigt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-03 12:52] . 2013-01-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3041364624-1665624801-2427049025-1001UA.job - c:\users\Marco Voigt\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-03 12:52] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://www.google.de/ uInternet Settings,ProxyOverride = *.local IE: Free YouTube Download - c:\users\Marco Voigt\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites TCP: DhcpNameServer = 78.42.43.62 192.168.0.1 DPF: {444785F1-DE89-4295-863A-D46C3A781394} - hxxp://webplayer.unity3d.com/download_webplayer/UnityWebPlayer.cab . - - - - Entfernte verwaiste Registrierungseinträge - - - - . URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) HKCU-Run-MobileDocuments - c:\program files\Common Files\Apple\Internet Services\ubd.exe SafeBoot-BsScanner AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe . . . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3041364624-1665624801-2427049025-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3041364624-1665624801-2427049025-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-3041364624-1665624801-2427049025-1001\Software\Securom\License information*] "datasecu"=hex:5e,48,de,d7,16,86,1c,9f,9e,f9,a1,95,f2,a3,58,b3,4c,61,3c,c6,bc, e5,e0,f9,94,12,48,b6,ec,96,c5,25,2b,b6,7e,f1,4b,83,e7,73,cf,19,c7,e9,62,73,\ "rkeysecu"=hex:4e,8e,47,9d,4a,a8,10,43,95,4d,ca,56,d7,58,77,23 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2013-01-17 22:41:20 ComboFix-quarantined-files.txt 2013-01-17 21:41 . Vor Suchlauf: 9 Verzeichnis(se), 885.423.247.360 Bytes frei Nach Suchlauf: 14 Verzeichnis(se), 887.350.583.296 Bytes frei . - - End Of File - - A2AF04CF948606E974AD12BBBD48C16A |
17.01.2013, 22:48 | #9 |
/// Malware-holic | oracle america.inc zerstört meinen Computer! Passt bisher alles. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
18.01.2013, 00:27 | #10 |
| oracle america.inc zerstört meinen Computer! Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.01.17.09 Windows 7 x86 NTFS Internet Explorer 9.0.8112.16421 Marco Voigt :: MARCOVOIGT-PC [Administrator] 17.01.2013 23:14:57 mbam-log-2013-01-17 (23-14-57).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|Q:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 452887 Laufzeit: 1 Stunde(n), 10 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
18.01.2013, 19:35 | #11 |
/// Malware-holic | oracle america.inc zerstört meinen Computer! hi, Bitte beginne damit, Windows Updates zu instalieren. Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst. Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist: - Updates automatisch Instalieren, - Täglich - Uhrzeit wählen - Bitte den gesammten rest anhaken, außer: - detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist. Klicke jetzt die Schaltfläche "OK" Klicke jetzt "nach Updates suchen". Bitte instaliere zunächst wichtige Updates. Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren. Mache das selbe bitte mit den optionalen Updates. Wenn du der Meinung bist, dass alles durch ist, bitte einen Rechtsklick auf Computer, Eigenschaften, prüfe, ob das Servicepack1 (sp1) instaliert ist, dann bitte melden, bzw bei Fehlern.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
Themen zu oracle america.inc zerstört meinen Computer! |
andauernd, ausschalten, bildschirm, bildschirm flackert, brauche, compu, computer, dauernd, dringend, flackert, meldung, nicht mehr, oracle america, zerstört, zugriff |