| |
| |||||||
Log-Analyse und Auswertung: GVU-Trojaner- WindowsUnlocker bereits erfolgreichWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.01.2013, 22:45
| #1 |
 |  GVU-Trojaner- WindowsUnlocker bereits erfolgreich Hallo, meinen Rechner hat's erwischt. Der GVU-Trojaner. Mit Kapersky WindowsUnlocker habe ich Windows bereits entsperrt, nun geht es mir darum, mein System wieder rein zu bekommen. Defogger lief ohne Probleme. Die OTL- bzw. Extra-Datei musste ich aufgrund der Größe komprimieren. Malwarebytes Anti-Malware hatte 3 Funde-anbei die Log-Datei. Muss ich mein System neu aufsetzen oder kann eine Reparatur mit Eurer Hilfe erfolgreich sein? Besteht u.U. Gefahr der Infizierung für meine privaten Dateien (liegen nicht auf der Systemfestplatte)? Macht ein Backup dieser Daten jetzt noch Sinn? Vielen Dank für Eure Bemühungen! |
|
21.01.2013, 12:30
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Hallo und
__________________ Mal eine kurze Frage, das ist jetzt nichts speziell gegen dich, ich hätte auch jeden anderen fragen können der die Logs so postet - wo bitte steht, dass die Logs in den Anhang gelegt werden sollen bzw. wo genau hast du das herausgelesen? Logfiles im Anhang erschweren die Auswertung massivst Bitte um Erläuterung damit man die Textstelle in der Anleitung für alle Neulinge mal gezielt ändern/verbessern kann. Danke.  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
21.01.2013, 14:49
| #3 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Hallo,
__________________sorry, habe mich an einem anderen Thread orientiert und dachte, dies wäre der richtige Weg. Hier meine Log-Dateien: OTL: OTL Logfile: Code:
ATTFilter OTL logfile created on: 19.01.2013 20:41:24 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,36 Gb Available Physical Memory | 79,46% Memory free 15,99 Gb Paging File | 14,00 Gb Available in Paging File | 87,50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 931,41 Gb Total Space | 364,88 Gb Free Space | 39,18% Space Free | Partition Type: NTFS Drive D: | 300,00 Gb Total Space | 5,54 Gb Free Space | 1,85% Space Free | Partition Type: NTFS Drive E: | 1863,01 Gb Total Space | 209,12 Gb Free Space | 11,22% Space Free | Partition Type: NTFS Drive L: | 300,00 Gb Total Space | 177,07 Gb Free Space | 59,02% Space Free | Partition Type: NTFS Drive M: | 331,51 Gb Total Space | 35,91 Gb Free Space | 10,83% Space Free | Partition Type: NTFS Computer Name: xxx-PC | User Name: xxx | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.01.19 20:27:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe PRC - [2012.12.04 15:36:48 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.11.08 10:55:40 | 000,898,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe PRC - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2012.04.17 14:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe PRC - [2012.04.04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe PRC - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe PRC - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe PRC - [2012.01.12 13:58:47 | 000,371,256 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe PRC - [2012.01.02 03:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe PRC - [2011.09.15 12:06:04 | 000,088,576 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe PRC - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2010.03.04 06:35:54 | 001,632,776 | ---- | M] (M-Audio) -- C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe PRC - [2009.08.07 14:32:48 | 000,863,232 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe PRC - [2009.08.07 14:12:46 | 000,315,478 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe PRC - [2009.08.07 14:09:26 | 000,143,467 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe PRC - [2009.05.29 10:13:40 | 000,729,600 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Silvercrest MTS2218 driver\KMConfig.exe PRC - [2009.03.20 01:03:00 | 001,904,640 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe PRC - [2009.03.20 01:03:00 | 000,368,640 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe PRC - [2008.08.21 14:15:58 | 000,348,160 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Silvercrest MTS2218 driver\KMProcess.exe PRC - [2008.05.30 01:17:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Silvercrest MTS2218 driver\StartAutorun.exe PRC - [2008.05.30 01:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files (x86)\Silvercrest MTS2218 driver\KMWDSrv.exe PRC - [2007.06.14 18:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe ========== Modules (No Company Name) ========== MOD - [2012.12.19 07:59:29 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll MOD - [2012.12.19 07:59:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll MOD - [2012.12.19 07:59:07 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll MOD - [2012.12.19 07:58:58 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll MOD - [2012.11.08 10:56:00 | 000,178,056 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll MOD - [2012.11.08 10:56:00 | 000,034,184 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll MOD - [2012.11.08 10:55:58 | 000,149,384 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll MOD - [2012.11.08 10:55:54 | 000,014,728 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll MOD - [2012.11.08 10:55:52 | 000,024,456 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll MOD - [2012.11.08 10:55:52 | 000,015,752 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll MOD - [2012.11.08 10:55:50 | 000,039,816 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll MOD - [2012.11.08 10:55:50 | 000,016,776 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll MOD - [2012.11.08 10:55:48 | 000,239,496 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll MOD - [2012.11.08 10:55:48 | 000,026,504 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll MOD - [2012.11.08 10:55:46 | 000,124,808 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll MOD - [2012.11.08 10:55:44 | 000,092,040 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll MOD - [2012.11.08 10:55:42 | 000,018,312 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll MOD - [2012.11.08 10:54:34 | 000,880,640 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll MOD - [2012.10.23 21:58:36 | 000,798,720 | ---- | M] () -- C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll MOD - [2012.04.17 14:05:00 | 001,515,520 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll MOD - [2012.04.17 14:05:00 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe MOD - [2012.04.17 14:05:00 | 000,559,244 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll MOD - [2012.04.17 14:05:00 | 000,516,599 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll MOD - [2012.04.17 14:05:00 | 000,389,120 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\HtcDetect.dll MOD - [2012.04.17 14:05:00 | 000,172,032 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll MOD - [2012.04.17 14:05:00 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll MOD - [2012.04.17 14:05:00 | 000,103,936 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll MOD - [2012.04.17 14:05:00 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll MOD - [2012.01.12 13:55:29 | 000,075,048 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\subsys\DLNA\DMS\_PyDMSCtrl.pyd MOD - [2012.01.02 03:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll MOD - [2011.08.24 03:39:11 | 000,655,360 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_ssl.pyd MOD - [2011.08.24 03:39:11 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\koan\_ctypes.pyd MOD - [2011.08.24 03:39:11 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\Koan\_socket.pyd MOD - [2010.11.04 17:58:06 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009.08.07 14:09:30 | 000,028,672 | ---- | M] () -- C:\Windows\SysWOW64\BsMobileCSps.dll MOD - [2009.07.23 17:43:08 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\s40pack.dll MOD - [2009.07.23 14:06:14 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\BaseLib.dll MOD - [2008.07.11 16:27:08 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\Silvercrest MTS2218 driver\keydll.dll MOD - [2008.06.16 09:06:10 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Silvercrest MTS2218 driver\MouseHook.dll MOD - [2003.05.01 16:23:28 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\Mobile\cscvt.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.11.24 20:01:42 | 001,038,088 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64) SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.12.04 12:13:51 | 000,085,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.12.04 12:04:24 | 000,109,344 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.11.13 21:49:17 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2012.10.23 22:02:00 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service) SRV - [2012.10.02 23:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2012.10.02 12:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2012.04.04 06:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.01.12 14:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service) SRV - [2012.01.12 14:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12) SRV - [2012.01.12 14:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service) SRV - [2011.09.19 15:59:40 | 000,278,336 | ---- | M] (NVIDIA) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService) SRV - [2011.09.15 12:06:04 | 000,088,576 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service) SRV - [2011.05.24 10:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2011.04.26 13:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2010.11.24 20:03:09 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.04 06:35:54 | 001,632,776 | ---- | M] (M-Audio) [Auto | Running] -- C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe -- (OxygenAudioDevMon) SRV - [2010.02.26 15:14:04 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.08.07 14:32:48 | 000,863,232 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2009.08.07 14:14:44 | 000,192,000 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS) SRV - [2009.08.07 14:09:26 | 000,143,467 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe -- (BsMobileCS) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.20 01:03:00 | 000,368,640 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service) SRV - [2008.05.30 01:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files (x86)\Silvercrest MTS2218 driver\KMWDSrv.exe -- (KMWDSERVICE) SRV - [2007.06.14 18:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.12.03 15:36:36 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.12.03 15:36:35 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.11.16 20:17:15 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.03.07 02:00:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb) DRV:64bit: - [2012.03.06 06:17:00 | 000,093,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetndis64.sys -- (andnetndis) DRV:64bit: - [2012.03.06 06:04:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem) DRV:64bit: - [2012.03.06 06:04:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag) DRV:64bit: - [2012.03.02 05:13:58 | 000,029,184 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0) DRV:64bit: - [2011.08.02 20:02:56 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt) DRV:64bit: - [2011.08.02 20:02:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt) DRV:64bit: - [2011.03.28 09:52:52 | 000,053,840 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus) DRV:64bit: - [2011.03.28 09:52:50 | 000,528,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM) DRV:64bit: - [2011.03.28 09:52:48 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3) DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 05:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2010.11.20 05:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 03:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2010.11.20 02:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010.06.25 16:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot) DRV:64bit: - [2010.03.04 06:35:52 | 000,134,664 | ---- | M] (M-Audio) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MAudioOxygen.sys -- (OXYGEN) DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2010.01.21 13:54:26 | 000,018,944 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64) DRV:64bit: - [2009.12.30 10:31:40 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt) DRV:64bit: - [2009.12.30 10:31:30 | 000,025,088 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdcx64) DRV:64bit: - [2009.12.30 10:31:30 | 000,008,704 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2009.11.02 18:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64) DRV:64bit: - [2009.09.15 12:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvoclk64.sys -- (nvoclk64) DRV:64bit: - [2009.08.26 21:54:51 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin) DRV:64bit: - [2009.08.21 09:52:09 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2009.07.19 10:05:48 | 000,019,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio) DRV:64bit: - [2009.07.19 10:05:46 | 000,013,264 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx) DRV:64bit: - [2009.07.14 01:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883) DRV:64bit: - [2009.07.14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc) DRV:64bit: - [2009.07.14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV) DRV:64bit: - [2009.07.08 09:17:40 | 000,047,880 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btcusb.sys -- (Btcsrusb) DRV:64bit: - [2009.06.17 13:02:50 | 000,034,440 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetBus.sys -- (btnetBUs) DRV:64bit: - [2009.06.17 13:02:44 | 000,020,488 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btnetdrv.sys -- (BT) DRV:64bit: - [2009.06.17 13:01:46 | 000,030,344 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV:64bit: - [2009.06.17 13:01:38 | 000,024,968 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BtHidBus.sys -- (BtHidBus) DRV:64bit: - [2009.06.17 13:01:24 | 000,020,872 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VHIDMini.sys -- (VHidMinidrv) DRV:64bit: - [2009.06.17 13:01:14 | 000,043,912 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VCommMgr.sys -- (VcommMgr) DRV:64bit: - [2009.06.17 13:01:06 | 000,017,032 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VComm.sys -- (VComm) DRV:64bit: - [2009.06.10 21:35:42 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.08 10:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb) DRV:64bit: - [2009.03.20 01:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB) DRV:64bit: - [2009.03.20 01:03:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject) DRV:64bit: - [2008.12.17 13:47:14 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2008.06.27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs) DRV:64bit: - [2008.03.25 15:24:44 | 000,165,760 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd) DRV:64bit: - [2008.03.25 12:54:26 | 000,049,152 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte) DRV:64bit: - [2008.03.19 10:38:46 | 000,088,192 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid) DRV:64bit: - [2008.02.12 02:59:18 | 000,297,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm) DRV:64bit: - [2008.02.05 00:50:42 | 000,079,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2) DRV:64bit: - [2008.01.22 19:58:12 | 000,056,320 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd) DRV:64bit: - [2007.11.29 08:45:58 | 000,044,800 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp) DRV:64bit: - [2007.10.18 13:25:00 | 000,051,328 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb) DRV:64bit: - [2007.10.02 10:43:08 | 000,076,160 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom) DRV:64bit: - [2005.09.23 22:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MarvinBus64.sys -- (MarvinBus) DRV:64bit: - [2005.07.13 05:43:00 | 000,028,160 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2012.03.02 05:13:58 | 000,021,504 | ---- | M] (hxxp://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) DRV - [2012.01.11 21:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2012/07/20 14:39:39] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) DRV - [2011.10.27 07:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12) DRV - [2011.07.01 22:17:41 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2008.08.14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs) DRV - [2006.02.20 01:17:40 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWow64\drivers\cdrbsdrv.sys -- (cdrbsdrv) DRV - [2005.09.13 16:32:00 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\tosrfusb.sys -- (Tosrfusb) DRV - [2005.08.26 21:10:20 | 000,108,672 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TosRfbd.sys -- (tosrfbd) DRV - [2005.06.27 17:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TosRfhid.sys -- (Tosrfhid) DRV - [2005.04.06 08:54:44 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TosRfSnd.sys -- (TosRfSnd) DRV - [2005.03.30 11:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\Tosporte.sys -- (tosporte) DRV - [2005.01.06 12:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\tosrfnds.sys -- (tosrfnds) DRV - [2004.10.04 09:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2004.07.08 16:07:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\tosrfbnp.sys -- (tosrfbnp) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\..\SearchScopes,DefaultScope = {AE28BFCB-95B3-4158-8066-D9793041E64C} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0FA5F90E-C1EA-4834-A1DC-4BB3BE4C5DFE}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{AE28BFCB-95B3-4158-8066-D9793041E64C}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz= IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120217-1212: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll (Sony Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) O1 HOSTS File: ([2012.10.25 16:56:08 | 000,444,963 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 127.0.0.1 123haustiereundmehr.com O1 - Hosts: 15281 more lines... O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin) O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe (IVT Corporation) O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe () O4 - HKLM..\Run: [KMCONFIG] C:\Program Files (x86)\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe File not found O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.) O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink) O4 - HKLM..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe (Sony Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Reg Error: Value error.) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 10.11.2) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://fotoservice.mediamarkt.de/ips-opdata/objects/jordan.cab (Reg Error: Key error.) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3B5EAF82-E1EE-4D20-A3F9-61B2D5F5C1B1}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0E8475E-517F-4FC6-8AFA-03E7E9B56AD9}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{01c5f0bd-3fd1-11e2-a4da-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{01c5f0bd-3fd1-11e2-a4da-0009dd5065a8}\Shell\AutoRun\command - "" = H:\pushinst.exe O33 - MountPoints2\{28b2af4b-6cfc-11e0-8ba7-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{28b2af4b-6cfc-11e0-8ba7-0009dd5065a8}\Shell\AutoRun\command - "" = N:\autorun.exe O33 - MountPoints2\{3dc25d87-9057-11de-a8b3-001fd0815ddf}\Shell - "" = AutoRun O33 - MountPoints2\{3dc25d87-9057-11de-a8b3-001fd0815ddf}\Shell\AutoRun\command - "" = M:\pushinst.exe O33 - MountPoints2\{474bda22-18f6-11e1-ba36-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{474bda22-18f6-11e1-ba36-0009dd5065a8}\Shell\AutoRun\command - "" = O:\USBAutoRun.exe O33 - MountPoints2\{5a3e9c0d-8f7a-11de-b61e-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{5a3e9c0d-8f7a-11de-b61e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup.exe /autorun O33 - MountPoints2\{67dfda3e-c0b3-11de-a94b-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{67dfda3e-c0b3-11de-a94b-0009dd5065a8}\Shell\AutoRun\command - "" = N:\autorun.exe O33 - MountPoints2\{6a6e1c66-0eb3-11df-9557-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{6a6e1c66-0eb3-11df-9557-0009dd5065a8}\Shell\AutoRun\command - "" = U:\start.exe /checksection O33 - MountPoints2\{6bf24edf-8166-11e0-994e-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{6bf24edf-8166-11e0-994e-0009dd5065a8}\Shell\AutoRun\command - "" = O:\LaunchU3.exe O33 - MountPoints2\{6dc30a45-ef31-11de-b6a5-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{6dc30a45-ef31-11de-b6a5-0009dd5065a8}\Shell\AutoRun\command - "" = S:\LaunchU3.exe -a O33 - MountPoints2\{7433258b-3695-11df-8a70-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{7433258b-3695-11df-8a70-0009dd5065a8}\Shell\AutoRun\command - "" = S:\autorun.exe O33 - MountPoints2\{9c3b26f4-83cc-11e0-b403-0009dd5065a8}\Shell - "" = AutoRun O33 - MountPoints2\{9c3b26f4-83cc-11e0-b403-0009dd5065a8}\Shell\AutoRun\command - "" = O:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.19 20:27:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2013.01.19 20:17:41 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2009.08.26 21:54:51 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\xxx\AppData\Roaming\pcouffin.sys [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.19 20:37:12 | 000,803,552 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.19 20:37:12 | 000,669,218 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.19 20:37:12 | 000,128,472 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.19 20:36:25 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.19 20:36:25 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.19 20:33:59 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job [2013.01.19 20:31:22 | 000,001,093 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini [2013.01.19 20:31:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.19 20:31:07 | 2146,148,351 | -HS- | M] () -- C:\hiberfil.sys [2013.01.19 20:29:51 | 000,000,198 | ---- | M] () -- C:\Users\xxx\defogger_reenable [2013.01.19 20:29:12 | 000,365,568 | ---- | M] () -- C:\Users\xxx\Desktop\gmer-2.0.18444.exe [2013.01.19 20:27:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\xxx\Desktop\OTL.exe [2013.01.19 20:27:10 | 000,050,477 | ---- | M] () -- C:\Users\xxx\Desktop\Defogger.exe [2013.01.19 17:41:57 | 000,000,004 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\skype.ini [2013.01.12 13:22:08 | 000,019,456 | ---- | M] () -- C:\Users\xxx\AppData\Local\WebpageIcons.db [2013.01.11 00:09:58 | 000,000,273 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\default.rss [2013.01.11 00:09:32 | 000,134,144 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.12.31 15:25:29 | 000,125,821 | ---- | M] () -- C:\Users\xxx\Desktop\xxx.pdf [2012.12.28 17:54:57 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI [2012.12.27 21:40:24 | 001,303,917 | ---- | M] () -- C:\Users\xxx\Desktop\Coupons_Januar_2013.pdf [2012.12.20 23:06:20 | 000,001,076 | ---- | M] () -- C:\Users\xxx\Desktop\tiptoi.lnk [2012.12.20 22:36:54 | 000,277,432 | ---- | M] () -- C:\Users\xxx\Desktop\xxx bday.jpg [2012.12.20 21:58:05 | 001,709,576 | ---- | M] () -- C:\Users\xxx\Desktop\xxx.jpg [2012.12.20 21:55:38 | 001,806,032 | ---- | M] () -- C:\Users\xxx\Desktop\xxx2.jpg [2012.12.20 21:54:45 | 021,663,862 | ---- | M] () -- C:\Users\xxx\Desktop\xxx.psd [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] [3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.19 20:29:50 | 000,000,198 | ---- | C] () -- C:\Users\xxx\defogger_reenable [2013.01.19 20:29:12 | 000,365,568 | ---- | C] () -- C:\Users\xxx\Desktop\gmer-2.0.18444.exe [2013.01.19 20:26:48 | 000,050,477 | ---- | C] () -- C:\Users\xxx\Desktop\Defogger.exe [2013.01.19 17:28:20 | 000,000,004 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\skype.ini [2012.12.31 15:25:29 | 000,125,821 | ---- | C] () -- C:\Users\xxx\Desktop\Birkenhaag_berliLichtenrade_berl.pdf [2012.12.27 21:40:24 | 001,303,917 | ---- | C] () -- C:\Users\xxx\Desktop\Coupons_Januar_2013.pdf [2012.12.20 22:13:04 | 000,277,432 | ---- | C] () -- C:\Users\xxx\Desktop\xxxbday.jpg [2012.12.20 21:55:36 | 001,806,032 | ---- | C] () -- C:\Users\xxx\Desktop\xxx.jpg [2012.12.20 21:54:44 | 021,663,862 | ---- | C] () -- C:\Users\xxx\Desktop\xxx.psd [2012.12.20 21:51:11 | 001,709,576 | ---- | C] () -- C:\Users\xxx\Desktop\xxx.jpg [2012.12.19 07:19:34 | 000,068,608 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\skype.dat [2012.07.21 21:57:23 | 000,007,633 | ---- | C] () -- C:\Users\xxx\AppData\Local\Resmon.ResmonCfg [2011.09.04 19:30:24 | 000,019,456 | ---- | C] () -- C:\Users\xxx\AppData\Local\WebpageIcons.db [2011.08.27 15:09:51 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011.08.27 15:09:51 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2010.08.15 18:23:51 | 000,054,653 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\mdbu.bin [2010.03.30 23:00:35 | 000,000,000 | ---- | C] () -- C:\ProgramData\CLDShowX.ini [2009.11.26 20:18:25 | 000,000,000 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\downloads.m3u [2009.09.21 23:11:43 | 000,000,273 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\default.rss [2009.09.10 19:39:27 | 000,134,144 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.08.26 21:54:51 | 000,099,384 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\inst.exe [2009.08.26 21:54:51 | 000,007,859 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\pcouffin.cat [2009.08.26 21:54:51 | 000,001,167 | ---- | C] () -- C:\Users\xxx\AppData\Roaming\pcouffin.inf ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010.11.20 05:27:26 | 014,174,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010.11.20 04:21:20 | 012,872,192 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.11.11 20:41:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\2K Sports [2011.03.10 21:15:53 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Amazon [2012.08.31 23:27:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AntiBrowserSpy 2009 [2012.03.19 23:42:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\calibre [2012.03.15 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite [2013.01.06 15:42:11 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DAEMON Tools Pro [2010.08.15 12:27:58 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1 [2012.02.17 12:59:25 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Disney Interactive Studios [2012.11.01 18:07:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoft [2012.03.18 23:13:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers [2011.12.03 13:09:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\EasyPhotoEffects [2011.12.03 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Franzis [2011.05.20 21:33:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GARMIN [2012.03.23 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\HTC [2012.03.23 22:13:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1 [2012.02.06 00:22:33 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\JAM Software [2010.02.07 12:58:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Kiddinx [2010.08.16 23:16:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Leadertech [2010.05.19 22:25:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\LEAPS [2010.08.02 21:06:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\LG Electronics [2011.12.03 18:20:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MAGIX [2009.09.13 19:42:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Mp3tag [2010.07.31 09:00:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nokia [2011.05.20 21:48:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PC Suite [2012.08.10 21:54:37 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\pdfforge [2011.12.03 13:21:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PearlMountainSoft [2010.05.19 22:22:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Pegasys Inc [2011.12.03 17:40:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PhotoFiltre [2012.12.28 22:12:27 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\PhotoMania [2010.01.31 23:50:52 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\proDAD [2011.09.17 21:37:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ProtectDISC [2012.12.20 23:24:26 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\RavensburgerTipToi [2011.07.01 22:07:02 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Samsung [2011.11.19 23:51:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Serif [2010.09.23 21:43:09 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Stardock [2011.12.04 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1 [2011.08.27 14:59:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Vso [2012.02.09 20:59:38 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\WB Games [2009.09.18 17:15:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Win7codecs [2012.09.01 14:28:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Xilisoft [2011.08.13 21:00:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\XMedia Recode ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 2560 bytes -> C:\ProgramData\CLDShowX.ini:Update.CL @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:054B9966 @Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:C59E90A4 < End of report > [/CODE] |
|
21.01.2013, 14:50
| #4 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Doppelpost Geändert von chrillinho (21.01.2013 um 14:58 Uhr) Grund: Doppelpost |
|
21.01.2013, 14:51
| #5 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Fortsetzung (da Thread sonst zu groß): Extras.Txt OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 19.01.2013 20:41:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\xxx\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16438)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,36 Gb Available Physical Memory | 79,46% Memory free
15,99 Gb Paging File | 14,00 Gb Available in Paging File | 87,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 364,88 Gb Free Space | 39,18% Space Free | Partition Type: NTFS
Drive D: | 300,00 Gb Total Space | 5,54 Gb Free Space | 1,85% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 209,12 Gb Free Space | 11,22% Space Free | Partition Type: NTFS
Drive L: | 300,00 Gb Total Space | 177,07 Gb Free Space | 59,02% Space Free | Partition Type: NTFS
Drive M: | 331,51 Gb Total Space | 35,91 Gb Free Space | 10,83% Space Free | Partition Type: NTFS
Computer Name: xxx-PC | User Name: xxx| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{076B0A85-5BE4-483B-A647-3FF8E76B29A9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{10828BCF-9BA7-4E54-AC87-8426DC4135BF}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{225E8A24-8580-4E83-8230-24CEB6C67C1B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{266639A2-4431-4D91-8FA8-4D3EEE1A0A27}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{2CB3CDFB-9585-46ED-AA8C-C00C8C50DF29}" = lport=10243 | protocol=6 | dir=in | app=system |
"{46AFA37B-13AE-4E60-B2D1-9D394E5EFE1A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{483D7173-3951-42C8-9D18-EF2AF6693F63}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4D88191F-F7CE-4378-8E42-B8819694C862}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{527E61A3-0B2D-4154-B198-B5F4B97B0921}" = lport=2869 | protocol=6 | dir=in | app=system |
"{662F640F-3FDA-4546-B6B1-4B9F50572E8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{73B90700-1A5C-4A34-BE10-A42CDDB2BDA9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75669230-34FB-4611-A8F9-EE73B26FC6D1}" = rport=445 | protocol=6 | dir=out | app=system |
"{7CDA4058-85C7-45A5-AABB-672BA03CCE7C}" = rport=137 | protocol=17 | dir=out | app=system |
"{A6FF83DF-6A0F-43A1-90D3-ED4DCC3A75A8}" = lport=445 | protocol=6 | dir=in | app=system |
"{AC85574F-0FC2-405E-97C3-C5D400AF7CB2}" = lport=137 | protocol=17 | dir=in | app=system |
"{B3EC005C-EEC9-4E32-9BE1-9C4BE48F2F5F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C2DB051A-6A54-43C2-ABC3-986B3E212E95}" = rport=139 | protocol=6 | dir=out | app=system |
"{C3B9BFC1-65A0-48F6-A20D-01AB0883F20F}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
"{C7314E98-F7A2-413C-9AE9-CDBF0209B16C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1FF704F-117D-4C96-9D1D-80BBD03AF682}" = rport=138 | protocol=17 | dir=out | app=system |
"{E8614777-73CD-420F-9A48-7BA707590A3D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EA1EF780-6981-49D7-B16C-A4593BC1A33F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB0C3129-0AAB-43B3-8394-A1E66CA4FD5C}" = lport=138 | protocol=17 | dir=in | app=system |
"{EFCD3120-16D1-481F-B03F-63EA3B41D5AB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{FDC8E69A-542B-44BD-BC1B-0C20E6164C5F}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FA63E6-2ADA-41CA-961D-C4AF0916A64F}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{05E72668-A1D0-47EE-86DB-372FFB8201E0}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{073F5BD9-F1AA-47F2-8091-61AB8998799B}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{118BA4A2-E409-411A-A8A2-071056741C76}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"{14E4A28C-A1A9-4D8F-A9BB-EDF3A5EA7C21}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{18409FE2-C6E3-43C7-A64B-114407B6A66F}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{22209ACD-5B35-4FB9-A27A-C2041297AF80}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{23216254-938F-498D-AFF0-2A1E926846CC}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"{2A304E26-F9D7-4C69-8A86-BEB7A2A9C462}" = protocol=17 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{3905A1D8-BFD1-46B6-81E6-AF8B7CAC2044}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{3C94797A-7801-4788-B3E2-E1576BD226B2}" = protocol=6 | dir=out | app=system |
"{42E00B34-66F4-4614-8960-3BB325406135}" = protocol=6 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"{436280FA-7F7C-4CF2-A607-C127622F1286}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"{45881435-736C-49F7-915B-3F671333FA0B}" = dir=out | app=d:\games\fifa 13\game\fifa13.exe |
"{491498B6-F36B-4726-A830-E167B11A1F60}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A7CC370-6C20-497C-AF51-5E29F8F6DEB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4AB68A37-8D6E-4FC2-91D5-860947F76377}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{4BE5EB5D-86BC-452D-BF82-A1F341A2BE53}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{4CCC3BE1-617B-49F5-9F29-93B47108E5A9}" = protocol=17 | dir=in | app=c:\program files (x86)\sega\vancouver 2010\vancouver.exe |
"{509E1921-64D5-4BC5-AB0E-C88D7870F590}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\gu.exe |
"{52145E76-0B93-4B7C-B826-B01CEE405DC5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5226689C-C407-48D8-99BA-5A4C05B9794D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5256EA58-3B20-4A64-AE5F-4BF4CDB9532F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{569897B2-EB4E-41D8-8C99-AFB091BEA7BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5AF99A21-EFCB-46D7-ABF9-52D4BAE8AF4B}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k13\nba2k13.exe |
"{5F438171-6ECD-4805-B736-D86935D4E325}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\yeti_final_win32.exe |
"{628F9F23-C569-49A5-9F28-8A79641A0094}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{65151937-992B-4904-AE8B-80006A111A58}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
"{65167CE9-86FE-4C9F-86A2-2A94ABEDF752}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{6547B930-2DC2-4F6F-85A8-9703C8BA9849}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{6623A136-ACD8-4166-9D1E-08B35AEDAF94}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{67A8E6FE-77D6-4086-BB84-E94A17182FD5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{699353EB-EDD8-4DA5-8BC1-D8CA7A128104}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{6BCBCD10-5942-4971-A961-6F4A6395F7A4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{6CADE241-9FF8-4D57-AB89-3F7FD6C60773}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{704CE2CA-28CD-4A57-9DED-2FCB31568B68}" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"{708ADFBD-1FAA-4FB2-9320-9B2790E9737F}" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\batman arkham asylum goty\binaries\shippingpc-bmgame.exe |
"{71178251-2F22-4E09-87C2-3EAF5EEC37ED}" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{74520925-3B59-454D-8FD5-E9DF1ACBF454}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\yeti_final_win32.exe |
"{77EE7692-692D-492C-87AC-D226498906C0}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{7AB23967-619A-480C-8163-AD98C5A5FD9F}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{7C08D154-9300-4AB3-9FB8-FA1996CB9057}" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\mirror's edge\binaries\mirrorsedge.exe |
"{7C9B8E26-F67F-4443-AA41-3A6575713A10}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{8040C7D0-EBA4-4892-A536-F4D5D105E27A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{81B224F2-3355-4AAB-8E1E-B1006C375206}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82DEB177-E077-47E4-B92A-773269AAE1E0}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |
"{84C53DCE-36BB-4DA9-A3F1-9D636E0746C8}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{8664E0B6-D6CF-4452-AE7D-3E2C81C4A1A3}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{8D30638F-12CE-48C2-8BD6-AE4F37F7E886}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{93A0E0DE-45B4-41B3-841D-E771039C1861}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{9A135B47-E53D-49E4-8664-F81573A42346}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{9ABB7C30-679B-42F6-8E87-93A889CDC2A8}" = protocol=6 | dir=in | app=c:\program files (x86)\mass effect\masseffectlauncher.exe |
"{9B1B06A8-B00B-4495-BF7B-602BCE770F69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C794981-B753-4FAF-A52B-B0783A9FC128}" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"{9CEA9B6D-7BA2-4CD1-84DF-A817E89ECA57}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{A0CC4BC5-4220-4A78-A8EF-1A2FA4BFF2BD}" = protocol=17 | dir=in | app=c:\program files (x86)\sierra\fear\fear.exe |
"{A1B66D50-642E-4074-90C2-D56C4CB885DD}" = protocol=6 | dir=in | app=c:\program files (x86)\sierra\fear\fearmp.exe |
"{A8FDB53B-7962-4589-BDCD-2FA1F58262EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ACB3F42A-4FBE-44C3-B6CA-365BFDFDE1EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{ACB77A3E-8B50-4BA1-BD17-C89D44E76F59}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"{ADD5658D-A593-46F0-B4E7-FA2B39FA2EAC}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{AEC1DC6F-4079-4705-9678-FD13FDF14FAF}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe |
"{B06D74BF-3593-4CD4-924C-9816A3C6C198}" = protocol=6 | dir=in | app=c:\program files (x86)\sega\vancouver 2010\vancouver.exe |
"{B314CD4A-F347-4D26-964A-9F756C1083CA}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{B4F14011-5743-44D6-B098-1797A6FD4841}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B6AF1B22-FFCF-40DE-83E2-1D97751C19C1}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"{B8A9E537-C3AD-4AE2-B0D8-351447C307B3}" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"{B9627431-EF0D-49D2-A48C-7C150AB34F89}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\umi.exe |
"{BAA49640-4BF1-4BF6-BE1B-81BB4CFF6694}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{BC549E5D-A0B8-4F21-ADB5-B2E7BCEDBE67}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\detection\launcher.exe |
"{C3A9C319-0B17-4222-9ADB-09B7FF4A3CEC}" = protocol=17 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{C46322D0-6FF0-4126-9D65-07103681D948}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{C887A42C-F9CC-496E-86B6-6B90FA7CCD70}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2012\pes2012.exe |
"{CAB08572-890A-4E48-B35E-69D4E66C2641}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
"{CBA90A9A-E2B2-43D1-A3DB-C47A11C03864}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\rm.exe |
"{D24D76C4-06C1-4ACC-9BCA-C7C6350E87A0}" = protocol=17 | dir=in | app=c:\program files (x86)\mass effect\binaries\masseffect.exe |
"{D4B2DD78-D640-405E-870D-F1AE9AB30EBB}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{DADAB7BF-40D1-4CB2-AD0F-B4B93CC82B52}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{DD3AD90E-C188-4FA4-B6C3-5CA6F33872A1}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe |
"{E01CBB05-9870-4165-92B9-774E87902FCC}" = protocol=6 | dir=in | app=c:\program files (x86)\konami\pro evolution soccer 2011\pes2011.exe |
"{E07A8FBF-4F29-4330-B8F2-3E6E19A890B8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E26876A8-D095-4FF0-930F-AB3138DA3521}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E3A7F8B3-5A35-497B-A9CC-A7E08CE41F8C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7AA34DC-B69C-47AE-A56F-49E7441A9E87}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E99E6BD9-293E-4477-980F-6556E0887CE2}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\detection\launcher.exe |
"{EFC43604-0F12-4DAE-8726-19CDC2C0FB45}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F002A50B-2650-4D97-9330-CB680A03325F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F93CE05E-1DD8-47E6-B561-0E1C1BF21551}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{F9A5A1BD-7F72-4498-AC1F-796A1B889089}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\lost via domus\gu.exe |
"{FA7E5EFE-01C1-45C7-9E3B-CD4395289363}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FB5BF8B8-E1A0-49A7-86CA-54C6ED933D19}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"TCP Query User{1DB0E361-65CD-4EED-9522-A50391968B73}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{1F058DDB-25B4-4C23-AC8D-5A118279DE30}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"TCP Query User{1FB2C463-CC32-4DDF-AE02-8D289B0FC357}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{27561BA0-1846-4B8C-BE52-A4076F6AFAAE}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{38D65121-244E-4B70-A96E-10E9A755E1C6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{54488F08-1509-45FA-8A33-FEC22C2F7B14}D:\games\fifa 13\game\fifa13.exe" = protocol=6 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"TCP Query User{55414EED-9FD1-4181-A47B-BD27D269823A}C:\program files (x86)\mymdb\mymdb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mymdb\mymdb.exe |
"TCP Query User{600633BA-A975-4A76-B30D-8AAF8B3FFDD9}C:\program files (x86)\codemasters\grid\grid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"TCP Query User{81A3DEA0-BCF2-4B5A-BBA2-06EBA42075D7}C:\program files (x86)\mymdb\mymdb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mymdb\mymdb.exe |
"TCP Query User{84A6CDAE-F29E-45A7-A0B7-3DD0BA9CABEE}C:\program files (x86)\deep silver\nail'd\naild_x86.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deep silver\nail'd\naild_x86.exe |
"TCP Query User{9188007E-E92D-4C1F-BB31-3136373F1E57}C:\program files (x86)\2k sports\nba 2k12\nba2k12.exe" = protocol=6 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"TCP Query User{97A2D16C-5C7D-45E0-B310-86CB4AD7B70E}C:\program files (x86)\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fifa 12\game\fifa.exe |
"TCP Query User{996C5C65-2127-40C2-B88C-C5A82E6A869D}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"TCP Query User{A236C39E-A684-4128-807B-75533E524D25}C:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"TCP Query User{C00E2A9B-81FE-4CC0-85CD-3D7F9F0D87FE}C:\program files (x86)\fifa 12\game\fifa.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fifa 12\game\fifa.exe |
"TCP Query User{C732C602-6AFD-4B85-99AB-EA2CCF98868E}C:\program files (x86)\bethesda softworks\fallout 3\fallout3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bethesda softworks\fallout 3\fallout3.exe |
"TCP Query User{CCFA8CC2-F917-41CA-AD38-3E79E41515FC}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{FE4BD504-392A-4464-A0AD-C624D7D8D9A5}C:\program files (x86)\microsoft virtual pc\virtual pc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft virtual pc\virtual pc.exe |
"UDP Query User{05F9AAF1-8749-460C-8304-783D3131EDAD}C:\program files (x86)\2k sports\nba 2k12\nba2k12.exe" = protocol=17 | dir=in | app=c:\program files (x86)\2k sports\nba 2k12\nba2k12.exe |
"UDP Query User{075B65C3-AA98-4680-986A-2142A190B7C7}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{0F83503D-365B-4B70-BB95-FCDFD546CFA7}C:\program files (x86)\microsoft virtual pc\virtual pc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft virtual pc\virtual pc.exe |
"UDP Query User{269FAE66-FFF7-4D9C-A390-E4D88C61D91D}C:\program files (x86)\codemasters\grid\grid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\grid\grid.exe |
"UDP Query User{35FD9B51-86E5-458E-9A85-E2945C736348}C:\program files (x86)\deep silver\nail'd\naild_x86.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deep silver\nail'd\naild_x86.exe |
"UDP Query User{3CE0F8AD-404F-4CC4-8C64-6A77ABC93CBC}C:\program files (x86)\codemasters\f1 2011\f1_2011.exe" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\f1 2011\f1_2011.exe |
"UDP Query User{4D4C0F13-C903-40E8-B5C4-F1689A6FD237}C:\program files (x86)\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fifa 12\game\fifa.exe |
"UDP Query User{5112B69C-EEC7-41D2-8996-42E450E80A44}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{7BF0B303-9BFC-4B66-A429-324B8B44D2D4}C:\program files (x86)\fifa 12\game\fifa.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fifa 12\game\fifa.exe |
"UDP Query User{7D075822-9F03-4A8C-9A06-24ACA13B47F9}C:\program files (x86)\mymdb\mymdb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mymdb\mymdb.exe |
"UDP Query User{AA6E2AC4-5ABD-4180-AFE3-D8F4906258C6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{B37C49ED-8E41-4F19-A9C8-AB109FD294D4}C:\program files (x86)\mymdb\mymdb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mymdb\mymdb.exe |
"UDP Query User{BBB3D58B-25E9-4913-803B-78E9C2FE336F}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{BE09594D-633B-4BB5-AA88-54323E6A406A}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{C503C27C-6263-4BBE-8E97-AE5A57EC4AC7}C:\program files (x86)\pinnacle\studio 12\programs\studio.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 12\programs\studio.exe |
"UDP Query User{C8A81AA8-8D94-424B-8D9E-EFC92415DE8A}C:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\sopcast.exe |
"UDP Query User{D0A9EA7A-B6AC-4C72-AF74-0A4DDECA42C2}D:\games\fifa 13\game\fifa13.exe" = protocol=17 | dir=in | app=d:\games\fifa 13\game\fifa13.exe |
"UDP Query User{D0DF12B0-81D9-453A-BB94-0B48E461DB09}C:\program files (x86)\bethesda softworks\fallout 3\fallout3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bethesda softworks\fallout 3\fallout3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{10CD364B-FFCC-48BE-B469-B9622A033075}" = Fences
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416018FF}" = Java(TM) 6 Update 18 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{5EB90C06-964F-4195-B83E-BD7E55C88415}" = Pinnacle Video Treiber
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1" = Adobe Reader 64-bit fixes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{A122AD66-B765-4B61-8B2B-EFEDE5BB9779}" = Media Preview
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{AD483998-2E9A-4405-83FF-6E503AF49CBB}" = Microsoft Virtual PC 2007 SP1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}" = Microsoft Xbox 360 Accessories 1.2
"{B52D5EDB-1945-4889-8F25-DEA1F9CD876A}" = M-Audio Oxygen Driver 1.3.0 (x64)
"{B74F48B3-F8BB-4A7C-A7AD-9FE142322BA8}" = O&O DiskRecovery
"{B8EC8560-B390-4543-9A11-F36A3B1027AC}" = Bluesoleil 6.4.275.0
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"81AE60DDD229A248055515E311406D86F7E4012A" = Windows-Treiberpaket - Infineon Technologies (FlashUSB) USB (04/16/2009 1.0.0.6)
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile Modem Device" = Samsung Mobile Modem Device Software
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SAMSUNG USB Mobile Device" = SAMSUNG USB Mobile Device Software
"VLC media player" = VLC media player 2.1.0-git-20120217-1212
"VueScan" = VueScan
"Win7x64 Components_is1" = Win7x64 Components v1.2.3
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1" = MiniTool Partition Wizard Home Edition 7.6
"{065D5505-3821-4C2E-BB6C-FE66A7E7CB4F}" = USB Flash Port Driver
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{095B0246-4EB6-45B9-B1BE-536097A0BDDA}" = HD Writer 2.5E for HDC
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0C006957-28FF-4EA7-9C29-5119931B2CB2}" = TMPGEnc 4.0 XPress
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{1719FAD6-2F6A-4F5E-BF2B-1F6F6F1E3806}_is1" = AnyBizSoft PDF Password Remover (Build 1.2.0)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}" = Mass Effect
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F93C992-D01F-4C68-B507-594722DD6FDD}" = Hannah Montana Der Film
"{1FE9FC19-7A1A-4507-81DC-D403022E301D}" = VOB2MPG v3
"{262BF2CD-601D-4F43-919C-4B00B1D1F338}" = Boris Graffiti
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{2702B8FC-6003-4AC6-ADBC-EC65746D800A}" = Lost Via Domus
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2B653229-9854-4989-B780-D978F5F13EAB}" = FEAR
"{2B673C6F-BDEA-48AE-AB59-7479BF04EF6E}" = Nail'd
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2F2B569E-2024-48B8-867B-DB1BF2338F38}" = Silvercrest MTS2218 driver
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed
"{359cfc0a-beb1-440d-95ba-cf63a86da34f}" = Nero Recode
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{41785C66-90F2-40CE-8CB5-1C94BFC97280}" = Microsoft Chart Controls for Microsoft .NET Framework 3.5
"{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4f98e6a5-fa1a-4253-9502-74598bc157b6}" = Nero 9 Trial
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{558623C6-BB2C-C95D-8D6C-FA4B8FAAC875}" = myphotobook.de
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0B7BA5-4682-4273-81C2-69B17E649103}" = GRID
"{5AEDCB07-25E3-4136-BE1E-BB2A2944355D}" = Game Graphic Studio
"{5B48A8D9-D1AD-4424-BD4D-E462737099DF}" = SportTracks 3.0
"{5DEBDBF3-5AEC-4B61-B7FC-0C48CF62473C}" = MAGIX Foto Premium MX
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{6291FC10-FDF0-4022-A1A5-710C728D49C2}" = Vancouver 2010
"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D308A90-6C14-4A02-9B04-CB0EF17894A9}_is1" = Picture Collage Maker Pro 3.1.9
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6D80B6D8-C7FC-C635-B3D2-1DFE9BEE890D}" = TiltShiftGenerator: artandmobile.com
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"{7CDA2B02-E0A4-4EB5-8533-050D535BA43A}" = Media Converter for Philips
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{7EFC9BDF-63E5-430A-0001-A16E27357530}" = Einfach Gute Fotos
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A6AD979-8170-49ED-8529-14174317B281}" = SA60xx Device Manager
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{8D8E4C50-3A16-44AB-9034-373E7BD9C1A8}" = LG PC Suite II
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}" = FIFA 13
"{A35001F0-F1E4-11DD-A38B-005056C00008}" = Paragon Partition Manager™ 11 Professional
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A94CA235-0C9B-475D-8018-50DDC0E3867C}" = MAGIX Foto & Grafik Designer 7
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 4.0
"{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}" = HTC Sync
"{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}" = AKVIS Sketch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"{B005695F-BA47-4C2B-B333-D786B71BED3A}" = Garmin Training Center
"{b1adf008-e898-4fe2-8a1f-690d9a06acaf}" = DolbyFiles
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit
"{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1" = RAR Password Unlocker 4.2.0.0
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BAE1CCA6-AB32-4D27-AE69-203436D54EC8}" = Reader for PC
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2011 Free
"{C38DAF06-0274-4C12-AE3A-AE1B4E75B8F4}" = MAGIX Speed burnR (MSI)
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{c5a7cb6c-e76d-408f-ba0e-85605420fe9d}" = SoundTrax
"{C5A8DF48-580B-44D3-B2B2-E965A9368F28}" = LEGO® Harry Potter™: Die Jahre 1-4
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CFABC775-5386-4BA5-86B4-505BBD36E812}" = Batman: Arkham Asylum Game of the Year Edition
"{d025a639-b9c9-417d-8531-208859000af8}" = NeroBurningROM
"{D041EB9E-890A-4098-8F94-51DA194AC72A}" = Pinnacle Studio 12
"{D1860E6E-520E-4380-8433-E58E8F88B473}" = Pinnacle Studio 12 Ultimate Plugins
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D303CDE8-D1DB-4DBA-A15A-C7EE3D775726}" = Serif Digital Scrapbook Artist
"{D96B6543-A0C0-4351-AF96-73DEF1DD6820}" = NBA 2K13
"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime
"{DA2B4016-343D-4564-BE1C-99D84BE9673D}" = AKVIS ArtWork
"{DCBC91E4-B72B-4E0A-97C9-D4EF389A132A}" = PC Connectivity Solution
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{E51DE402-6CEF-4B7D-A268-EBF34F782FD5}_is1" = FIBA 2k12 Version 1.5
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.25
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{F833B666-1D46-4C21-8A2F-DF2080995741}" = calibre
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FDC9D4AE-1A9C-4206-ACBF-3A073C6443DC}" = MAGIX Screenshare
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Album Art Downloader XUI" = Album Art Downloader XUI 0.29.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ASIO4ALL" = ASIO4ALL
"Atmosphere Lite_is1" = Atmosphere Lite v6.0
"AudibleDownloadManager" = Audible Download Manager
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 7
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"DAEMON Tools Pro" = DAEMON Tools Pro
"de.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1" = myphotobook.de
"DotRacing Plugin V3_is1" = DotRacing Plugin V3
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"DVDFab 8 Qt_is1" = DVDFab 8.2.0.6 (24/08/2012) Qt
"DVD-lab PRO 2.5_is1" = DVD-lab PRO 2.5
"DVDStyler_is1" = DVDStyler v1.8.0.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Fences" = Fences
"FIFA 12 (c) EA_is1" = FIFA 12 (c) EA version 1
"FL Studio 9" = FL Studio 9
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free DVD Video Burner_is1" = Free DVD Video Burner version 2.4
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.0
"Free Studio_is1" = Free Studio version 5.3.5
"Free Video to DVD Converter_is1" = Free Video to DVD Converter version 1.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}" = F1 2011
"Google Updater" = Google Updater
"Hardcore" = Hardcore
"HD Tune_is1" = HD Tune 2.55
"Homefront_is1" = Homefront
"IL Download Manager" = IL Download Manager
"Infineon USB driver_is1" = Infineon USB driver 1.0.0.6
"InstallShield_{2F2B569E-2024-48B8-867B-DB1BF2338F38}" = Silvercrest MTS2218 driver
"InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}" = NVIDIA Performance
"InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}" = Samsung New PC Studio USB Driver Installer
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}" = NVIDIA System Monitor
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"KaloMa_is1" = KaloMa 4.93
"Kobo" = Kobo
"Lidl-Fotos_is1" = Lidl-Fotos
"Magic Bullet Looks Studio" = Magic Bullet Looks Studio
"MAGIX 3D Maker D" = MAGIX 3D Maker (embeded)
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"MAGIX Video deluxe 16 Premium D" = MAGIX Video deluxe 16 Premium 9.0.0.54 (D)
"MAGIX Xtreme Foto Designer 6 D" = MAGIX Xtreme Foto Designer 6
"MAGIX_MSI_Foto_Grafik_Designer_7_FPMX" = MAGIX Foto & Grafik Designer 7
"MAGIX_MSI_Foto_Premium_MX" = MAGIX Foto Premium MX
"Media Markt Fotoservice_is1" = Media Markt Fotoservice 4.4
"memory" = memory®
"Mp3tag" = Mp3tag v2.44
"MyMDb_0" = MyMDb 3.5.2
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NewBlue Free Effects for Windows" = NewBlue Free Effects for Windows
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"PhotoMania" = PhotoMania
"Picasa 3" = Picasa 3
"PoiZone" = PoiZone
"proDAD-Mercalli-1.0" = proDAD Mercalli 1.0
"proDAD-Vitascene-1.0" = proDAD Vitascene 1.0
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"Ravensburger tiptoi" = Ravensburger tiptoi
"Red Eye Remover Pro_is1" = Red Eye Remover Pro 1.2
"Saw" = Saw Game
"Sawer" = Sawer
"Schlag den Raab_is1" = Schlag den Raab
"SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service
"Sonic the Hedgehog 4 - Episode II (c) SEGA_is1" = Sonic the Hedgehog 4 - Episode II (c) SEGA version 1
"SopCast" = SopCast 3.3.2
"Spec Ops The Line_is1" = Spec Ops The Line
"Steam App 400" = Portal
"Steam App 43110" = Metro 2033
"SUPER ©" = SUPER © Version 2010.bld.37 (Jan 2, 2010)
"SwnYGwynt.ProEx_is1" = ProEx for DVD-Lab PRO Version 2
"SystemRequirementsLab" = System Requirements Lab
"TiltShift.E66C440A17F1D70FFD66FDB4568328647297CFDC.1" = TiltShiftGenerator: artandmobile.com
"Toxic Biohazard" = Toxic Biohazard
"TreeSize Free_is1" = TreeSize Free V2.4
"UltraStar Deluxe" = UltraStar Deluxe
"UltraStar Manager" = UltraStar Manager
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"VueScan" = VueScan
"Wondershare Photo Collage Studio 2011_is1" = Wondershare Photo Collage Studio 2011 4.2.17.4
"Xilisoft Blu-ray Ripper" = Xilisoft Blu-ray Ripper
"Xilisoft Video Converter Ultimate 6" = Xilisoft Video Converter Ultimate 6
"XMedia Recode" = XMedia Recode 3.0.2.0
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"PhotoFiltre" = PhotoFiltre
"Tool Collection 3" = Tool Collection 3
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2013 12:31:47 | Computer Name = xxxPC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 19.01.2013 12:31:47 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 19.01.2013 12:31:47 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 19.01.2013 12:31:47 | Computer Name = xxx-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 19.01.2013 13:20:09 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
Error - 19.01.2013 13:20:09 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
Error - 19.01.2013 15:27:15 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
Error - 19.01.2013 15:27:16 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
Error - 19.01.2013 15:37:12 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
Error - 19.01.2013 15:37:12 | Computer Name = xxx-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
enthält den Win32-Fehlercode.
[ Media Center Events ]
Error - 24.11.2009 17:42:29 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 22:42:26 - Fehler beim Herstellen der Internetverbindung. 22:42:26
- Serververbindung konnte nicht hergestellt werden..
Error - 25.11.2009 17:35:55 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 22:35:55 - Fehler beim Herstellen der Internetverbindung. 22:35:55
- Serververbindung konnte nicht hergestellt werden..
Error - 25.11.2009 17:36:27 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 22:36:24 - Fehler beim Herstellen der Internetverbindung. 22:36:24
- Serververbindung konnte nicht hergestellt werden..
Error - 26.11.2009 17:24:10 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 22:24:06 - Fehler beim Herstellen der Internetverbindung. 22:24:06
- Serververbindung konnte nicht hergestellt werden..
Error - 12.04.2012 17:33:25 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 23:33:25 - Fehler beim Herstellen der Internetverbindung. 23:33:25
- Serververbindung konnte nicht hergestellt werden..
Error - 12.04.2012 17:33:33 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 23:33:30 - Fehler beim Herstellen der Internetverbindung. 23:33:30
- Serververbindung konnte nicht hergestellt werden..
Error - 13.04.2012 17:15:50 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 23:15:49 - Fehler beim Herstellen der Internetverbindung. 23:15:49
- Serververbindung konnte nicht hergestellt werden..
Error - 13.04.2012 17:15:58 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 23:15:55 - Fehler beim Herstellen der Internetverbindung. 23:15:55
- Serververbindung konnte nicht hergestellt werden..
Error - 14.04.2012 13:04:43 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 19:04:43 - Fehler beim Herstellen der Internetverbindung. 19:04:43
- Serververbindung konnte nicht hergestellt werden..
Error - 26.05.2012 10:20:33 | Computer Name = xxx-PC | Source = MCUpdate | ID = 0
Description = 16:20:32 - Fehler beim Herstellen der Internetverbindung. 16:20:32
- Serververbindung konnte nicht hergestellt werden..
[ OSession Events ]
Error - 20.10.2009 14:16:14 | Computer Name = xxx-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 146
seconds with 60 seconds of active time. This session ended with a crash.
Error - 02.02.2011 04:26:57 | Computer Name = xxx-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.05.2012 05:06:21 | Computer Name = xxx-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 38
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 19.01.2013 15:20:44 | Computer Name = xxx-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 15:21:59 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
BsHelpCS erreicht.
Error - 19.01.2013 15:21:59 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "BsHelpCS" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 19.01.2013 15:23:24 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 19.01.2013 15:23:24 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
Error - 19.01.2013 15:31:04 | Computer Name = xxx-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 15:31:05 | Computer Name = xxx-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 15:31:08 | Computer Name = xxx-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 19.01.2013 15:33:49 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 19.01.2013 15:33:49 | Computer Name = xxx-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
[/CODE] gmer.txt Code:
ATTFilter
GMER 2.0.18444 - hxxp://www.gmer.net
Rootkit scan 2013-01-19 21:37:34
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 Hitachi_HDT721010SLA360 rev.ST6OA3AA 931,51GB
Running: gmer-2.0.18444.exe; Driver: C:\Users\xxx~1\AppData\Local\Temp\kglyiuod.sys
---- User code sections - GMER 2.0 ----
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe[1796] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe[1908] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[1136] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe[3972] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe[4084] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000753387b1 5 bytes JMP 0000000173521000
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe[2372] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000753387b1 5 bytes JMP 0000000173521000
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe[3272] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000075311401 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000075311419 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000075311431 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 000000007531144a 2 bytes [31, 75]
.text ... * 9
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000753114dd 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000753114f5 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 000000007531150d 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000075311525 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 000000007531153d 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000075311555 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 000000007531156d 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000075311585 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 000000007531159d 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000753115b5 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000753115cd 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000753116b2 2 bytes [31, 75]
.text C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe[2176] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000753116bd 2 bytes [31, 75]
---- Threads - GMER 2.0 ----
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [1468:1664] 00000000725e32fb
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696:2632] 000000007245e2db
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696:2712] 000000006eff8de0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696:2716] 000000006eff8de0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696:2720] 000000006eff8de0
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696:2724] 000000006eff4e00
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [3436:2760] 0000000073588d07
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [3436:2784] 0000000073588fdc
Thread C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [3436:3676] 00000000735888f0
---- Processes - GMER 2.0 ----
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [1468] 0000000075f00000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [1696] 0000000075f00000
Library ? (*** suspicious ***) @ C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [3436] 0000000075310000
Library ? (*** suspicious ***) @ C:\Program Files\Windows Media Player\wmpnetwk.exe [4640] 000007fefcbf0000
---- Registry - GMER 2.0 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x08 0x34 0xA6 0x0F ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x64 0x42 0xA3 0x56 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x61 0x40 0x52 0xD3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDB 0x7E 0xDD 0xAE ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x08 0x34 0xA6 0x0F ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 1
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x64 0x42 0xA3 0x56 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Pro\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x61 0x40 0x52 0xD3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDB 0x7E 0xDD 0xAE ...
---- EOF - GMER 2.0 ----
MBAM-log-2013-01-19%20(22-36-43).txt Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.19.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16438 xxx:: xxx-PC [Administrator] 19.01.2013 22:33:18 MBAM-log-2013-01-19 (22-36-43).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 259541 Laufzeit: 2 Minute(n), 50 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 1 HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bösartig: ("regedit.exe" "%1") Gut: (regedit.exe "%1") -> Keine Aktion durchgeführt. Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 3 C:\Users\xxx\AppData\Roaming\skype.dat (Trojan.Bublik) -> Keine Aktion durchgeführt. C:\Users\xxx\AppData\Local\Temp\-1141764966.exe (Trojan.Bublik) -> Keine Aktion durchgeführt. C:\Users\xxx\Downloads\eXplorer.exe (Heuristics.Reserved.Word.Exploit) -> Keine Aktion durchgeführt. (Ende) Die 3 laut MBAM infizierten Dateien habe ich bereits gelöscht. Vielen Dank für die Hilfe! |
|
21.01.2013, 15:14
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ --> GVU-Trojaner- WindowsUnlocker bereits erfolgreich |
|
21.01.2013, 15:37
| #7 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Nein, ich habe keine weiteren Logs; von Malwarebytes nur den obigen. Ich muss noch dazu sagen, dass Malwarebytes auch den befallenen Registry-Key gelöscht hat. Geändert von chrillinho (21.01.2013 um 15:41 Uhr) Grund: Ergänzung |
|
21.01.2013, 15:38
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
21.01.2013, 18:16
| #9 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Malwarebytes Anti-Rootkit sagt nach dem ersten Durchlauf: Scan finished: No Malware found! (No cleanup is required). Und nun?  |
|
22.01.2013, 09:55
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Bitte einfach nur die Logs posten, egal ob Fund oder kein Fund
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.01.2013, 17:54
| #11 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich OK, hier der MBAR-Log: Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.22.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16438
xxx:: xxx-PC [administrator]
22.01.2013 17:41:12
mbar-log-2013-01-22 (17-41-12).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33651
Time elapsed: 8 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
23.01.2013, 10:13
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner- WindowsUnlocker bereits erfolgreich 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.01.2013, 19:15
| #13 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich OK, hier schon mal die aswMBR.txt: Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-23 18:22:01
-----------------------------
18:22:01.043 OS Version: Windows x64 6.1.7601 Service Pack 1
18:22:01.043 Number of processors: 4 586 0x170A
18:22:01.043 ComputerName: xxx-PC UserName: xxx
18:22:02.432 Initialize success
18:24:24.865 AVAST engine defs: 13012300
18:25:12.320 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
18:25:12.320 Disk 0 Vendor: Hitachi_HDT721010SLA360 ST6OA3AA Size: 953868MB BusType: 3
18:25:12.320 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-3
18:25:12.320 Disk 1 Vendor: Hitachi_HDT721010SLA360 ST6OA3AA Size: 953868MB BusType: 3
18:25:12.320 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP3T0L0-4
18:25:12.320 Disk 2 Vendor: SAMSUNG_HD204UI 1AQ10001 Size: 1907729MB BusType: 3
18:25:12.336 Disk 0 MBR read successfully
18:25:12.336 Disk 0 MBR scan
18:25:12.367 Disk 0 Windows 7 default MBR code
18:25:12.383 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
18:25:12.383 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 953766 MB offset 206848
18:25:12.414 Disk 0 scanning C:\Windows\system32\drivers
18:25:25.970 Service scanning
18:25:52.381 Modules scanning
18:25:52.381 Disk 0 trace - called modules:
18:25:52.412 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
18:25:52.412 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007ae2060]
18:25:52.412 3 CLASSPNP.SYS[fffff8800160143f] -> nt!IofCallDriver -> [0xfffffa800780ee40]
18:25:52.428 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa800782a060]
18:25:53.629 AVAST engine scan C:\Windows
18:25:55.751 AVAST engine scan C:\Windows\system32
18:29:22.899 AVAST engine scan C:\Windows\system32\drivers
18:29:37.438 AVAST engine scan C:\Users\xxx
18:53:44.019 AVAST engine scan C:\ProgramData
19:12:12.120 Scan finished successfully
19:13:20.526 Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\MBR.dat"
19:13:20.526 The log file has been saved successfully to "C:\Users\xxx\Desktop\aswMBR.txt"
Code:
ATTFilter
19:19:27.0209 3188 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:19:27.0380 3188 ============================================================
19:19:27.0380 3188 Current date / time: 2013/01/23 19:19:27.0380
19:19:27.0380 3188 SystemInfo:
19:19:27.0380 3188
19:19:27.0380 3188 OS Version: 6.1.7601 ServicePack: 1.0
19:19:27.0380 3188 Product type: Workstation
19:19:27.0380 3188 ComputerName: xxx-PC
19:19:27.0380 3188 UserName: xxx
19:19:27.0380 3188 Windows directory: C:\Windows
19:19:27.0380 3188 System windows directory: C:\Windows
19:19:27.0380 3188 Running under WOW64
19:19:27.0380 3188 Processor architecture: Intel x64
19:19:27.0380 3188 Number of processors: 4
19:19:27.0380 3188 Page size: 0x1000
19:19:27.0380 3188 Boot type: Normal boot
19:19:27.0380 3188 ============================================================
19:19:28.0285 3188 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:19:28.0301 3188 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:28.0332 3188 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:28.0410 3188 ============================================================
19:19:28.0410 3188 \Device\Harddisk0\DR0:
19:19:28.0410 3188 MBR partitions:
19:19:28.0410 3188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:19:28.0410 3188 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
19:19:28.0410 3188 \Device\Harddisk1\DR1:
19:19:28.0410 3188 MBR partitions:
19:19:28.0410 3188 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x257FFBD8
19:19:28.0441 3188 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x25800418, BlocksNum 0x257FE2D1
19:19:28.0457 3188 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x4AFFE728, BlocksNum 0x2970725A
19:19:28.0457 3188 \Device\Harddisk2\DR2:
19:19:28.0457 3188 MBR partitions:
19:19:28.0457 3188 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
19:19:28.0457 3188 ============================================================
19:19:28.0472 3188 L: <-> \Device\Harddisk1\DR1\Partition2
19:19:28.0503 3188 M: <-> \Device\Harddisk1\DR1\Partition3
19:19:28.0535 3188 D: <-> \Device\Harddisk1\DR1\Partition1
19:19:28.0550 3188 E: <-> \Device\Harddisk2\DR2\Partition1
19:19:28.0581 3188 C: <-> \Device\Harddisk0\DR0\Partition2
19:19:28.0581 3188 ============================================================
19:19:28.0581 3188 Initialize success
19:19:28.0581 3188 ============================================================
19:20:30.0233 5256 ============================================================
19:20:30.0233 5256 Scan started
19:20:30.0233 5256 Mode: Manual; SigCheck; TDLFS;
19:20:30.0233 5256 ============================================================
19:20:31.0200 5256 ================ Scan system memory ========================
19:20:31.0200 5256 System memory - ok
19:20:31.0200 5256 ================ Scan services =============================
19:20:31.0340 5256 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:20:31.0434 5256 1394ohci - ok
19:20:31.0496 5256 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
19:20:31.0543 5256 61883 - ok
19:20:31.0590 5256 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
19:20:31.0621 5256 acedrv11 - ok
19:20:31.0668 5256 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:20:31.0684 5256 ACPI - ok
19:20:31.0715 5256 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:20:31.0777 5256 AcpiPmi - ok
19:20:31.0840 5256 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
19:20:31.0840 5256 adfs - ok
19:20:31.0980 5256 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:20:31.0980 5256 AdobeARMservice - ok
19:20:32.0042 5256 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:20:32.0058 5256 adp94xx - ok
19:20:32.0089 5256 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:20:32.0089 5256 adpahci - ok
19:20:32.0105 5256 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:20:32.0120 5256 adpu320 - ok
19:20:32.0136 5256 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:20:32.0230 5256 AeLookupSvc - ok
19:20:32.0292 5256 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys
19:20:32.0432 5256 AFD - ok
19:20:32.0464 5256 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:20:32.0464 5256 agp440 - ok
19:20:32.0495 5256 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:20:32.0542 5256 ALG - ok
19:20:32.0588 5256 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:20:32.0588 5256 aliide - ok
19:20:32.0635 5256 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:20:32.0635 5256 amdide - ok
19:20:32.0666 5256 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:20:32.0698 5256 AmdK8 - ok
19:20:32.0713 5256 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:20:32.0744 5256 AmdPPM - ok
19:20:32.0776 5256 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:20:32.0791 5256 amdsata - ok
19:20:32.0807 5256 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:20:32.0822 5256 amdsbs - ok
19:20:32.0838 5256 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:20:32.0838 5256 amdxata - ok
19:20:32.0869 5256 [ D6D5D76A5A384C616E6B9D1DD9EA62AF ] andnetadb C:\Windows\system32\Drivers\lgandnetadb.sys
19:20:32.0916 5256 andnetadb - ok
19:20:32.0947 5256 [ 8B3236C07EF8A2B714A8B64D8EA0F2AB ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
19:20:32.0978 5256 AndNetDiag - ok
19:20:32.0994 5256 [ 17D42F72B6DC32F1DAC96E948E60037E ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
19:20:33.0025 5256 ANDNetModem - ok
19:20:33.0072 5256 [ A1D5155BD93F7F1933C2D91AACC7FA62 ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis64.sys
19:20:33.0119 5256 andnetndis - ok
19:20:33.0197 5256 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:20:33.0197 5256 AntiVirSchedulerService - ok
19:20:33.0244 5256 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:20:33.0244 5256 AntiVirService - ok
19:20:33.0290 5256 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:20:33.0337 5256 AppID - ok
19:20:33.0368 5256 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:20:33.0415 5256 AppIDSvc - ok
19:20:33.0431 5256 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:20:33.0462 5256 Appinfo - ok
19:20:33.0509 5256 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:20:33.0556 5256 AppMgmt - ok
19:20:33.0587 5256 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:20:33.0587 5256 arc - ok
19:20:33.0602 5256 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:20:33.0602 5256 arcsas - ok
19:20:33.0727 5256 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:20:33.0774 5256 aspnet_state - ok
19:20:33.0805 5256 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:20:33.0836 5256 AsyncMac - ok
19:20:33.0868 5256 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:20:33.0883 5256 atapi - ok
19:20:33.0930 5256 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:20:33.0946 5256 atksgt - ok
19:20:33.0992 5256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:20:34.0070 5256 AudioEndpointBuilder - ok
19:20:34.0070 5256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:20:34.0102 5256 AudioSrv - ok
19:20:34.0148 5256 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
19:20:34.0180 5256 Avc - ok
19:20:34.0242 5256 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:20:34.0258 5256 avgntflt - ok
19:20:34.0258 5256 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:20:34.0273 5256 avipbb - ok
19:20:34.0289 5256 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:20:34.0289 5256 avkmgr - ok
19:20:34.0336 5256 [ D1A9AE485FFF7C72CA50D8949B2210B9 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:20:34.0367 5256 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0367 5256 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
19:20:34.0398 5256 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:20:34.0414 5256 avmeject - ok
19:20:34.0460 5256 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:20:34.0523 5256 AxInstSV - ok
19:20:34.0538 5256 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:20:34.0585 5256 b06bdrv - ok
19:20:34.0601 5256 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:20:34.0632 5256 b57nd60a - ok
19:20:34.0679 5256 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:20:34.0710 5256 BDESVC - ok
19:20:34.0741 5256 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:20:34.0788 5256 Beep - ok
19:20:34.0835 5256 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:20:34.0897 5256 BFE - ok
19:20:34.0991 5256 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe
19:20:35.0006 5256 bgsvcgen - ok
19:20:35.0038 5256 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:20:35.0084 5256 BITS - ok
19:20:35.0116 5256 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:20:35.0147 5256 blbdrive - ok
19:20:35.0225 5256 [ 2E985F8082120C0661B62B8D2D9824BE ] BlueSoleilCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
19:20:35.0272 5256 BlueSoleilCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0272 5256 BlueSoleilCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0287 5256 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:20:35.0334 5256 bowser - ok
19:20:35.0350 5256 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:20:35.0350 5256 BrFiltLo - ok
19:20:35.0365 5256 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:20:35.0396 5256 BrFiltUp - ok
19:20:35.0428 5256 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:20:35.0459 5256 Browser - ok
19:20:35.0490 5256 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:20:35.0506 5256 Brserid - ok
19:20:35.0521 5256 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:20:35.0552 5256 BrSerWdm - ok
19:20:35.0568 5256 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:20:35.0599 5256 BrUsbMdm - ok
19:20:35.0615 5256 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:20:35.0646 5256 BrUsbSer - ok
19:20:35.0693 5256 [ B6FA1F4EF227812FF98F1401E4DBCA10 ] BsHelpCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
19:20:35.0724 5256 BsHelpCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0724 5256 BsHelpCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0755 5256 [ 7135AF330649DB0EA1E968E42D5CA5AB ] BsMobileCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
19:20:35.0786 5256 BsMobileCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0786 5256 BsMobileCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0802 5256 [ EA05E37130B94670E8AA3379EAFAE22E ] BT C:\Windows\system32\DRIVERS\btnetdrv.sys
19:20:35.0818 5256 BT - ok
19:20:35.0833 5256 [ B2FD180ED01C31800FAE65E63052DFE7 ] Btcsrusb C:\Windows\system32\Drivers\btcusb.sys
19:20:35.0849 5256 Btcsrusb - ok
19:20:35.0849 5256 [ 901F25FE9D0B0E9A693968D0556AA6DA ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
19:20:35.0864 5256 BtHidBus - ok
19:20:35.0864 5256 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:20:35.0896 5256 BTHMODEM - ok
19:20:35.0942 5256 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:20:35.0989 5256 bthserv - ok
19:20:36.0020 5256 [ 809B63EB22CA285FC22AE2238DF65EFD ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
19:20:36.0020 5256 btnetBUs - ok
19:20:36.0052 5256 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:20:36.0098 5256 cdfs - ok
19:20:36.0130 5256 cdrbsdrv - ok
19:20:36.0176 5256 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:20:36.0208 5256 cdrom - ok
19:20:36.0254 5256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:20:36.0317 5256 CertPropSvc - ok
19:20:36.0379 5256 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:20:36.0442 5256 circlass - ok
19:20:36.0488 5256 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:20:36.0504 5256 CLFS - ok
19:20:36.0676 5256 [ 4C6406CF07D4EBB70C5774D55C6688FB ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
19:20:36.0676 5256 CLHNServiceForPowerDVD12 - ok
19:20:36.0722 5256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:36.0738 5256 clr_optimization_v2.0.50727_32 - ok
19:20:36.0769 5256 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:20:36.0769 5256 clr_optimization_v2.0.50727_64 - ok
19:20:36.0863 5256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:36.0941 5256 clr_optimization_v4.0.30319_32 - ok
19:20:36.0972 5256 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:20:36.0972 5256 clr_optimization_v4.0.30319_64 - ok
19:20:37.0003 5256 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:20:37.0034 5256 CmBatt - ok
19:20:37.0066 5256 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:20:37.0081 5256 cmdide - ok
19:20:37.0112 5256 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
19:20:37.0144 5256 CNG - ok
19:20:37.0159 5256 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:20:37.0175 5256 Compbatt - ok
19:20:37.0206 5256 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:20:37.0253 5256 CompositeBus - ok
19:20:37.0268 5256 COMSysApp - ok
19:20:37.0284 5256 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:20:37.0284 5256 crcdisk - ok
19:20:37.0331 5256 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:20:37.0393 5256 CryptSvc - ok
19:20:37.0409 5256 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:20:37.0471 5256 CSC - ok
19:20:37.0502 5256 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:20:37.0534 5256 CscService - ok
19:20:37.0627 5256 [ EA22BCA708B37B82ADEBC822A171B92E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
19:20:37.0627 5256 CyberLink PowerDVD 12 Media Server Monitor Service - ok
19:20:37.0658 5256 [ 3168D2F171A64590E7A11355CAE60A1E ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
19:20:37.0658 5256 CyberLink PowerDVD 12 Media Server Service - ok
19:20:37.0721 5256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:20:37.0768 5256 DcomLaunch - ok
19:20:37.0799 5256 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:20:37.0846 5256 defragsvc - ok
19:20:37.0892 5256 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:20:37.0939 5256 DfsC - ok
19:20:37.0970 5256 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:20:38.0002 5256 Dhcp - ok
19:20:38.0002 5256 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:20:38.0048 5256 discache - ok
19:20:38.0080 5256 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:20:38.0095 5256 Disk - ok
19:20:38.0126 5256 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:20:38.0173 5256 Dnscache - ok
19:20:38.0220 5256 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:20:38.0267 5256 dot3svc - ok
19:20:38.0298 5256 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:20:38.0345 5256 DPS - ok
19:20:38.0392 5256 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:20:38.0423 5256 drmkaud - ok
19:20:38.0485 5256 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:20:38.0501 5256 DXGKrnl - ok
19:20:38.0516 5256 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:20:38.0563 5256 EapHost - ok
19:20:38.0626 5256 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:20:38.0719 5256 ebdrv - ok
19:20:38.0750 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
19:20:38.0750 5256 EFS - ok
19:20:38.0875 5256 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:20:38.0953 5256 ehRecvr - ok
19:20:38.0969 5256 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:20:38.0984 5256 ehSched - ok
19:20:39.0016 5256 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:20:39.0031 5256 elxstor - ok
19:20:39.0062 5256 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:20:39.0094 5256 ErrDev - ok
19:20:39.0140 5256 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:20:39.0187 5256 EventSystem - ok
19:20:39.0203 5256 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:20:39.0234 5256 exfat - ok
19:20:39.0296 5256 Fabs - ok
19:20:39.0312 5256 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:20:39.0343 5256 fastfat - ok
19:20:39.0406 5256 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:20:39.0452 5256 Fax - ok
19:20:39.0468 5256 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:20:39.0484 5256 fdc - ok
19:20:39.0515 5256 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:20:39.0546 5256 fdPHost - ok
19:20:39.0562 5256 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:20:39.0608 5256 FDResPub - ok
19:20:39.0624 5256 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:20:39.0640 5256 FileInfo - ok
19:20:39.0655 5256 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:20:39.0686 5256 Filetrace - ok
19:20:39.0796 5256 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:20:39.0858 5256 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:20:39.0858 5256 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:20:39.0920 5256 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:20:39.0936 5256 FLEXnet Licensing Service - ok
19:20:39.0998 5256 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:20:40.0030 5256 FLEXnet Licensing Service 64 - ok
19:20:40.0045 5256 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:20:40.0045 5256 flpydisk - ok
19:20:40.0092 5256 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:20:40.0108 5256 FltMgr - ok
19:20:40.0139 5256 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\Windows\system32\FntCache.dll
19:20:40.0217 5256 FontCache - ok
19:20:40.0264 5256 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:20:40.0264 5256 FontCache3.0.0.0 - ok
19:20:40.0295 5256 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:20:40.0295 5256 FsDepends - ok
19:20:40.0310 5256 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:20:40.0326 5256 Fs_Rec - ok
19:20:40.0373 5256 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:20:40.0388 5256 fvevol - ok
19:20:40.0420 5256 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
19:20:40.0451 5256 FWLANUSB - ok
19:20:40.0466 5256 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:20:40.0482 5256 gagp30kx - ok
19:20:40.0529 5256 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:20:40.0576 5256 gpsvc - ok
19:20:40.0622 5256 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
19:20:40.0622 5256 grmnusb - ok
19:20:40.0685 5256 [ 5467F1FF0AF264566740F67E8B810735 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:20:40.0700 5256 gusvc - ok
19:20:40.0716 5256 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:20:40.0747 5256 hcw85cir - ok
19:20:40.0810 5256 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:20:40.0825 5256 HdAudAddService - ok
19:20:40.0888 5256 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:20:40.0888 5256 HDAudBus - ok
19:20:40.0903 5256 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:20:40.0934 5256 HidBatt - ok
19:20:40.0950 5256 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:20:40.0950 5256 HidBth - ok
19:20:40.0981 5256 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:20:40.0981 5256 HidIr - ok
19:20:40.0997 5256 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:20:41.0044 5256 hidserv - ok
19:20:41.0090 5256 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:20:41.0106 5256 HidUsb - ok
19:20:41.0137 5256 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:20:41.0184 5256 hkmsvc - ok
19:20:41.0215 5256 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:20:41.0246 5256 HomeGroupListener - ok
19:20:41.0293 5256 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:20:41.0309 5256 HomeGroupProvider - ok
19:20:41.0371 5256 [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
19:20:41.0387 5256 hotcore3 - ok
19:20:41.0418 5256 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:20:41.0434 5256 HpSAMD - ok
19:20:41.0480 5256 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:20:41.0527 5256 HTCAND64 - ok
19:20:41.0574 5256 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:20:41.0574 5256 htcnprot - ok
19:20:41.0636 5256 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:20:41.0699 5256 HTTP - ok
19:20:41.0730 5256 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:20:41.0746 5256 hwpolicy - ok
19:20:41.0808 5256 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:20:41.0808 5256 i8042prt - ok
19:20:41.0855 5256 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:20:41.0870 5256 iaStorV - ok
19:20:41.0933 5256 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:20:41.0948 5256 idsvc - ok
19:20:41.0980 5256 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:20:41.0995 5256 iirsp - ok
19:20:42.0042 5256 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:20:42.0104 5256 IKEEXT - ok
19:20:42.0151 5256 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:20:42.0167 5256 intelide - ok
19:20:42.0182 5256 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:20:42.0214 5256 intelppm - ok
19:20:42.0245 5256 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:20:42.0292 5256 IPBusEnum - ok
19:20:42.0323 5256 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:20:42.0370 5256 IpFilterDriver - ok
19:20:42.0416 5256 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:20:42.0479 5256 iphlpsvc - ok
19:20:42.0526 5256 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:20:42.0557 5256 IPMIDRV - ok
19:20:42.0588 5256 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:20:42.0635 5256 IPNAT - ok
19:20:42.0666 5256 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:20:42.0713 5256 IRENUM - ok
19:20:42.0744 5256 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:20:42.0760 5256 isapnp - ok
19:20:42.0791 5256 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:20:42.0806 5256 iScsiPrt - ok
19:20:42.0853 5256 [ 51FC0BE21618B57AF581CD29CF8D9636 ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
19:20:42.0853 5256 IvtBtBUs - ok
19:20:42.0900 5256 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:20:42.0916 5256 kbdclass - ok
19:20:42.0947 5256 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:20:42.0978 5256 kbdhid - ok
19:20:42.0994 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
19:20:43.0009 5256 KeyIso - ok
19:20:43.0056 5256 [ 42740B5C9B9D1E0E172F441182474DC0 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:20:43.0072 5256 KMWDFILTER - ok
19:20:43.0087 5256 [ 393B6C708B318C457317A32A1F45C545 ] KMWDSERVICE C:\Program Files (x86)\Silvercrest MTS2218 driver\KMWDSrv.exe
19:20:43.0087 5256 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - warning
19:20:43.0087 5256 KMWDSERVICE - detected UnsignedFile.Multi.Generic (1)
19:20:43.0134 5256 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:20:43.0134 5256 KSecDD - ok
19:20:43.0150 5256 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:20:43.0165 5256 KSecPkg - ok
19:20:43.0181 5256 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:20:43.0228 5256 ksthunk - ok
19:20:43.0259 5256 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:20:43.0306 5256 KtmRm - ok
19:20:43.0368 5256 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:20:43.0415 5256 LanmanServer - ok
19:20:43.0446 5256 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:20:43.0493 5256 LanmanWorkstation - ok
19:20:43.0571 5256 [ ACEC35F181075B20A5EF4A71958B13DF ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:20:43.0602 5256 libusb0 - ok
19:20:43.0664 5256 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:20:43.0680 5256 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:20:43.0680 5256 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:20:43.0742 5256 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:20:43.0758 5256 lirsgt - ok
19:20:43.0774 5256 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:20:43.0805 5256 lltdio - ok
19:20:43.0836 5256 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:20:43.0883 5256 lltdsvc - ok
19:20:43.0898 5256 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:20:43.0930 5256 lmhosts - ok
19:20:43.0976 5256 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:20:43.0992 5256 LSI_FC - ok
19:20:44.0039 5256 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:20:44.0086 5256 LSI_SAS - ok
19:20:44.0195 5256 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:20:44.0195 5256 LSI_SAS2 - ok
19:20:44.0210 5256 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:20:44.0226 5256 LSI_SCSI - ok
19:20:44.0242 5256 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:20:44.0288 5256 luafv - ok
19:20:44.0351 5256 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
19:20:44.0382 5256 MarvinBus - ok
19:20:44.0429 5256 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:20:44.0460 5256 Mcx2Svc - ok
19:20:44.0476 5256 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:20:44.0476 5256 megasas - ok
19:20:44.0507 5256 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:20:44.0522 5256 MegaSR - ok
19:20:44.0554 5256 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:20:44.0554 5256 Microsoft Office Groove Audit Service - ok
19:20:44.0585 5256 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:20:44.0632 5256 MMCSS - ok
19:20:44.0663 5256 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:20:44.0710 5256 Modem - ok
19:20:44.0741 5256 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:20:44.0772 5256 monitor - ok
19:20:44.0819 5256 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:20:44.0834 5256 mouclass - ok
19:20:44.0850 5256 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:20:44.0881 5256 mouhid - ok
19:20:44.0928 5256 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:20:44.0944 5256 mountmgr - ok
19:20:44.0959 5256 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:20:44.0975 5256 mpio - ok
19:20:45.0006 5256 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:20:45.0053 5256 mpsdrv - ok
19:20:45.0100 5256 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:20:45.0146 5256 MpsSvc - ok
19:20:45.0162 5256 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:20:45.0178 5256 MRxDAV - ok
19:20:45.0209 5256 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:45.0271 5256 mrxsmb - ok
19:20:45.0318 5256 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:45.0365 5256 mrxsmb10 - ok
19:20:45.0396 5256 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:45.0443 5256 mrxsmb20 - ok
19:20:45.0474 5256 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:20:45.0490 5256 msahci - ok
19:20:45.0521 5256 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:20:45.0536 5256 msdsm - ok
19:20:45.0552 5256 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:20:45.0583 5256 MSDTC - ok
19:20:45.0630 5256 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
19:20:45.0661 5256 MSDV - ok
19:20:45.0692 5256 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:20:45.0724 5256 Msfs - ok
19:20:45.0724 5256 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:20:45.0755 5256 mshidkmdf - ok
19:20:45.0786 5256 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:20:45.0786 5256 msisadrv - ok
19:20:45.0817 5256 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:20:45.0848 5256 MSiSCSI - ok
19:20:45.0864 5256 msiserver - ok
19:20:45.0880 5256 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:20:45.0926 5256 MSKSSRV - ok
19:20:45.0958 5256 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:20:45.0989 5256 MSPCLOCK - ok
19:20:45.0989 5256 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:20:46.0036 5256 MSPQM - ok
19:20:46.0067 5256 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:20:46.0082 5256 MsRPC - ok
19:20:46.0114 5256 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:20:46.0129 5256 mssmbios - ok
19:20:46.0145 5256 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:20:46.0192 5256 MSTEE - ok
19:20:46.0207 5256 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:20:46.0223 5256 MTConfig - ok
19:20:46.0254 5256 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:20:46.0254 5256 Mup - ok
19:20:46.0301 5256 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:20:46.0348 5256 napagent - ok
19:20:46.0394 5256 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:20:46.0426 5256 NativeWifiP - ok
19:20:46.0488 5256 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:20:46.0504 5256 NDIS - ok
19:20:46.0519 5256 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:20:46.0550 5256 NdisCap - ok
19:20:46.0566 5256 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:46.0597 5256 NdisTapi - ok
19:20:46.0597 5256 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:46.0660 5256 Ndisuio - ok
19:20:46.0675 5256 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:46.0706 5256 NdisWan - ok
19:20:46.0738 5256 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:20:46.0753 5256 NDProxy - ok
19:20:46.0769 5256 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:20:46.0816 5256 NetBIOS - ok
19:20:46.0847 5256 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:20:46.0894 5256 NetBT - ok
19:20:46.0909 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
19:20:46.0925 5256 Netlogon - ok
19:20:46.0940 5256 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:20:46.0987 5256 Netman - ok
19:20:47.0034 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0065 5256 NetMsmqActivator - ok
19:20:47.0065 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0065 5256 NetPipeActivator - ok
19:20:47.0096 5256 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:20:47.0143 5256 netprofm - ok
19:20:47.0143 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0143 5256 NetTcpActivator - ok
19:20:47.0159 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0159 5256 NetTcpPortSharing - ok
19:20:47.0174 5256 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:20:47.0190 5256 nfrd960 - ok
19:20:47.0237 5256 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:20:47.0268 5256 NlaSvc - ok
19:20:47.0299 5256 [ F9691BFB0FB9FF500BA6D41FB92E97DE ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
19:20:47.0362 5256 nmwcdcx64 - ok
19:20:47.0393 5256 [ 6EC32C9AF7D148E96D7B4F77290AFECB ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
19:20:47.0440 5256 nmwcdx64 - ok
19:20:47.0455 5256 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:20:47.0486 5256 Npfs - ok
19:20:47.0502 5256 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:20:47.0533 5256 nsi - ok
19:20:47.0533 5256 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:20:47.0580 5256 nsiproxy - ok
19:20:47.0642 5256 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:20:47.0674 5256 Ntfs - ok
19:20:47.0798 5256 [ EAAC965642EF5F818AED508CADF83E4B ] ntk_PowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
19:20:47.0798 5256 ntk_PowerDVD12 - ok
19:20:47.0876 5256 nTuneService - ok
19:20:47.0892 5256 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:20:47.0923 5256 Null - ok
19:20:48.0157 5256 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:48.0469 5256 nvlddmkm - ok
19:20:48.0516 5256 [ 8C1D181480796D7D3366A9381FD7782D ] nvoclk64 C:\Windows\system32\DRIVERS\nvoclk64.sys
19:20:48.0532 5256 nvoclk64 - ok
19:20:48.0563 5256 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:20:48.0578 5256 nvraid - ok
19:20:48.0625 5256 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:20:48.0625 5256 nvstor - ok
19:20:48.0688 5256 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:20:48.0703 5256 nvsvc - ok
19:20:48.0781 5256 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:20:48.0812 5256 nvUpdatusService - ok
19:20:48.0844 5256 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:20:48.0844 5256 nv_agp - ok
19:20:48.0922 5256 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:48.0922 5256 odserv - ok
19:20:48.0968 5256 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:20:49.0000 5256 ohci1394 - ok
19:20:49.0015 5256 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:49.0031 5256 ose - ok
19:20:49.0078 5256 [ 360CC26D92D05F2E174E8BB2E62E7FF6 ] OXYGEN C:\Windows\system32\DRIVERS\MAudioOxygen.sys
19:20:49.0093 5256 OXYGEN - ok
19:20:49.0156 5256 [ 78C1A5447E6179C45C33EFBEC8C9256C ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
19:20:49.0187 5256 OxygenAudioDevMon - ok
19:20:49.0249 5256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:20:49.0327 5256 p2pimsvc - ok
19:20:49.0436 5256 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:20:49.0452 5256 p2psvc - ok
19:20:49.0483 5256 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:20:49.0499 5256 Parport - ok
19:20:49.0530 5256 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:20:49.0546 5256 partmgr - ok
19:20:49.0608 5256 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
19:20:49.0624 5256 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
19:20:49.0624 5256 PassThru Service - detected UnsignedFile.Multi.Generic (1)
19:20:49.0655 5256 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:20:49.0702 5256 PcaSvc - ok
19:20:49.0733 5256 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:20:49.0764 5256 pccsmcfd - ok
19:20:49.0811 5256 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:20:49.0826 5256 pci - ok
19:20:49.0858 5256 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:20:49.0858 5256 pciide - ok
19:20:49.0873 5256 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:20:49.0889 5256 pcmcia - ok
19:20:49.0920 5256 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
19:20:49.0967 5256 pcouffin - ok
19:20:49.0967 5256 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:20:49.0982 5256 pcw - ok
19:20:49.0998 5256 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:20:50.0060 5256 PEAUTH - ok
19:20:50.0107 5256 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:20:50.0138 5256 PeerDistSvc - ok
19:20:50.0201 5256 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:20:50.0216 5256 PerfHost - ok
19:20:50.0279 5256 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:20:50.0326 5256 pla - ok
19:20:50.0372 5256 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:20:50.0404 5256 PlugPlay - ok
19:20:50.0419 5256 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:20:50.0419 5256 PNRPAutoReg - ok
19:20:50.0435 5256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:20:50.0450 5256 PNRPsvc - ok
19:20:50.0497 5256 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:20:50.0544 5256 PolicyAgent - ok
19:20:50.0575 5256 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:20:50.0622 5256 Power - ok
19:20:50.0669 5256 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:20:50.0700 5256 PptpMiniport - ok
19:20:50.0731 5256 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:20:50.0747 5256 Processor - ok
19:20:50.0809 5256 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:20:50.0856 5256 ProfSvc - ok
19:20:50.0872 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
19:20:50.0872 5256 ProtectedStorage - ok
19:20:50.0918 5256 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:20:50.0950 5256 Psched - ok
19:20:50.0996 5256 [ DEFD557D9B8C0FA3CEA6CC576400114E ] pwdrvio C:\Windows\system32\pwdrvio.sys
19:20:50.0996 5256 pwdrvio - ok
19:20:51.0012 5256 [ A2EE3B70A9E05F651B888078726C2787 ] pwdspio C:\Windows\system32\pwdspio.sys
19:20:51.0028 5256 pwdspio - ok
19:20:51.0074 5256 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:20:51.0106 5256 ql2300 - ok
19:20:51.0121 5256 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:20:51.0121 5256 ql40xx - ok
19:20:51.0152 5256 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:20:51.0184 5256 QWAVE - ok
19:20:51.0184 5256 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:20:51.0230 5256 QWAVEdrv - ok
19:20:51.0246 5256 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:20:51.0308 5256 RasAcd - ok
19:20:51.0340 5256 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:20:51.0371 5256 RasAgileVpn - ok
19:20:51.0386 5256 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:20:51.0433 5256 RasAuto - ok
19:20:51.0464 5256 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:51.0511 5256 Rasl2tp - ok
19:20:51.0527 5256 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:20:51.0558 5256 RasMan - ok
19:20:51.0574 5256 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:51.0636 5256 RasPppoe - ok
19:20:51.0652 5256 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:20:51.0714 5256 RasSstp - ok
19:20:51.0730 5256 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:20:51.0792 5256 rdbss - ok
19:20:51.0808 5256 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:20:51.0839 5256 rdpbus - ok
19:20:51.0854 5256 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:51.0886 5256 RDPCDD - ok
19:20:51.0932 5256 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:20:51.0948 5256 RDPDR - ok
19:20:51.0979 5256 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:20:52.0010 5256 RDPENCDD - ok
19:20:52.0026 5256 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:20:52.0057 5256 RDPREFMP - ok
19:20:52.0104 5256 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:20:52.0151 5256 RdpVideoMiniport - ok
19:20:52.0182 5256 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:20:52.0229 5256 RDPWD - ok
19:20:52.0276 5256 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:20:52.0291 5256 rdyboost - ok
19:20:52.0307 5256 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:20:52.0354 5256 RemoteAccess - ok
19:20:52.0369 5256 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:20:52.0416 5256 RemoteRegistry - ok
19:20:52.0432 5256 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:20:52.0478 5256 RpcEptMapper - ok
19:20:52.0494 5256 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:20:52.0510 5256 RpcLocator - ok
19:20:52.0541 5256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:20:52.0572 5256 RpcSs - ok
19:20:52.0603 5256 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:20:52.0634 5256 rspndr - ok
19:20:52.0650 5256 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:20:52.0666 5256 RTL8167 - ok
19:20:52.0697 5256 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:20:52.0728 5256 s3cap - ok
19:20:52.0728 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
19:20:52.0744 5256 SamSs - ok
19:20:52.0775 5256 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:20:52.0790 5256 sbp2port - ok
19:20:52.0806 5256 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:20:52.0837 5256 SCardSvr - ok
19:20:52.0868 5256 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:20:52.0915 5256 scfilter - ok
19:20:52.0962 5256 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:20:52.0993 5256 Schedule - ok
19:20:53.0024 5256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:20:53.0056 5256 SCPolicySvc - ok
19:20:53.0087 5256 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:20:53.0102 5256 SDRSVC - ok
19:20:53.0227 5256 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:20:53.0258 5256 SDScannerService - ok
19:20:53.0321 5256 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:20:53.0352 5256 SDUpdateService - ok
19:20:53.0368 5256 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:20:53.0368 5256 SDWSCService - ok
19:20:53.0399 5256 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:20:53.0446 5256 secdrv - ok
19:20:53.0492 5256 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:20:53.0555 5256 seclogon - ok
19:20:53.0570 5256 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:20:53.0602 5256 SENS - ok
19:20:53.0602 5256 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:20:53.0648 5256 SensrSvc - ok
19:20:53.0680 5256 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:20:53.0695 5256 Serenum - ok
19:20:53.0726 5256 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:20:53.0726 5256 Serial - ok
19:20:53.0773 5256 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:20:53.0789 5256 sermouse - ok
19:20:53.0898 5256 [ C52572A3E609989C2CBEED503E95153E ] ServiceLayer C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
19:20:53.0914 5256 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:20:53.0914 5256 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:20:53.0960 5256 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:20:54.0007 5256 SessionEnv - ok
19:20:54.0038 5256 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:20:54.0070 5256 sffdisk - ok
19:20:54.0085 5256 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:20:54.0116 5256 sffp_mmc - ok
19:20:54.0132 5256 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:20:54.0148 5256 sffp_sd - ok
19:20:54.0179 5256 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:20:54.0194 5256 sfloppy - ok
19:20:54.0226 5256 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:20:54.0257 5256 SharedAccess - ok
19:20:54.0288 5256 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:54.0350 5256 ShellHWDetection - ok
19:20:54.0350 5256 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:20:54.0366 5256 SiSRaid2 - ok
19:20:54.0382 5256 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:20:54.0382 5256 SiSRaid4 - ok
19:20:54.0413 5256 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:20:54.0428 5256 Smb - ok
19:20:54.0475 5256 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:20:54.0506 5256 SNMPTRAP - ok
19:20:54.0584 5256 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
19:20:54.0600 5256 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning
19:20:54.0600 5256 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1)
19:20:54.0647 5256 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:20:54.0647 5256 spldr - ok
19:20:54.0740 5256 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:20:54.0772 5256 Spooler - ok
19:20:54.0865 5256 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:20:54.0943 5256 sppsvc - ok
19:20:54.0974 5256 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:20:55.0021 5256 sppuinotify - ok
19:20:55.0052 5256 sptd - ok
19:20:55.0099 5256 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:20:55.0162 5256 srv - ok
19:20:55.0193 5256 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:20:55.0255 5256 srv2 - ok
19:20:55.0286 5256 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:20:55.0349 5256 srvnet - ok
19:20:55.0380 5256 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:20:55.0427 5256 SSDPSRV - ok
19:20:55.0442 5256 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:20:55.0474 5256 SstpSvc - ok
19:20:55.0505 5256 Steam Client Service - ok
19:20:55.0614 5256 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:55.0630 5256 Stereo Service - ok
19:20:55.0645 5256 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:20:55.0645 5256 stexstor - ok
19:20:55.0692 5256 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:20:55.0739 5256 stisvc - ok
19:20:55.0786 5256 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:20:55.0801 5256 storflt - ok
19:20:55.0832 5256 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:20:55.0848 5256 storvsc - ok
19:20:55.0879 5256 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:20:55.0879 5256 swenum - ok
19:20:55.0910 5256 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:20:55.0973 5256 swprv - ok
19:20:55.0988 5256 Synth3dVsc - ok
19:20:56.0051 5256 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:20:56.0098 5256 SysMain - ok
19:20:56.0129 5256 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:56.0160 5256 TabletInputService - ok
19:20:56.0191 5256 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:20:56.0238 5256 TapiSrv - ok
19:20:56.0254 5256 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:20:56.0285 5256 TBS - ok
19:20:56.0347 5256 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:20:56.0394 5256 Tcpip - ok
19:20:56.0410 5256 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:20:56.0441 5256 TCPIP6 - ok
19:20:56.0472 5256 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:20:56.0534 5256 tcpipreg - ok
19:20:56.0550 5256 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:20:56.0597 5256 TDPIPE - ok
19:20:56.0612 5256 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:20:56.0644 5256 TDTCP - ok
19:20:56.0690 5256 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:20:56.0737 5256 tdx - ok
19:20:56.0768 5256 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:20:56.0768 5256 TermDD - ok
19:20:56.0815 5256 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:20:56.0862 5256 TermService - ok
19:20:56.0878 5256 TFsExDisk - ok
19:20:56.0893 5256 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:20:56.0909 5256 Themes - ok
19:20:56.0924 5256 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:20:56.0956 5256 THREADORDER - ok
19:20:56.0987 5256 [ 0E8A784713A08B39E39565C91ECE48BA ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
19:20:57.0002 5256 tosporte ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0002 5256 tosporte - detected UnsignedFile.Multi.Generic (1)
19:20:57.0002 5256 [ 7F7BEACB582DAED3355C5AE5220C363B ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
19:20:57.0018 5256 tosrfbd ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0018 5256 tosrfbd - detected UnsignedFile.Multi.Generic (1)
19:20:57.0018 5256 [ B955484F53DE2DBB481F99AD10867EBE ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
19:20:57.0049 5256 tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0049 5256 tosrfbnp - detected UnsignedFile.Multi.Generic (1)
19:20:57.0065 5256 [ F31E3217D11158B584711E42E40621EC ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
19:20:57.0065 5256 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0065 5256 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
19:20:57.0080 5256 [ F3C57806B7ECD2101387B9AF39059FF3 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
19:20:57.0096 5256 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0096 5256 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
19:20:57.0112 5256 [ 95552D0B11C70846299DCA2FF0082205 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
19:20:57.0112 5256 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0112 5256 tosrfnds - detected UnsignedFile.Multi.Generic (1)
19:20:57.0127 5256 [ 25BD441F1CEC311648DF259B9DF2999B ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
19:20:57.0143 5256 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0143 5256 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
19:20:57.0174 5256 [ CBD52E5DF13FAB87A0206E031EEF42A4 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
19:20:57.0190 5256 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0190 5256 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
19:20:57.0221 5256 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:20:57.0268 5256 TrkWks - ok
19:20:57.0330 5256 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:57.0361 5256 TrustedInstaller - ok
19:20:57.0392 5256 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:57.0455 5256 tssecsrv - ok
19:20:57.0486 5256 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:20:57.0517 5256 TsUsbFlt - ok
19:20:57.0533 5256 tsusbhub - ok
19:20:57.0564 5256 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:20:57.0595 5256 tunnel - ok
19:20:57.0626 5256 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:20:57.0626 5256 uagp35 - ok
19:20:57.0642 5256 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:20:57.0689 5256 udfs - ok
19:20:57.0720 5256 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:20:57.0720 5256 UI0Detect - ok
19:20:57.0767 5256 [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
19:20:57.0767 5256 UimBus - ok
19:20:57.0814 5256 [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
19:20:57.0829 5256 Uim_IM - ok
19:20:57.0860 5256 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:20:57.0876 5256 uliagpkx - ok
19:20:57.0923 5256 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:20:57.0938 5256 umbus - ok
19:20:57.0970 5256 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:20:58.0001 5256 UmPass - ok
19:20:58.0032 5256 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:20:58.0048 5256 UmRdpService - ok
19:20:58.0079 5256 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:20:58.0126 5256 upnphost - ok
19:20:58.0204 5256 [ 1D6F13DE33143D7AE9278B1002FBEF4A ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:20:58.0235 5256 upperdev - ok
19:20:58.0282 5256 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:20:58.0297 5256 usbaudio - ok
19:20:58.0313 5256 usbbus - ok
19:20:58.0360 5256 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:20:58.0375 5256 usbccgp - ok
19:20:58.0406 5256 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:20:58.0406 5256 usbcir - ok
19:20:58.0422 5256 UsbDiag - ok
19:20:58.0438 5256 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:20:58.0453 5256 usbehci - ok
19:20:58.0500 5256 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:20:58.0516 5256 usbhub - ok
19:20:58.0516 5256 USBModem - ok
19:20:58.0531 5256 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:20:58.0531 5256 usbohci - ok
19:20:58.0547 5256 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:20:58.0562 5256 usbprint - ok
19:20:58.0594 5256 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:20:58.0609 5256 usbscan - ok
19:20:58.0640 5256 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
19:20:58.0687 5256 usbser - ok
19:20:58.0718 5256 [ A700B43E25B51D17B9F8D389F183D72A ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
19:20:58.0750 5256 UsbserFilt - ok
19:20:58.0781 5256 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:58.0812 5256 USBSTOR - ok
19:20:58.0828 5256 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:20:58.0859 5256 usbuhci - ok
19:20:58.0874 5256 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:20:58.0906 5256 usb_rndisx - ok
19:20:58.0937 5256 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:20:58.0984 5256 UxSms - ok
19:20:58.0999 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
19:20:59.0015 5256 VaultSvc - ok
19:20:59.0046 5256 [ 0F1A9DC0B9CE1547BE8AB996543DFA4F ] VComm C:\Windows\system32\DRIVERS\VComm.sys
19:20:59.0062 5256 VComm - ok
19:20:59.0062 5256 [ 7FBAA98966BABB4901DEB47C2F84848A ] VcommMgr C:\Windows\system32\Drivers\VcommMgr.sys
19:20:59.0062 5256 VcommMgr - ok
19:20:59.0108 5256 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:20:59.0108 5256 vdrvroot - ok
19:20:59.0155 5256 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:20:59.0186 5256 vds - ok
19:20:59.0202 5256 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:59.0202 5256 vga - ok
19:20:59.0218 5256 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:20:59.0264 5256 VgaSave - ok
19:20:59.0264 5256 VGPU - ok
19:20:59.0296 5256 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:20:59.0311 5256 vhdmp - ok
19:20:59.0358 5256 [ B65B1EE79DF689C6871316DD2E538DCE ] VHidMinidrv C:\Windows\system32\drivers\VHIDMini.sys
19:20:59.0358 5256 VHidMinidrv - ok
19:20:59.0389 5256 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:20:59.0389 5256 viaide - ok
19:20:59.0436 5256 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:20:59.0436 5256 vmbus - ok
19:20:59.0467 5256 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:20:59.0483 5256 VMBusHID - ok
19:20:59.0561 5256 [ C6F8FBDE19960E0B172CD76D2677F5E2 ] vmm C:\Windows\system32\Treiber\vmm.sys
19:20:59.0608 5256 vmm - ok
19:20:59.0732 5256 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:20:59.0732 5256 volmgr - ok
19:20:59.0779 5256 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:20:59.0779 5256 volmgrx - ok
19:20:59.0842 5256 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:20:59.0857 5256 volsnap - ok
19:20:59.0873 5256 [ 6BDCA00FC57CC40DA3C8E88B2CEA21AB ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
19:20:59.0888 5256 VPCNetS2 - ok
19:20:59.0904 5256 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:20:59.0920 5256 vsmraid - ok
19:20:59.0966 5256 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:21:00.0029 5256 VSS - ok
19:21:00.0044 5256 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:21:00.0076 5256 vwifibus - ok
19:21:00.0107 5256 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:21:00.0138 5256 W32Time - ok
19:21:00.0154 5256 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:21:00.0154 5256 WacomPen - ok
19:21:00.0200 5256 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:21:00.0247 5256 WANARP - ok
19:21:00.0247 5256 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:21:00.0278 5256 Wanarpv6 - ok
19:21:00.0325 5256 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:21:00.0356 5256 wbengine - ok
19:21:00.0388 5256 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:21:00.0403 5256 WbioSrvc - ok
19:21:00.0450 5256 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:21:00.0481 5256 wcncsvc - ok
19:21:00.0512 5256 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:00.0528 5256 WcsPlugInService - ok
19:21:00.0544 5256 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:21:00.0559 5256 Wd - ok
19:21:00.0575 5256 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:21:00.0590 5256 Wdf01000 - ok
19:21:00.0606 5256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:21:00.0684 5256 WdiServiceHost - ok
19:21:00.0684 5256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:21:00.0700 5256 WdiSystemHost - ok
19:21:00.0746 5256 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:21:00.0762 5256 WebClient - ok
19:21:00.0793 5256 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:21:00.0824 5256 Wecsvc - ok
19:21:00.0840 5256 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:21:00.0871 5256 wercplsupport - ok
19:21:00.0887 5256 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:21:00.0918 5256 WerSvc - ok
19:21:00.0949 5256 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:00.0965 5256 WfpLwf - ok
19:21:00.0980 5256 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:21:00.0980 5256 WIMMount - ok
19:21:00.0996 5256 WinDefend - ok
19:21:01.0012 5256 WinHttpAutoProxySvc - ok
19:21:01.0043 5256 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:21:01.0074 5256 Winmgmt - ok
19:21:01.0136 5256 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:21:01.0199 5256 WinRM - ok
19:21:01.0261 5256 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:21:01.0277 5256 WinUsb - ok
19:21:01.0308 5256 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:21:01.0355 5256 Wlansvc - ok
19:21:01.0448 5256 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:21:01.0480 5256 wlidsvc - ok
19:21:01.0511 5256 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:21:01.0542 5256 WmiAcpi - ok
19:21:01.0573 5256 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:21:01.0604 5256 wmiApSrv - ok
19:21:01.0636 5256 WMPNetworkSvc - ok
19:21:01.0651 5256 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:21:01.0667 5256 WPCSvc - ok
19:21:01.0714 5256 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:21:01.0729 5256 WPDBusEnum - ok
19:21:01.0745 5256 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:21:01.0792 5256 ws2ifsl - ok
19:21:01.0823 5256 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:21:01.0854 5256 wscsvc - ok
19:21:01.0854 5256 WSearch - ok
19:21:01.0901 5256 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
19:21:01.0979 5256 wuauserv - ok
19:21:02.0010 5256 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:21:02.0041 5256 WudfPf - ok
19:21:02.0072 5256 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:02.0104 5256 WUDFRd - ok
19:21:02.0119 5256 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:21:02.0150 5256 wudfsvc - ok
19:21:02.0166 5256 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:21:02.0197 5256 WwanSvc - ok
19:21:02.0244 5256 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:21:02.0244 5256 xusb21 - ok
19:21:02.0322 5256 zlportio - ok
19:21:02.0447 5256 [ 74983ADDCA2D9618512C088D856D6615 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
19:21:02.0447 5256 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
19:21:02.0462 5256 ================ Scan global ===============================
19:21:02.0478 5256 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:21:02.0509 5256 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:21:02.0525 5256 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:21:02.0525 5256 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:21:02.0556 5256 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:21:02.0556 5256 [Global] - ok
19:21:02.0572 5256 ================ Scan MBR ==================================
19:21:02.0572 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:21:02.0728 5256 \Device\Harddisk0\DR0 - ok
19:21:02.0743 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:21:02.0790 5256 \Device\Harddisk1\DR1 - ok
19:21:02.0790 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:21:02.0837 5256 \Device\Harddisk2\DR2 - ok
19:21:02.0837 5256 ================ Scan VBR ==================================
19:21:02.0852 5256 [ D91CCE85F3CA34F7B8496D3FC636C354 ] \Device\Harddisk0\DR0\Partition1
19:21:02.0852 5256 \Device\Harddisk0\DR0\Partition1 - ok
19:21:02.0868 5256 [ 3C71007E0980769BDB9C7EFEE82D86B1 ] \Device\Harddisk0\DR0\Partition2
19:21:02.0868 5256 \Device\Harddisk0\DR0\Partition2 - ok
19:21:02.0868 5256 [ 2F6A500EB489D08D61A7F9D9BB5EF8E0 ] \Device\Harddisk1\DR1\Partition1
19:21:02.0868 5256 \Device\Harddisk1\DR1\Partition1 - ok
19:21:02.0868 5256 [ 14C810AE86625B14EE9785455C2F7656 ] \Device\Harddisk1\DR1\Partition2
19:21:02.0884 5256 \Device\Harddisk1\DR1\Partition2 - ok
19:21:02.0884 5256 [ CE83EE1488E6A38964B0CE38D6328C09 ] \Device\Harddisk1\DR1\Partition3
19:21:02.0884 5256 \Device\Harddisk1\DR1\Partition3 - ok
19:21:02.0884 5256 [ F2F7EE3FD90A48D2CCFB51459454D3B3 ] \Device\Harddisk2\DR2\Partition1
19:21:02.0884 5256 \Device\Harddisk2\DR2\Partition1 - ok
19:21:02.0884 5256 ============================================================
19:21:02.0884 5256 Scan finished
19:21:02.0884 5256 ============================================================
19:21:02.0884 2868 Detected object count: 18
19:21:02.0884 2868 Actual detected object count: 18
|
|
23.01.2013, 20:59
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Log vom TDSS-Killer ist unvollständig, die untere Zusammenfassung fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.01.2013, 21:32
| #15 |
| | GVU-Trojaner- WindowsUnlocker bereits erfolgreich Sorry für die Umstände, wurde beim copy + paste irgendwie abgeschnitten: Code:
ATTFilter
19:19:27.0209 3188 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:19:27.0380 3188 ============================================================
19:19:27.0380 3188 Current date / time: 2013/01/23 19:19:27.0380
19:19:27.0380 3188 SystemInfo:
19:19:27.0380 3188
19:19:27.0380 3188 OS Version: 6.1.7601 ServicePack: 1.0
19:19:27.0380 3188 Product type: Workstation
19:19:27.0380 3188 ComputerName: xxx-PC
19:19:27.0380 3188 UserName: xxx
19:19:27.0380 3188 Windows directory: C:\Windows
19:19:27.0380 3188 System windows directory: C:\Windows
19:19:27.0380 3188 Running under WOW64
19:19:27.0380 3188 Processor architecture: Intel x64
19:19:27.0380 3188 Number of processors: 4
19:19:27.0380 3188 Page size: 0x1000
19:19:27.0380 3188 Boot type: Normal boot
19:19:27.0380 3188 ============================================================
19:19:28.0285 3188 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:19:28.0301 3188 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:28.0332 3188 Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:28.0410 3188 ============================================================
19:19:28.0410 3188 \Device\Harddisk0\DR0:
19:19:28.0410 3188 MBR partitions:
19:19:28.0410 3188 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:19:28.0410 3188 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3000
19:19:28.0410 3188 \Device\Harddisk1\DR1:
19:19:28.0410 3188 MBR partitions:
19:19:28.0410 3188 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x257FFBD8
19:19:28.0441 3188 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x25800418, BlocksNum 0x257FE2D1
19:19:28.0457 3188 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x4AFFE728, BlocksNum 0x2970725A
19:19:28.0457 3188 \Device\Harddisk2\DR2:
19:19:28.0457 3188 MBR partitions:
19:19:28.0457 3188 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
19:19:28.0457 3188 ============================================================
19:19:28.0472 3188 L: <-> \Device\Harddisk1\DR1\Partition2
19:19:28.0503 3188 M: <-> \Device\Harddisk1\DR1\Partition3
19:19:28.0535 3188 D: <-> \Device\Harddisk1\DR1\Partition1
19:19:28.0550 3188 E: <-> \Device\Harddisk2\DR2\Partition1
19:19:28.0581 3188 C: <-> \Device\Harddisk0\DR0\Partition2
19:19:28.0581 3188 ============================================================
19:19:28.0581 3188 Initialize success
19:19:28.0581 3188 ============================================================
19:20:30.0233 5256 ============================================================
19:20:30.0233 5256 Scan started
19:20:30.0233 5256 Mode: Manual; SigCheck; TDLFS;
19:20:30.0233 5256 ============================================================
19:20:31.0200 5256 ================ Scan system memory ========================
19:20:31.0200 5256 System memory - ok
19:20:31.0200 5256 ================ Scan services =============================
19:20:31.0340 5256 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:20:31.0434 5256 1394ohci - ok
19:20:31.0496 5256 [ E0A8525A951ADDB4655BC2068566407D ] 61883 C:\Windows\system32\DRIVERS\61883.sys
19:20:31.0543 5256 61883 - ok
19:20:31.0590 5256 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
19:20:31.0621 5256 acedrv11 - ok
19:20:31.0668 5256 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:20:31.0684 5256 ACPI - ok
19:20:31.0715 5256 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:20:31.0777 5256 AcpiPmi - ok
19:20:31.0840 5256 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
19:20:31.0840 5256 adfs - ok
19:20:31.0980 5256 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:20:31.0980 5256 AdobeARMservice - ok
19:20:32.0042 5256 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:20:32.0058 5256 adp94xx - ok
19:20:32.0089 5256 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:20:32.0089 5256 adpahci - ok
19:20:32.0105 5256 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:20:32.0120 5256 adpu320 - ok
19:20:32.0136 5256 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:20:32.0230 5256 AeLookupSvc - ok
19:20:32.0292 5256 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys
19:20:32.0432 5256 AFD - ok
19:20:32.0464 5256 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:20:32.0464 5256 agp440 - ok
19:20:32.0495 5256 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:20:32.0542 5256 ALG - ok
19:20:32.0588 5256 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:20:32.0588 5256 aliide - ok
19:20:32.0635 5256 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:20:32.0635 5256 amdide - ok
19:20:32.0666 5256 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:20:32.0698 5256 AmdK8 - ok
19:20:32.0713 5256 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:20:32.0744 5256 AmdPPM - ok
19:20:32.0776 5256 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:20:32.0791 5256 amdsata - ok
19:20:32.0807 5256 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:20:32.0822 5256 amdsbs - ok
19:20:32.0838 5256 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:20:32.0838 5256 amdxata - ok
19:20:32.0869 5256 [ D6D5D76A5A384C616E6B9D1DD9EA62AF ] andnetadb C:\Windows\system32\Drivers\lgandnetadb.sys
19:20:32.0916 5256 andnetadb - ok
19:20:32.0947 5256 [ 8B3236C07EF8A2B714A8B64D8EA0F2AB ] AndNetDiag C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
19:20:32.0978 5256 AndNetDiag - ok
19:20:32.0994 5256 [ 17D42F72B6DC32F1DAC96E948E60037E ] ANDNetModem C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
19:20:33.0025 5256 ANDNetModem - ok
19:20:33.0072 5256 [ A1D5155BD93F7F1933C2D91AACC7FA62 ] andnetndis C:\Windows\system32\DRIVERS\lgandnetndis64.sys
19:20:33.0119 5256 andnetndis - ok
19:20:33.0197 5256 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:20:33.0197 5256 AntiVirSchedulerService - ok
19:20:33.0244 5256 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:20:33.0244 5256 AntiVirService - ok
19:20:33.0290 5256 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:20:33.0337 5256 AppID - ok
19:20:33.0368 5256 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:20:33.0415 5256 AppIDSvc - ok
19:20:33.0431 5256 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:20:33.0462 5256 Appinfo - ok
19:20:33.0509 5256 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:20:33.0556 5256 AppMgmt - ok
19:20:33.0587 5256 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:20:33.0587 5256 arc - ok
19:20:33.0602 5256 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:20:33.0602 5256 arcsas - ok
19:20:33.0727 5256 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:20:33.0774 5256 aspnet_state - ok
19:20:33.0805 5256 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:20:33.0836 5256 AsyncMac - ok
19:20:33.0868 5256 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:20:33.0883 5256 atapi - ok
19:20:33.0930 5256 [ FC0E8778C000291CAF60EB88C011E931 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:20:33.0946 5256 atksgt - ok
19:20:33.0992 5256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:20:34.0070 5256 AudioEndpointBuilder - ok
19:20:34.0070 5256 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:20:34.0102 5256 AudioSrv - ok
19:20:34.0148 5256 [ 16FABE84916623D0607E4A975544032C ] Avc C:\Windows\system32\DRIVERS\avc.sys
19:20:34.0180 5256 Avc - ok
19:20:34.0242 5256 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:20:34.0258 5256 avgntflt - ok
19:20:34.0258 5256 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:20:34.0273 5256 avipbb - ok
19:20:34.0289 5256 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:20:34.0289 5256 avkmgr - ok
19:20:34.0336 5256 [ D1A9AE485FFF7C72CA50D8949B2210B9 ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
19:20:34.0367 5256 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
19:20:34.0367 5256 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
19:20:34.0398 5256 [ 1DC2F715792CF33428AD7993ACBD224D ] avmeject C:\Windows\system32\drivers\avmeject.sys
19:20:34.0414 5256 avmeject - ok
19:20:34.0460 5256 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:20:34.0523 5256 AxInstSV - ok
19:20:34.0538 5256 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:20:34.0585 5256 b06bdrv - ok
19:20:34.0601 5256 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:20:34.0632 5256 b57nd60a - ok
19:20:34.0679 5256 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:20:34.0710 5256 BDESVC - ok
19:20:34.0741 5256 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:20:34.0788 5256 Beep - ok
19:20:34.0835 5256 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:20:34.0897 5256 BFE - ok
19:20:34.0991 5256 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe
19:20:35.0006 5256 bgsvcgen - ok
19:20:35.0038 5256 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:20:35.0084 5256 BITS - ok
19:20:35.0116 5256 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:20:35.0147 5256 blbdrive - ok
19:20:35.0225 5256 [ 2E985F8082120C0661B62B8D2D9824BE ] BlueSoleilCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
19:20:35.0272 5256 BlueSoleilCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0272 5256 BlueSoleilCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0287 5256 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:20:35.0334 5256 bowser - ok
19:20:35.0350 5256 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:20:35.0350 5256 BrFiltLo - ok
19:20:35.0365 5256 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:20:35.0396 5256 BrFiltUp - ok
19:20:35.0428 5256 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:20:35.0459 5256 Browser - ok
19:20:35.0490 5256 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:20:35.0506 5256 Brserid - ok
19:20:35.0521 5256 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:20:35.0552 5256 BrSerWdm - ok
19:20:35.0568 5256 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:20:35.0599 5256 BrUsbMdm - ok
19:20:35.0615 5256 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:20:35.0646 5256 BrUsbSer - ok
19:20:35.0693 5256 [ B6FA1F4EF227812FF98F1401E4DBCA10 ] BsHelpCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
19:20:35.0724 5256 BsHelpCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0724 5256 BsHelpCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0755 5256 [ 7135AF330649DB0EA1E968E42D5CA5AB ] BsMobileCS C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsMobileCS.exe
19:20:35.0786 5256 BsMobileCS ( UnsignedFile.Multi.Generic ) - warning
19:20:35.0786 5256 BsMobileCS - detected UnsignedFile.Multi.Generic (1)
19:20:35.0802 5256 [ EA05E37130B94670E8AA3379EAFAE22E ] BT C:\Windows\system32\DRIVERS\btnetdrv.sys
19:20:35.0818 5256 BT - ok
19:20:35.0833 5256 [ B2FD180ED01C31800FAE65E63052DFE7 ] Btcsrusb C:\Windows\system32\Drivers\btcusb.sys
19:20:35.0849 5256 Btcsrusb - ok
19:20:35.0849 5256 [ 901F25FE9D0B0E9A693968D0556AA6DA ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
19:20:35.0864 5256 BtHidBus - ok
19:20:35.0864 5256 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:20:35.0896 5256 BTHMODEM - ok
19:20:35.0942 5256 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:20:35.0989 5256 bthserv - ok
19:20:36.0020 5256 [ 809B63EB22CA285FC22AE2238DF65EFD ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
19:20:36.0020 5256 btnetBUs - ok
19:20:36.0052 5256 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:20:36.0098 5256 cdfs - ok
19:20:36.0130 5256 cdrbsdrv - ok
19:20:36.0176 5256 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:20:36.0208 5256 cdrom - ok
19:20:36.0254 5256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:20:36.0317 5256 CertPropSvc - ok
19:20:36.0379 5256 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:20:36.0442 5256 circlass - ok
19:20:36.0488 5256 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:20:36.0504 5256 CLFS - ok
19:20:36.0676 5256 [ 4C6406CF07D4EBB70C5774D55C6688FB ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
19:20:36.0676 5256 CLHNServiceForPowerDVD12 - ok
19:20:36.0722 5256 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:20:36.0738 5256 clr_optimization_v2.0.50727_32 - ok
19:20:36.0769 5256 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:20:36.0769 5256 clr_optimization_v2.0.50727_64 - ok
19:20:36.0863 5256 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:20:36.0941 5256 clr_optimization_v4.0.30319_32 - ok
19:20:36.0972 5256 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:20:36.0972 5256 clr_optimization_v4.0.30319_64 - ok
19:20:37.0003 5256 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:20:37.0034 5256 CmBatt - ok
19:20:37.0066 5256 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:20:37.0081 5256 cmdide - ok
19:20:37.0112 5256 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
19:20:37.0144 5256 CNG - ok
19:20:37.0159 5256 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:20:37.0175 5256 Compbatt - ok
19:20:37.0206 5256 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:20:37.0253 5256 CompositeBus - ok
19:20:37.0268 5256 COMSysApp - ok
19:20:37.0284 5256 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:20:37.0284 5256 crcdisk - ok
19:20:37.0331 5256 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:20:37.0393 5256 CryptSvc - ok
19:20:37.0409 5256 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:20:37.0471 5256 CSC - ok
19:20:37.0502 5256 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:20:37.0534 5256 CscService - ok
19:20:37.0627 5256 [ EA22BCA708B37B82ADEBC822A171B92E ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
19:20:37.0627 5256 CyberLink PowerDVD 12 Media Server Monitor Service - ok
19:20:37.0658 5256 [ 3168D2F171A64590E7A11355CAE60A1E ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
19:20:37.0658 5256 CyberLink PowerDVD 12 Media Server Service - ok
19:20:37.0721 5256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:20:37.0768 5256 DcomLaunch - ok
19:20:37.0799 5256 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:20:37.0846 5256 defragsvc - ok
19:20:37.0892 5256 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:20:37.0939 5256 DfsC - ok
19:20:37.0970 5256 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:20:38.0002 5256 Dhcp - ok
19:20:38.0002 5256 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:20:38.0048 5256 discache - ok
19:20:38.0080 5256 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:20:38.0095 5256 Disk - ok
19:20:38.0126 5256 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:20:38.0173 5256 Dnscache - ok
19:20:38.0220 5256 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:20:38.0267 5256 dot3svc - ok
19:20:38.0298 5256 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:20:38.0345 5256 DPS - ok
19:20:38.0392 5256 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:20:38.0423 5256 drmkaud - ok
19:20:38.0485 5256 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:20:38.0501 5256 DXGKrnl - ok
19:20:38.0516 5256 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:20:38.0563 5256 EapHost - ok
19:20:38.0626 5256 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:20:38.0719 5256 ebdrv - ok
19:20:38.0750 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
19:20:38.0750 5256 EFS - ok
19:20:38.0875 5256 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:20:38.0953 5256 ehRecvr - ok
19:20:38.0969 5256 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:20:38.0984 5256 ehSched - ok
19:20:39.0016 5256 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:20:39.0031 5256 elxstor - ok
19:20:39.0062 5256 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:20:39.0094 5256 ErrDev - ok
19:20:39.0140 5256 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:20:39.0187 5256 EventSystem - ok
19:20:39.0203 5256 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:20:39.0234 5256 exfat - ok
19:20:39.0296 5256 Fabs - ok
19:20:39.0312 5256 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:20:39.0343 5256 fastfat - ok
19:20:39.0406 5256 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:20:39.0452 5256 Fax - ok
19:20:39.0468 5256 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:20:39.0484 5256 fdc - ok
19:20:39.0515 5256 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:20:39.0546 5256 fdPHost - ok
19:20:39.0562 5256 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:20:39.0608 5256 FDResPub - ok
19:20:39.0624 5256 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:20:39.0640 5256 FileInfo - ok
19:20:39.0655 5256 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:20:39.0686 5256 Filetrace - ok
19:20:39.0796 5256 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
19:20:39.0858 5256 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
19:20:39.0858 5256 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
19:20:39.0920 5256 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:20:39.0936 5256 FLEXnet Licensing Service - ok
19:20:39.0998 5256 [ 1C3FB052A0BB72EDAED90785C34D6EED ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
19:20:40.0030 5256 FLEXnet Licensing Service 64 - ok
19:20:40.0045 5256 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:20:40.0045 5256 flpydisk - ok
19:20:40.0092 5256 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:20:40.0108 5256 FltMgr - ok
19:20:40.0139 5256 [ 5B92E2B067F64DC53698EB84966B3F0D ] FontCache C:\Windows\system32\FntCache.dll
19:20:40.0217 5256 FontCache - ok
19:20:40.0264 5256 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:20:40.0264 5256 FontCache3.0.0.0 - ok
19:20:40.0295 5256 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:20:40.0295 5256 FsDepends - ok
19:20:40.0310 5256 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:20:40.0326 5256 Fs_Rec - ok
19:20:40.0373 5256 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:20:40.0388 5256 fvevol - ok
19:20:40.0420 5256 [ 444534CBA693DD23C1CC589681E01656 ] FWLANUSB C:\Windows\system32\DRIVERS\fwlanusb.sys
19:20:40.0451 5256 FWLANUSB - ok
19:20:40.0466 5256 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:20:40.0482 5256 gagp30kx - ok
19:20:40.0529 5256 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:20:40.0576 5256 gpsvc - ok
19:20:40.0622 5256 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
19:20:40.0622 5256 grmnusb - ok
19:20:40.0685 5256 [ 5467F1FF0AF264566740F67E8B810735 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:20:40.0700 5256 gusvc - ok
19:20:40.0716 5256 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:20:40.0747 5256 hcw85cir - ok
19:20:40.0810 5256 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:20:40.0825 5256 HdAudAddService - ok
19:20:40.0888 5256 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:20:40.0888 5256 HDAudBus - ok
19:20:40.0903 5256 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:20:40.0934 5256 HidBatt - ok
19:20:40.0950 5256 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:20:40.0950 5256 HidBth - ok
19:20:40.0981 5256 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:20:40.0981 5256 HidIr - ok
19:20:40.0997 5256 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:20:41.0044 5256 hidserv - ok
19:20:41.0090 5256 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
19:20:41.0106 5256 HidUsb - ok
19:20:41.0137 5256 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:20:41.0184 5256 hkmsvc - ok
19:20:41.0215 5256 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:20:41.0246 5256 HomeGroupListener - ok
19:20:41.0293 5256 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:20:41.0309 5256 HomeGroupProvider - ok
19:20:41.0371 5256 [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3 C:\Windows\system32\DRIVERS\hotcore3.sys
19:20:41.0387 5256 hotcore3 - ok
19:20:41.0418 5256 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:20:41.0434 5256 HpSAMD - ok
19:20:41.0480 5256 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
19:20:41.0527 5256 HTCAND64 - ok
19:20:41.0574 5256 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
19:20:41.0574 5256 htcnprot - ok
19:20:41.0636 5256 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:20:41.0699 5256 HTTP - ok
19:20:41.0730 5256 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:20:41.0746 5256 hwpolicy - ok
19:20:41.0808 5256 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:20:41.0808 5256 i8042prt - ok
19:20:41.0855 5256 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:20:41.0870 5256 iaStorV - ok
19:20:41.0933 5256 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:20:41.0948 5256 idsvc - ok
19:20:41.0980 5256 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:20:41.0995 5256 iirsp - ok
19:20:42.0042 5256 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:20:42.0104 5256 IKEEXT - ok
19:20:42.0151 5256 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:20:42.0167 5256 intelide - ok
19:20:42.0182 5256 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:20:42.0214 5256 intelppm - ok
19:20:42.0245 5256 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:20:42.0292 5256 IPBusEnum - ok
19:20:42.0323 5256 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:20:42.0370 5256 IpFilterDriver - ok
19:20:42.0416 5256 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:20:42.0479 5256 iphlpsvc - ok
19:20:42.0526 5256 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:20:42.0557 5256 IPMIDRV - ok
19:20:42.0588 5256 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:20:42.0635 5256 IPNAT - ok
19:20:42.0666 5256 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:20:42.0713 5256 IRENUM - ok
19:20:42.0744 5256 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:20:42.0760 5256 isapnp - ok
19:20:42.0791 5256 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:20:42.0806 5256 iScsiPrt - ok
19:20:42.0853 5256 [ 51FC0BE21618B57AF581CD29CF8D9636 ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
19:20:42.0853 5256 IvtBtBUs - ok
19:20:42.0900 5256 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:20:42.0916 5256 kbdclass - ok
19:20:42.0947 5256 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:20:42.0978 5256 kbdhid - ok
19:20:42.0994 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
19:20:43.0009 5256 KeyIso - ok
19:20:43.0056 5256 [ 42740B5C9B9D1E0E172F441182474DC0 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
19:20:43.0072 5256 KMWDFILTER - ok
19:20:43.0087 5256 [ 393B6C708B318C457317A32A1F45C545 ] KMWDSERVICE C:\Program Files (x86)\Silvercrest MTS2218 driver\KMWDSrv.exe
19:20:43.0087 5256 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - warning
19:20:43.0087 5256 KMWDSERVICE - detected UnsignedFile.Multi.Generic (1)
19:20:43.0134 5256 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:20:43.0134 5256 KSecDD - ok
19:20:43.0150 5256 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:20:43.0165 5256 KSecPkg - ok
19:20:43.0181 5256 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:20:43.0228 5256 ksthunk - ok
19:20:43.0259 5256 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:20:43.0306 5256 KtmRm - ok
19:20:43.0368 5256 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:20:43.0415 5256 LanmanServer - ok
19:20:43.0446 5256 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:20:43.0493 5256 LanmanWorkstation - ok
19:20:43.0571 5256 [ ACEC35F181075B20A5EF4A71958B13DF ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:20:43.0602 5256 libusb0 - ok
19:20:43.0664 5256 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:20:43.0680 5256 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:20:43.0680 5256 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:20:43.0742 5256 [ 156AB2E56DC3CA0B582E3362E07CDED7 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:20:43.0758 5256 lirsgt - ok
19:20:43.0774 5256 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:20:43.0805 5256 lltdio - ok
19:20:43.0836 5256 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:20:43.0883 5256 lltdsvc - ok
19:20:43.0898 5256 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:20:43.0930 5256 lmhosts - ok
19:20:43.0976 5256 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:20:43.0992 5256 LSI_FC - ok
19:20:44.0039 5256 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:20:44.0086 5256 LSI_SAS - ok
19:20:44.0195 5256 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:20:44.0195 5256 LSI_SAS2 - ok
19:20:44.0210 5256 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:20:44.0226 5256 LSI_SCSI - ok
19:20:44.0242 5256 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:20:44.0288 5256 luafv - ok
19:20:44.0351 5256 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
19:20:44.0382 5256 MarvinBus - ok
19:20:44.0429 5256 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:20:44.0460 5256 Mcx2Svc - ok
19:20:44.0476 5256 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:20:44.0476 5256 megasas - ok
19:20:44.0507 5256 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:20:44.0522 5256 MegaSR - ok
19:20:44.0554 5256 [ FAFE367D032ED82E9332B4C741A20216 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:20:44.0554 5256 Microsoft Office Groove Audit Service - ok
19:20:44.0585 5256 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:20:44.0632 5256 MMCSS - ok
19:20:44.0663 5256 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:20:44.0710 5256 Modem - ok
19:20:44.0741 5256 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:20:44.0772 5256 monitor - ok
19:20:44.0819 5256 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
19:20:44.0834 5256 mouclass - ok
19:20:44.0850 5256 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:20:44.0881 5256 mouhid - ok
19:20:44.0928 5256 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:20:44.0944 5256 mountmgr - ok
19:20:44.0959 5256 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:20:44.0975 5256 mpio - ok
19:20:45.0006 5256 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:20:45.0053 5256 mpsdrv - ok
19:20:45.0100 5256 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:20:45.0146 5256 MpsSvc - ok
19:20:45.0162 5256 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:20:45.0178 5256 MRxDAV - ok
19:20:45.0209 5256 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:20:45.0271 5256 mrxsmb - ok
19:20:45.0318 5256 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:20:45.0365 5256 mrxsmb10 - ok
19:20:45.0396 5256 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:20:45.0443 5256 mrxsmb20 - ok
19:20:45.0474 5256 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:20:45.0490 5256 msahci - ok
19:20:45.0521 5256 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:20:45.0536 5256 msdsm - ok
19:20:45.0552 5256 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:20:45.0583 5256 MSDTC - ok
19:20:45.0630 5256 [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
19:20:45.0661 5256 MSDV - ok
19:20:45.0692 5256 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:20:45.0724 5256 Msfs - ok
19:20:45.0724 5256 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:20:45.0755 5256 mshidkmdf - ok
19:20:45.0786 5256 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:20:45.0786 5256 msisadrv - ok
19:20:45.0817 5256 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:20:45.0848 5256 MSiSCSI - ok
19:20:45.0864 5256 msiserver - ok
19:20:45.0880 5256 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:20:45.0926 5256 MSKSSRV - ok
19:20:45.0958 5256 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:20:45.0989 5256 MSPCLOCK - ok
19:20:45.0989 5256 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:20:46.0036 5256 MSPQM - ok
19:20:46.0067 5256 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:20:46.0082 5256 MsRPC - ok
19:20:46.0114 5256 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:20:46.0129 5256 mssmbios - ok
19:20:46.0145 5256 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:20:46.0192 5256 MSTEE - ok
19:20:46.0207 5256 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:20:46.0223 5256 MTConfig - ok
19:20:46.0254 5256 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:20:46.0254 5256 Mup - ok
19:20:46.0301 5256 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:20:46.0348 5256 napagent - ok
19:20:46.0394 5256 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:20:46.0426 5256 NativeWifiP - ok
19:20:46.0488 5256 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:20:46.0504 5256 NDIS - ok
19:20:46.0519 5256 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:20:46.0550 5256 NdisCap - ok
19:20:46.0566 5256 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:20:46.0597 5256 NdisTapi - ok
19:20:46.0597 5256 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:20:46.0660 5256 Ndisuio - ok
19:20:46.0675 5256 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:20:46.0706 5256 NdisWan - ok
19:20:46.0738 5256 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:20:46.0753 5256 NDProxy - ok
19:20:46.0769 5256 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:20:46.0816 5256 NetBIOS - ok
19:20:46.0847 5256 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:20:46.0894 5256 NetBT - ok
19:20:46.0909 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
19:20:46.0925 5256 Netlogon - ok
19:20:46.0940 5256 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:20:46.0987 5256 Netman - ok
19:20:47.0034 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0065 5256 NetMsmqActivator - ok
19:20:47.0065 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0065 5256 NetPipeActivator - ok
19:20:47.0096 5256 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:20:47.0143 5256 netprofm - ok
19:20:47.0143 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0143 5256 NetTcpActivator - ok
19:20:47.0159 5256 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:20:47.0159 5256 NetTcpPortSharing - ok
19:20:47.0174 5256 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:20:47.0190 5256 nfrd960 - ok
19:20:47.0237 5256 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:20:47.0268 5256 NlaSvc - ok
19:20:47.0299 5256 [ F9691BFB0FB9FF500BA6D41FB92E97DE ] nmwcdcx64 C:\Windows\system32\drivers\ccdcmbox64.sys
19:20:47.0362 5256 nmwcdcx64 - ok
19:20:47.0393 5256 [ 6EC32C9AF7D148E96D7B4F77290AFECB ] nmwcdx64 C:\Windows\system32\drivers\ccdcmbx64.sys
19:20:47.0440 5256 nmwcdx64 - ok
19:20:47.0455 5256 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:20:47.0486 5256 Npfs - ok
19:20:47.0502 5256 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:20:47.0533 5256 nsi - ok
19:20:47.0533 5256 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:20:47.0580 5256 nsiproxy - ok
19:20:47.0642 5256 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:20:47.0674 5256 Ntfs - ok
19:20:47.0798 5256 [ EAAC965642EF5F818AED508CADF83E4B ] ntk_PowerDVD12 C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
19:20:47.0798 5256 ntk_PowerDVD12 - ok
19:20:47.0876 5256 nTuneService - ok
19:20:47.0892 5256 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:20:47.0923 5256 Null - ok
19:20:48.0157 5256 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:20:48.0469 5256 nvlddmkm - ok
19:20:48.0516 5256 [ 8C1D181480796D7D3366A9381FD7782D ] nvoclk64 C:\Windows\system32\DRIVERS\nvoclk64.sys
19:20:48.0532 5256 nvoclk64 - ok
19:20:48.0563 5256 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:20:48.0578 5256 nvraid - ok
19:20:48.0625 5256 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:20:48.0625 5256 nvstor - ok
19:20:48.0688 5256 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
19:20:48.0703 5256 nvsvc - ok
19:20:48.0781 5256 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:20:48.0812 5256 nvUpdatusService - ok
19:20:48.0844 5256 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:20:48.0844 5256 nv_agp - ok
19:20:48.0922 5256 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:20:48.0922 5256 odserv - ok
19:20:48.0968 5256 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:20:49.0000 5256 ohci1394 - ok
19:20:49.0015 5256 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:20:49.0031 5256 ose - ok
19:20:49.0078 5256 [ 360CC26D92D05F2E174E8BB2E62E7FF6 ] OXYGEN C:\Windows\system32\DRIVERS\MAudioOxygen.sys
19:20:49.0093 5256 OXYGEN - ok
19:20:49.0156 5256 [ 78C1A5447E6179C45C33EFBEC8C9256C ] OxygenAudioDevMon C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe
19:20:49.0187 5256 OxygenAudioDevMon - ok
19:20:49.0249 5256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:20:49.0327 5256 p2pimsvc - ok
19:20:49.0436 5256 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:20:49.0452 5256 p2psvc - ok
19:20:49.0483 5256 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:20:49.0499 5256 Parport - ok
19:20:49.0530 5256 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:20:49.0546 5256 partmgr - ok
19:20:49.0608 5256 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
19:20:49.0624 5256 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
19:20:49.0624 5256 PassThru Service - detected UnsignedFile.Multi.Generic (1)
19:20:49.0655 5256 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:20:49.0702 5256 PcaSvc - ok
19:20:49.0733 5256 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
19:20:49.0764 5256 pccsmcfd - ok
19:20:49.0811 5256 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:20:49.0826 5256 pci - ok
19:20:49.0858 5256 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:20:49.0858 5256 pciide - ok
19:20:49.0873 5256 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:20:49.0889 5256 pcmcia - ok
19:20:49.0920 5256 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
19:20:49.0967 5256 pcouffin - ok
19:20:49.0967 5256 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:20:49.0982 5256 pcw - ok
19:20:49.0998 5256 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:20:50.0060 5256 PEAUTH - ok
19:20:50.0107 5256 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:20:50.0138 5256 PeerDistSvc - ok
19:20:50.0201 5256 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:20:50.0216 5256 PerfHost - ok
19:20:50.0279 5256 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:20:50.0326 5256 pla - ok
19:20:50.0372 5256 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:20:50.0404 5256 PlugPlay - ok
19:20:50.0419 5256 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:20:50.0419 5256 PNRPAutoReg - ok
19:20:50.0435 5256 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:20:50.0450 5256 PNRPsvc - ok
19:20:50.0497 5256 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:20:50.0544 5256 PolicyAgent - ok
19:20:50.0575 5256 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:20:50.0622 5256 Power - ok
19:20:50.0669 5256 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:20:50.0700 5256 PptpMiniport - ok
19:20:50.0731 5256 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:20:50.0747 5256 Processor - ok
19:20:50.0809 5256 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:20:50.0856 5256 ProfSvc - ok
19:20:50.0872 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
19:20:50.0872 5256 ProtectedStorage - ok
19:20:50.0918 5256 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:20:50.0950 5256 Psched - ok
19:20:50.0996 5256 [ DEFD557D9B8C0FA3CEA6CC576400114E ] pwdrvio C:\Windows\system32\pwdrvio.sys
19:20:50.0996 5256 pwdrvio - ok
19:20:51.0012 5256 [ A2EE3B70A9E05F651B888078726C2787 ] pwdspio C:\Windows\system32\pwdspio.sys
19:20:51.0028 5256 pwdspio - ok
19:20:51.0074 5256 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:20:51.0106 5256 ql2300 - ok
19:20:51.0121 5256 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:20:51.0121 5256 ql40xx - ok
19:20:51.0152 5256 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:20:51.0184 5256 QWAVE - ok
19:20:51.0184 5256 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:20:51.0230 5256 QWAVEdrv - ok
19:20:51.0246 5256 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:20:51.0308 5256 RasAcd - ok
19:20:51.0340 5256 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:20:51.0371 5256 RasAgileVpn - ok
19:20:51.0386 5256 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:20:51.0433 5256 RasAuto - ok
19:20:51.0464 5256 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:20:51.0511 5256 Rasl2tp - ok
19:20:51.0527 5256 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:20:51.0558 5256 RasMan - ok
19:20:51.0574 5256 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:20:51.0636 5256 RasPppoe - ok
19:20:51.0652 5256 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:20:51.0714 5256 RasSstp - ok
19:20:51.0730 5256 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:20:51.0792 5256 rdbss - ok
19:20:51.0808 5256 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:20:51.0839 5256 rdpbus - ok
19:20:51.0854 5256 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:20:51.0886 5256 RDPCDD - ok
19:20:51.0932 5256 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:20:51.0948 5256 RDPDR - ok
19:20:51.0979 5256 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:20:52.0010 5256 RDPENCDD - ok
19:20:52.0026 5256 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:20:52.0057 5256 RDPREFMP - ok
19:20:52.0104 5256 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:20:52.0151 5256 RdpVideoMiniport - ok
19:20:52.0182 5256 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:20:52.0229 5256 RDPWD - ok
19:20:52.0276 5256 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:20:52.0291 5256 rdyboost - ok
19:20:52.0307 5256 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:20:52.0354 5256 RemoteAccess - ok
19:20:52.0369 5256 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:20:52.0416 5256 RemoteRegistry - ok
19:20:52.0432 5256 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:20:52.0478 5256 RpcEptMapper - ok
19:20:52.0494 5256 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:20:52.0510 5256 RpcLocator - ok
19:20:52.0541 5256 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:20:52.0572 5256 RpcSs - ok
19:20:52.0603 5256 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:20:52.0634 5256 rspndr - ok
19:20:52.0650 5256 [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:20:52.0666 5256 RTL8167 - ok
19:20:52.0697 5256 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:20:52.0728 5256 s3cap - ok
19:20:52.0728 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
19:20:52.0744 5256 SamSs - ok
19:20:52.0775 5256 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:20:52.0790 5256 sbp2port - ok
19:20:52.0806 5256 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:20:52.0837 5256 SCardSvr - ok
19:20:52.0868 5256 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:20:52.0915 5256 scfilter - ok
19:20:52.0962 5256 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:20:52.0993 5256 Schedule - ok
19:20:53.0024 5256 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:20:53.0056 5256 SCPolicySvc - ok
19:20:53.0087 5256 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:20:53.0102 5256 SDRSVC - ok
19:20:53.0227 5256 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:20:53.0258 5256 SDScannerService - ok
19:20:53.0321 5256 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:20:53.0352 5256 SDUpdateService - ok
19:20:53.0368 5256 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:20:53.0368 5256 SDWSCService - ok
19:20:53.0399 5256 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:20:53.0446 5256 secdrv - ok
19:20:53.0492 5256 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:20:53.0555 5256 seclogon - ok
19:20:53.0570 5256 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:20:53.0602 5256 SENS - ok
19:20:53.0602 5256 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:20:53.0648 5256 SensrSvc - ok
19:20:53.0680 5256 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:20:53.0695 5256 Serenum - ok
19:20:53.0726 5256 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:20:53.0726 5256 Serial - ok
19:20:53.0773 5256 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:20:53.0789 5256 sermouse - ok
19:20:53.0898 5256 [ C52572A3E609989C2CBEED503E95153E ] ServiceLayer C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe
19:20:53.0914 5256 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:20:53.0914 5256 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:20:53.0960 5256 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:20:54.0007 5256 SessionEnv - ok
19:20:54.0038 5256 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:20:54.0070 5256 sffdisk - ok
19:20:54.0085 5256 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:20:54.0116 5256 sffp_mmc - ok
19:20:54.0132 5256 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:20:54.0148 5256 sffp_sd - ok
19:20:54.0179 5256 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:20:54.0194 5256 sfloppy - ok
19:20:54.0226 5256 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:20:54.0257 5256 SharedAccess - ok
19:20:54.0288 5256 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:20:54.0350 5256 ShellHWDetection - ok
19:20:54.0350 5256 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:20:54.0366 5256 SiSRaid2 - ok
19:20:54.0382 5256 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:20:54.0382 5256 SiSRaid4 - ok
19:20:54.0413 5256 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:20:54.0428 5256 Smb - ok
19:20:54.0475 5256 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:20:54.0506 5256 SNMPTRAP - ok
19:20:54.0584 5256 [ 3BB48F7E33C2B76184DDF233000C09CD ] Sony SCSI Helper Service C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
19:20:54.0600 5256 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - warning
19:20:54.0600 5256 Sony SCSI Helper Service - detected UnsignedFile.Multi.Generic (1)
19:20:54.0647 5256 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:20:54.0647 5256 spldr - ok
19:20:54.0740 5256 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:20:54.0772 5256 Spooler - ok
19:20:54.0865 5256 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:20:54.0943 5256 sppsvc - ok
19:20:54.0974 5256 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:20:55.0021 5256 sppuinotify - ok
19:20:55.0052 5256 sptd - ok
19:20:55.0099 5256 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:20:55.0162 5256 srv - ok
19:20:55.0193 5256 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:20:55.0255 5256 srv2 - ok
19:20:55.0286 5256 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:20:55.0349 5256 srvnet - ok
19:20:55.0380 5256 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:20:55.0427 5256 SSDPSRV - ok
19:20:55.0442 5256 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:20:55.0474 5256 SstpSvc - ok
19:20:55.0505 5256 Steam Client Service - ok
19:20:55.0614 5256 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:20:55.0630 5256 Stereo Service - ok
19:20:55.0645 5256 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:20:55.0645 5256 stexstor - ok
19:20:55.0692 5256 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:20:55.0739 5256 stisvc - ok
19:20:55.0786 5256 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:20:55.0801 5256 storflt - ok
19:20:55.0832 5256 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:20:55.0848 5256 storvsc - ok
19:20:55.0879 5256 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:20:55.0879 5256 swenum - ok
19:20:55.0910 5256 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:20:55.0973 5256 swprv - ok
19:20:55.0988 5256 Synth3dVsc - ok
19:20:56.0051 5256 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:20:56.0098 5256 SysMain - ok
19:20:56.0129 5256 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:20:56.0160 5256 TabletInputService - ok
19:20:56.0191 5256 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:20:56.0238 5256 TapiSrv - ok
19:20:56.0254 5256 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:20:56.0285 5256 TBS - ok
19:20:56.0347 5256 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:20:56.0394 5256 Tcpip - ok
19:20:56.0410 5256 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:20:56.0441 5256 TCPIP6 - ok
19:20:56.0472 5256 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:20:56.0534 5256 tcpipreg - ok
19:20:56.0550 5256 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:20:56.0597 5256 TDPIPE - ok
19:20:56.0612 5256 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:20:56.0644 5256 TDTCP - ok
19:20:56.0690 5256 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:20:56.0737 5256 tdx - ok
19:20:56.0768 5256 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:20:56.0768 5256 TermDD - ok
19:20:56.0815 5256 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:20:56.0862 5256 TermService - ok
19:20:56.0878 5256 TFsExDisk - ok
19:20:56.0893 5256 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:20:56.0909 5256 Themes - ok
19:20:56.0924 5256 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:20:56.0956 5256 THREADORDER - ok
19:20:56.0987 5256 [ 0E8A784713A08B39E39565C91ECE48BA ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
19:20:57.0002 5256 tosporte ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0002 5256 tosporte - detected UnsignedFile.Multi.Generic (1)
19:20:57.0002 5256 [ 7F7BEACB582DAED3355C5AE5220C363B ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
19:20:57.0018 5256 tosrfbd ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0018 5256 tosrfbd - detected UnsignedFile.Multi.Generic (1)
19:20:57.0018 5256 [ B955484F53DE2DBB481F99AD10867EBE ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
19:20:57.0049 5256 tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0049 5256 tosrfbnp - detected UnsignedFile.Multi.Generic (1)
19:20:57.0065 5256 [ F31E3217D11158B584711E42E40621EC ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
19:20:57.0065 5256 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0065 5256 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
19:20:57.0080 5256 [ F3C57806B7ECD2101387B9AF39059FF3 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
19:20:57.0096 5256 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0096 5256 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
19:20:57.0112 5256 [ 95552D0B11C70846299DCA2FF0082205 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
19:20:57.0112 5256 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0112 5256 tosrfnds - detected UnsignedFile.Multi.Generic (1)
19:20:57.0127 5256 [ 25BD441F1CEC311648DF259B9DF2999B ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
19:20:57.0143 5256 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0143 5256 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
19:20:57.0174 5256 [ CBD52E5DF13FAB87A0206E031EEF42A4 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
19:20:57.0190 5256 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
19:20:57.0190 5256 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
19:20:57.0221 5256 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:20:57.0268 5256 TrkWks - ok
19:20:57.0330 5256 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:20:57.0361 5256 TrustedInstaller - ok
19:20:57.0392 5256 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:20:57.0455 5256 tssecsrv - ok
19:20:57.0486 5256 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:20:57.0517 5256 TsUsbFlt - ok
19:20:57.0533 5256 tsusbhub - ok
19:20:57.0564 5256 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:20:57.0595 5256 tunnel - ok
19:20:57.0626 5256 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:20:57.0626 5256 uagp35 - ok
19:20:57.0642 5256 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:20:57.0689 5256 udfs - ok
19:20:57.0720 5256 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:20:57.0720 5256 UI0Detect - ok
19:20:57.0767 5256 [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus C:\Windows\system32\DRIVERS\uimx64.sys
19:20:57.0767 5256 UimBus - ok
19:20:57.0814 5256 [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM C:\Windows\system32\Drivers\Uim_IMx64.sys
19:20:57.0829 5256 Uim_IM - ok
19:20:57.0860 5256 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:20:57.0876 5256 uliagpkx - ok
19:20:57.0923 5256 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:20:57.0938 5256 umbus - ok
19:20:57.0970 5256 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:20:58.0001 5256 UmPass - ok
19:20:58.0032 5256 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:20:58.0048 5256 UmRdpService - ok
19:20:58.0079 5256 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:20:58.0126 5256 upnphost - ok
19:20:58.0204 5256 [ 1D6F13DE33143D7AE9278B1002FBEF4A ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
19:20:58.0235 5256 upperdev - ok
19:20:58.0282 5256 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:20:58.0297 5256 usbaudio - ok
19:20:58.0313 5256 usbbus - ok
19:20:58.0360 5256 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
19:20:58.0375 5256 usbccgp - ok
19:20:58.0406 5256 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:20:58.0406 5256 usbcir - ok
19:20:58.0422 5256 UsbDiag - ok
19:20:58.0438 5256 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:20:58.0453 5256 usbehci - ok
19:20:58.0500 5256 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:20:58.0516 5256 usbhub - ok
19:20:58.0516 5256 USBModem - ok
19:20:58.0531 5256 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:20:58.0531 5256 usbohci - ok
19:20:58.0547 5256 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:20:58.0562 5256 usbprint - ok
19:20:58.0594 5256 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:20:58.0609 5256 usbscan - ok
19:20:58.0640 5256 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
19:20:58.0687 5256 usbser - ok
19:20:58.0718 5256 [ A700B43E25B51D17B9F8D389F183D72A ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
19:20:58.0750 5256 UsbserFilt - ok
19:20:58.0781 5256 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:20:58.0812 5256 USBSTOR - ok
19:20:58.0828 5256 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:20:58.0859 5256 usbuhci - ok
19:20:58.0874 5256 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:20:58.0906 5256 usb_rndisx - ok
19:20:58.0937 5256 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:20:58.0984 5256 UxSms - ok
19:20:58.0999 5256 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
19:20:59.0015 5256 VaultSvc - ok
19:20:59.0046 5256 [ 0F1A9DC0B9CE1547BE8AB996543DFA4F ] VComm C:\Windows\system32\DRIVERS\VComm.sys
19:20:59.0062 5256 VComm - ok
19:20:59.0062 5256 [ 7FBAA98966BABB4901DEB47C2F84848A ] VcommMgr C:\Windows\system32\Drivers\VcommMgr.sys
19:20:59.0062 5256 VcommMgr - ok
19:20:59.0108 5256 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:20:59.0108 5256 vdrvroot - ok
19:20:59.0155 5256 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:20:59.0186 5256 vds - ok
19:20:59.0202 5256 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:20:59.0202 5256 vga - ok
19:20:59.0218 5256 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:20:59.0264 5256 VgaSave - ok
19:20:59.0264 5256 VGPU - ok
19:20:59.0296 5256 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:20:59.0311 5256 vhdmp - ok
19:20:59.0358 5256 [ B65B1EE79DF689C6871316DD2E538DCE ] VHidMinidrv C:\Windows\system32\drivers\VHIDMini.sys
19:20:59.0358 5256 VHidMinidrv - ok
19:20:59.0389 5256 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:20:59.0389 5256 viaide - ok
19:20:59.0436 5256 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:20:59.0436 5256 vmbus - ok
19:20:59.0467 5256 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:20:59.0483 5256 VMBusHID - ok
19:20:59.0561 5256 [ C6F8FBDE19960E0B172CD76D2677F5E2 ] vmm C:\Windows\system32\Treiber\vmm.sys
19:20:59.0608 5256 vmm - ok
19:20:59.0732 5256 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:20:59.0732 5256 volmgr - ok
19:20:59.0779 5256 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:20:59.0779 5256 volmgrx - ok
19:20:59.0842 5256 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:20:59.0857 5256 volsnap - ok
19:20:59.0873 5256 [ 6BDCA00FC57CC40DA3C8E88B2CEA21AB ] VPCNetS2 C:\Windows\system32\DRIVERS\VMNetSrv.sys
19:20:59.0888 5256 VPCNetS2 - ok
19:20:59.0904 5256 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:20:59.0920 5256 vsmraid - ok
19:20:59.0966 5256 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:21:00.0029 5256 VSS - ok
19:21:00.0044 5256 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:21:00.0076 5256 vwifibus - ok
19:21:00.0107 5256 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:21:00.0138 5256 W32Time - ok
19:21:00.0154 5256 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:21:00.0154 5256 WacomPen - ok
19:21:00.0200 5256 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:21:00.0247 5256 WANARP - ok
19:21:00.0247 5256 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:21:00.0278 5256 Wanarpv6 - ok
19:21:00.0325 5256 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:21:00.0356 5256 wbengine - ok
19:21:00.0388 5256 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:21:00.0403 5256 WbioSrvc - ok
19:21:00.0450 5256 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:21:00.0481 5256 wcncsvc - ok
19:21:00.0512 5256 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:21:00.0528 5256 WcsPlugInService - ok
19:21:00.0544 5256 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:21:00.0559 5256 Wd - ok
19:21:00.0575 5256 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:21:00.0590 5256 Wdf01000 - ok
19:21:00.0606 5256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:21:00.0684 5256 WdiServiceHost - ok
19:21:00.0684 5256 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:21:00.0700 5256 WdiSystemHost - ok
19:21:00.0746 5256 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:21:00.0762 5256 WebClient - ok
19:21:00.0793 5256 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:21:00.0824 5256 Wecsvc - ok
19:21:00.0840 5256 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:21:00.0871 5256 wercplsupport - ok
19:21:00.0887 5256 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:21:00.0918 5256 WerSvc - ok
19:21:00.0949 5256 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:21:00.0965 5256 WfpLwf - ok
19:21:00.0980 5256 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:21:00.0980 5256 WIMMount - ok
19:21:00.0996 5256 WinDefend - ok
19:21:01.0012 5256 WinHttpAutoProxySvc - ok
19:21:01.0043 5256 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:21:01.0074 5256 Winmgmt - ok
19:21:01.0136 5256 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:21:01.0199 5256 WinRM - ok
19:21:01.0261 5256 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:21:01.0277 5256 WinUsb - ok
19:21:01.0308 5256 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:21:01.0355 5256 Wlansvc - ok
19:21:01.0448 5256 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:21:01.0480 5256 wlidsvc - ok
19:21:01.0511 5256 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:21:01.0542 5256 WmiAcpi - ok
19:21:01.0573 5256 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:21:01.0604 5256 wmiApSrv - ok
19:21:01.0636 5256 WMPNetworkSvc - ok
19:21:01.0651 5256 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:21:01.0667 5256 WPCSvc - ok
19:21:01.0714 5256 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:21:01.0729 5256 WPDBusEnum - ok
19:21:01.0745 5256 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:21:01.0792 5256 ws2ifsl - ok
19:21:01.0823 5256 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:21:01.0854 5256 wscsvc - ok
19:21:01.0854 5256 WSearch - ok
19:21:01.0901 5256 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
19:21:01.0979 5256 wuauserv - ok
19:21:02.0010 5256 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:21:02.0041 5256 WudfPf - ok
19:21:02.0072 5256 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:21:02.0104 5256 WUDFRd - ok
19:21:02.0119 5256 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:21:02.0150 5256 wudfsvc - ok
19:21:02.0166 5256 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:21:02.0197 5256 WwanSvc - ok
19:21:02.0244 5256 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
19:21:02.0244 5256 xusb21 - ok
19:21:02.0322 5256 zlportio - ok
19:21:02.0447 5256 [ 74983ADDCA2D9618512C088D856D6615 ] {329F96B6-DF1E-4328-BFDA-39EA953C1312} C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl
19:21:02.0447 5256 {329F96B6-DF1E-4328-BFDA-39EA953C1312} - ok
19:21:02.0462 5256 ================ Scan global ===============================
19:21:02.0478 5256 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:21:02.0509 5256 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:21:02.0525 5256 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
19:21:02.0525 5256 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:21:02.0556 5256 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:21:02.0556 5256 [Global] - ok
19:21:02.0572 5256 ================ Scan MBR ==================================
19:21:02.0572 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:21:02.0728 5256 \Device\Harddisk0\DR0 - ok
19:21:02.0743 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:21:02.0790 5256 \Device\Harddisk1\DR1 - ok
19:21:02.0790 5256 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:21:02.0837 5256 \Device\Harddisk2\DR2 - ok
19:21:02.0837 5256 ================ Scan VBR ==================================
19:21:02.0852 5256 [ D91CCE85F3CA34F7B8496D3FC636C354 ] \Device\Harddisk0\DR0\Partition1
19:21:02.0852 5256 \Device\Harddisk0\DR0\Partition1 - ok
19:21:02.0868 5256 [ 3C71007E0980769BDB9C7EFEE82D86B1 ] \Device\Harddisk0\DR0\Partition2
19:21:02.0868 5256 \Device\Harddisk0\DR0\Partition2 - ok
19:21:02.0868 5256 [ 2F6A500EB489D08D61A7F9D9BB5EF8E0 ] \Device\Harddisk1\DR1\Partition1
19:21:02.0868 5256 \Device\Harddisk1\DR1\Partition1 - ok
19:21:02.0868 5256 [ 14C810AE86625B14EE9785455C2F7656 ] \Device\Harddisk1\DR1\Partition2
19:21:02.0884 5256 \Device\Harddisk1\DR1\Partition2 - ok
19:21:02.0884 5256 [ CE83EE1488E6A38964B0CE38D6328C09 ] \Device\Harddisk1\DR1\Partition3
19:21:02.0884 5256 \Device\Harddisk1\DR1\Partition3 - ok
19:21:02.0884 5256 [ F2F7EE3FD90A48D2CCFB51459454D3B3 ] \Device\Harddisk2\DR2\Partition1
19:21:02.0884 5256 \Device\Harddisk2\DR2\Partition1 - ok
19:21:02.0884 5256 ============================================================
19:21:02.0884 5256 Scan finished
19:21:02.0884 5256 ============================================================
19:21:02.0884 2868 Detected object count: 18
19:21:02.0884 2868 Actual detected object count: 18
19:25:13.0395 2868 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 BlueSoleilCS ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 BlueSoleilCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 BsHelpCS ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 BsHelpCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 BsMobileCS ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 BsMobileCS ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 KMWDSERVICE ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0395 2868 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0395 2868 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 Sony SCSI Helper Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 tosporte ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 tosrfbd ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 tosrfbnp ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 Tosrfcom ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 Tosrfhid ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 tosrfnds ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 TosRfSnd ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:13.0410 2868 Tosrfusb ( UnsignedFile.Multi.Generic ) - skipped by user
19:25:13.0410 2868 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:25:18.0356 2676 Deinitialize success
|
|
| Themen zu GVU-Trojaner- WindowsUnlocker bereits erfolgreich |
| anti-malware, aufgrund, aufsetzen, backup, bereits, dateien, daten, defogger, entsperrt, erfolgreich, eurer, größe, infizierung, kapersky, malwarebytes, malwarebytes anti-malware, neu, neu aufsetzen, platte, private, rechner, reparatur, sperrt, system, system neu, trojan.bublik |
Linear-Darstellung
