| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan Generic.32.CCGO Gefährlich?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.04.2013, 23:50
| #1 |
| |  Trojan Generic.32.CCGO Gefährlich? Hallo liebe Leute habe mich grade angemeldet in der Hoffnung Hilfe zu bekommen. AVG hat grade den Virus Trojan Generic.32.CCGO 2 mal gefunden und gelöscht. Meine frage ist jetzt ob die wirklich gelöscht wurden und ob die Gefährlich sind. Ich hoffe ihr könnt mir helfen. Hier OTL Code:
ATTFilter OTL logfile created on: 26.04.2013 23:04:21 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 4,90 Gb Available Physical Memory | 61,24% Memory free 9,19 Gb Paging File | 5,51 Gb Available in Paging File | 59,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 84,35 Gb Free Space | 57,59% Space Free | Partition Type: NTFS Drive D: | 258,79 Gb Total Space | 190,59 Gb Free Space | 73,65% Space Free | Partition Type: NTFS Drive E: | 265,43 Gb Total Space | 77,10 Gb Free Space | 29,05% Space Free | Partition Type: NTFS Computer Name: DARK-PC | User Name: dark | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.26 23:01:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.03.14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.02.18 19:23:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2013.02.18 19:23:40 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe PRC - [2012.12.29 10:55:32 | 000,068,608 | ---- | M] (IvoSoft) -- C:\Programme\Classic Shell\ClassicShellService.exe PRC - [2012.12.11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe PRC - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2012.10.22 14:04:06 | 000,329,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe ========== Modules (No Company Name) ========== MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll MOD - [2013.02.18 19:23:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2013.02.18 19:23:40 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.12.06 06:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2012.12.06 06:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.03.14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.02.18 19:23:40 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0) SRV - [2012.12.29 10:55:32 | 000,068,608 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Programme\Classic Shell\ClassicShellService.exe -- (ClassicShellService) SRV - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws) SRV - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2008.12.27 04:55:28 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.02.07 06:09:56 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2013.01.10 03:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.11.27 00:36:16 | 000,208,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa) DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.11.16 00:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.10.26 05:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota) DRV:64bit: - [2012.10.22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.10.02 04:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.09.21 04:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.20 09:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.09.20 09:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2012.09.14 04:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2012.09.04 11:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgfwd6a.sys -- (Avgfwfd) DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 07:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2012.07.26 07:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:64bit: - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.06.02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2011.07.01 11:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tap0901.sys -- (tap0901) DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\sandra.sys -- (SANDRA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={5F309518-9942-4EAF-9462-12FC8D7BB673}&mid=1fe52ba940dd47d09ddcd16d5b34c071-1ff06a90c643aa812b62f3bc0071b03903534728&lang=de&ds=AVG&pr=fr&d=2013-01-30 17:47:26&v=14.2.0.1&pid=avg&sg=&sap=hp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 1E 75 38 CB E2 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={5F309518-9942-4EAF-9462-12FC8D7BB673}&mid=1fe52ba940dd47d09ddcd16d5b34c071-1ff06a90c643aa812b62f3bc0071b03903534728&lang=de&ds=AVG&pr=fr&d=2013-01-30 17:47:26&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.18 19:23:48 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: https://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - Extension: Google Docs = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: One Piece Theme2 = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggndmjeamglljedlcacmjipmlhbdgioi\2_0\ CHR - Extension: New Tab Redirect! = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna\2.0_0\ CHR - Extension: Google Mail = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKCU..\Run: [Steam] E:\Games\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB75D9-BC75-43D0-854D-290B2F72F658}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{96fca61d-8177-11e2-be77-00241dd02982}\Shell - "" = AutoRun O33 - MountPoints2\{96fca61d-8177-11e2-be77-00241dd02982}\Shell\AutoRun\command - "" = "J:\CMADownloader.exe" O33 - MountPoints2\{d98f093f-4f5f-11e2-be6c-00241dd02982}\Shell - "" = AutoRun O33 - MountPoints2\{d98f093f-4f5f-11e2-be6c-00241dd02982}\Shell\AutoRun\command - "" = "I:\CMADownloader.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.02 17:14:30 | 000,000,000 | ---D | C] -- C:\Users\dark\AppData\Roaming\Zeal Game Studio [2013.04.02 00:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2013.04.02 00:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2013.04.02 00:32:21 | 001,306,624 | ---- | C] (Blue Ripple Sound Limited) -- C:\WINDOWS\SysWow64\rapture3d_oal.dll [2013.04.02 00:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2013.04.01 13:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HideIPVPN [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.26 23:03:00 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.26 23:01:22 | 000,000,000 | ---- | M] () -- C:\Users\dark\defogger_reenable [2013.04.26 15:59:22 | 000,001,118 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.26 15:57:33 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.25 15:51:52 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.04.25 15:51:52 | 000,751,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.04.25 15:51:52 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.04.25 15:51:52 | 000,155,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.04.25 15:51:52 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.04.16 21:03:20 | 000,000,017 | ---- | M] () -- C:\Users\dark\AppData\Local\resmon.resmoncfg [2013.04.13 09:37:36 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.04.13 09:37:31 | 2575,712,255 | -HS- | M] () -- C:\hiberfil.sys [2013.04.02 00:32:16 | 000,466,456 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll [2013.04.02 00:32:15 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.26 23:01:22 | 000,000,000 | ---- | C] () -- C:\Users\dark\defogger_reenable [2013.04.16 21:03:20 | 000,000,017 | ---- | C] () -- C:\Users\dark\AppData\Local\resmon.resmoncfg [2013.01.11 15:02:22 | 000,015,873 | ---- | C] () -- C:\WINDOWS\SysWow64\Inetde.dll [2013.01.11 10:16:12 | 000,197,912 | ---- | C] () -- C:\WINDOWS\SysWow64\physxcudart_20.dll [2013.01.09 01:09:25 | 013,131,776 | ---- | C] () -- C:\Users\dark\AppData\Roaming\Sandra.mdb [2012.12.30 22:28:41 | 000,204,154 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2012.12.30 22:28:41 | 000,000,584 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2012.12.25 22:17:10 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2013.01.02 22:14:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.01.03 18:14:30 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Amazon [2012.12.26 12:53:20 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\AVG2013 [2013.01.31 18:29:59 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Bioshock [2013.02.05 21:10:26 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Bioshock2 [2013.04.14 20:29:29 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\BOM [2013.02.12 13:11:37 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\DAEMON Tools Lite [2013.01.29 09:10:25 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Origin [2013.01.31 18:59:03 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Sony [2012.12.26 12:52:19 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\TuneUp Software [2013.04.02 17:14:30 | 000,000,000 | ---D | M] -- C:\Users\dark\AppData\Roaming\Zeal Game Studio ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 26.04.2013 23:04:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 4,90 Gb Available Physical Memory | 61,24% Memory free
9,19 Gb Paging File | 5,51 Gb Available in Paging File | 59,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 84,35 Gb Free Space | 57,59% Space Free | Partition Type: NTFS
Drive D: | 258,79 Gb Total Space | 190,59 Gb Free Space | 73,65% Space Free | Partition Type: NTFS
Drive E: | 265,43 Gb Total Space | 77,10 Gb Free Space | 29,05% Space Free | Partition Type: NTFS
Computer Name: DARK-PC | User Name: dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05879DF9-A64A-43EE-ADBF-ABBD6BBF7A2A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B4831FE-92BD-49D0-93F0-44C966B2F202}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{0B54734B-7CD6-4CA1-BC0F-CFD74233AE2E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1001D7F9-2E70-47D1-8235-672DC2FD3A54}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1D1301A7-080E-4430-8BBC-702606371B61}" = lport=445 | protocol=6 | dir=in | app=system |
"{26C8168F-4AC6-4E81-A625-974511BA6D63}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27C1642A-DDFF-4ED6-9E4B-A029559853BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2919AB06-27C0-45F7-B375-6CAB9A2BDCDF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{29F7C959-3957-4342-8A1A-41D0429231B4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2E3736C8-8E8A-4BAA-AEEB-393B07BD9AF9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{314E714B-78D2-41F9-93A8-2DBACA1BAECD}" = rport=138 | protocol=17 | dir=out | app=system |
"{34AFA95C-F0F8-4762-A5F8-671440C9B919}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{369772DC-EB26-47E6-ACC0-58B1A463DD07}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{39B64C1E-EF83-45F5-BE92-57A9B7A0D3A3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{43875428-9540-492F-8858-6A775D8D4E20}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B5E10E2-1405-4E57-B9D0-60FC3B6CD290}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4DB74AE0-E55E-480D-B5B4-029DFDD3EB48}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4F855B00-ECF7-44FE-ADDD-860D75993B76}" = rport=137 | protocol=17 | dir=out | app=system |
"{50657FA9-5C9A-4A26-9F4C-857B7AD0405B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{51458DDE-AA26-4860-8085-0511BAC85E04}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{56C15E6A-5153-48C5-878F-90C2FB3E550D}" = rport=139 | protocol=6 | dir=out | app=system |
"{5ABF6C48-4676-4157-B11E-1B973A1285BB}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B2A6852-8625-4043-9DB5-8C0D50744ABD}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp1\rpcagentsrv.exe |
"{5FAE2EF0-DCB6-40A1-BC5C-7EB63913BED2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6005BC74-C85A-4263-AE6E-A8337E7CA05A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{60C56A0A-8D0D-4992-BCC4-BE224E31D9BB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6C1BBD5F-3711-4683-96F1-2320D8B94854}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7674A5A8-FFCD-4511-B807-E5A8E91F5BA4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7709D004-63F0-42EE-83E4-85BDA33EF472}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78DF92A4-E544-4C81-8407-BE6E66EF10DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C6731D3-C3EB-40CA-A62B-30DE6CFC88D8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7E1A1E7B-6AC7-4DD7-8776-14C096F5AFD6}" = lport=137 | protocol=17 | dir=in | app=system |
"{80490B46-C4F3-4385-87EB-8F48E9619A11}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{811B7712-EF9A-4EF4-9DBF-F164B5992090}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{850B99DD-2372-4D0A-8322-12B928E9C67B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8930A487-2132-4461-9F0A-6693703FA484}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8A4DFF0A-7A8A-4B7E-A841-C0C1FAD23808}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C24B8C9-6BC5-4C8F-843C-67D068685B0D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8DF8E31D-0ED3-4344-9DCC-9C90543A94FE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{900077AC-997E-47DB-BEE6-FE96F3755FD8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91F58C1D-0E07-4510-9579-F5B8BEB4AC98}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9D99D511-9A05-49B1-BE96-6DDDF609EF32}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AF040F0C-DC65-4CA2-9630-1D3379CFE30B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AFDE8176-EFB7-4F10-AF4F-A0B454B724C5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B62DC570-E3DA-4687-8199-3490FBE44B45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C05A270F-4C8D-4626-9324-B2D58A294533}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C20A691C-4774-4E4B-B474-B7D80FB3DDA1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C4A6E9FE-14BC-474E-B38E-86754F173553}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C4D2E709-EC54-4C5F-B931-80E019FC2307}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C71660E1-6D1F-4ADE-97A7-4CBAB6DDC149}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C8C83B7D-F39C-4498-8D27-25EA48342B50}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C990528C-0916-4F4A-82F2-B04DF72B7D5E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D286363C-7ACC-4572-B14D-E7E02D31D2C6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D4B2E897-762E-4FD4-8092-8D0C63017290}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D5B9C98B-35BE-467E-B903-0960C867F440}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC11997B-86E8-42B4-B2D1-0B7871634759}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E7212302-D318-4681-A188-46AA6FF493F1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E784BF5E-22E4-4E52-969D-D0E4F76A87A4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E9978137-0281-498E-976B-4C453F4FCA3C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EAC04FA8-CDA6-4CC3-BFB5-58D6A3598F8E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EB586D47-0F37-45F9-8C22-69C2F2080F48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE80F5BF-1771-43FB-9507-B58FC6C44B99}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp1\wnt500x64\rpcsandrasrv.exe |
"{F5FF16CD-C708-46A8-BB36-5BA770A8545A}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EED615-6E3A-4142-A013-AC2B859B3437}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dirt showdown\showdown.exe |
"{0242A155-71D5-4440-AAE7-203A7B284A61}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{02AA7E21-6C40-43DF-86E7-CFAD619EBE9F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\obulis\obulis_steam.exe |
"{02E7E4AF-FB99-4C66-8EAA-4063C0005B6F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{02EF1314-FDC3-4C7D-996C-6665BFD3AA8A}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0649DF62-1F91-40DE-A251-33A0D286DE32}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy_kain_defiance\defiance.exe |
"{07787231-5547-4FBF-8034-562A092C82F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{0848EB06-8659-409F-BC03-697281C61324}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{08755D7F-7247-41BE-AD1D-0B46F9EA2988}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{08C95D18-2DF8-45B9-84A8-4B246AF35276}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0911F109-E612-4931-9368-F700021C1D33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09FE4E65-D7B3-45D2-8E94-85355BE7634B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword 2\brokensword2.exe |
"{0A8F589B-FCE1-4E12-B104-4C5E258EDFE5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{0B42F019-697F-4D34-B74C-DD073445FAF0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver\kain2.exe |
"{0F699860-E7C1-42B0-ACA3-A0039A983A29}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{11392134-D6C7-4DF4-96A6-44BBEB553670}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{1471B14F-C022-4000-9AC6-33231E72CCE2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1527037C-7E6A-46A1-A3A9-8DDD72A53BCD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword 3\bstsd.exe |
"{19C0199E-07DE-4754-A03A-660258790E08}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1BEC744D-C351-4ECF-A13C-F6BB262E6FA7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe |
"{1D1799BA-DD68-44C9-9424-4250FA8AF421}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\obulis\obulis_steam.exe |
"{1FF8B8B3-376F-4B9D-87CB-DABBAA76974E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{206281A0-D6B6-44B6-AED9-69D3D2CE0A0E}" = dir=in | app=e:\games\aliens colonial marines\binaries\win32\acm.exe |
"{24427341-9BFA-4DCB-A280-14B5DC237147}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{36419C2D-F0E5-40FE-AD00-BEAD360C6029}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{37A4DC29-FE68-495C-A737-B6620988BDB5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{398D5B5A-0CA7-4100-A3E5-2A916943D143}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{3C751295-7E2B-4C8D-ADCB-92C656104AD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41DCF90D-BE71-4032-A5A2-DA91A45C1C89}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{46F083B1-3CC9-4804-B946-D44AA9E23C9A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{4CE65A3A-528F-4D90-A428-BD359B87AD90}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{4F42FDF9-E187-4718-8408-E6CA55398316}" = dir=out | name=@{microsoft.bingnews_1.7.0.31_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{4F5E0D7E-0A2B-4713-89CD-9BD65B08DB40}" = dir=out | name=@{microsoft.bingfinance_1.7.0.29_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4FB636FF-B2D7-4E8E-898C-39D41D416DB7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{508C5AD8-5734-4965-85E6-90FC7A5C923C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{51A3AB47-D80E-4E8A-BE96-900F0A588073}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dirt showdown\showdown.exe |
"{52434B39-2A97-48F9-AA6B-9C993EA72311}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{53FD1274-797B-453F-9478-2D40ABC673B7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy_kain_defiance\defiance.exe |
"{55272F96-904C-421D-8A66-9BA498C08003}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{560F99ED-1D45-478F-B6AA-C8584F38C7DE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{57442398-C694-4CBA-87D3-DC4B41923243}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{5A18A35D-649B-4442-9FFA-EA6FE74565E4}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5A2DC7E8-DE2D-4186-B8AE-7D70018DF6B8}" = dir=in | app=d:\dead space 3 limited edition cracked multi -sc\deadspace3.exe |
"{5CCAFFAF-41A9-40A2-9309-9613BAADF2FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{61B99864-EEE0-49F7-A7F2-4CE3A9EFC7CD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{64ADCCAA-60AF-4BFA-9656-EBAD0EF23C48}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{66131969-1A21-4654-87D5-25CC34B46BAD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{664462E7-074B-4DE9-8F03-0F4A585DFA42}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{6C1982FE-A4BC-4D1B-9597-3186D9E99208}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{6CE97925-9012-4945-A1CF-82C0802449F0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6DF3B82B-4AE8-4EE8-8D85-22616C6B1861}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword 2\brokensword2.exe |
"{6FB484E4-A701-4EC8-BFAC-75B51CE45985}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6FB628C7-4E8D-4988-B473-941F5DE8CA63}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{70E6EF96-A1DE-4998-B47E-384A8EE3DD78}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe |
"{773FADBC-8AA9-447D-A654-225A6DC11760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77C4F5FD-150C-4AD4-B924-64FC93DE9149}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\syberia\game.exe |
"{799D29BB-4443-402E-ABCA-62FDB96EFB5E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7BAC34BC-3C4F-413D-B7AC-B938A669DF00}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{7BD71061-8E77-45A3-A6E5-CD9E33AA34BC}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{7D4BB418-6F96-4728-8F0D-E74606E7B76B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8192DD4D-7CC4-458D-8D20-4E537ADB6178}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{850371DD-B193-45CE-B928-AABB64F26537}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8510D509-D579-4DA4-BA9D-9BCD49F2EA51}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{8522140C-E3F4-4A47-AAF9-E9D22F9BD2BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8747D911-DCF4-467D-97D8-77547C341155}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver\kain2.exe |
"{87E88AC2-90CA-4188-884B-FAA3B91C9F6B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\syberia 2\game.exe |
"{884A7B90-4FFD-4BA2-BFE0-95B24B902009}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver 2\sr2.exe |
"{8B831EDE-92F8-451E-B37B-22A2459830D8}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{8BA63F91-484D-4F9D-9BDA-F0B3A95433EF}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{90A9D207-E9F5-47C0-9741-F7D4273D2D12}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{92B9489D-647E-4F85-A8BC-46AF3C973B11}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{93297F35-565D-4606-8982-4B1B271E793B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{9837027A-DC82-494D-8E62-D242F9B12908}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{98862D39-8A78-4723-9DA2-53B541CB06AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{9B05068E-104D-4DE7-9CD5-0B98A8F87AF3}" = protocol=6 | dir=out | app=system |
"{9C8D0AC9-CB70-4104-9E6E-D3227A8E88B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CEB6E2D-6BC6-40E2-AC62-82A950622F4C}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{9E3BB7F8-04F7-4A4D-846C-68D9A212E1CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{9F776C2B-1384-4783-B666-B463F63056C9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{9F85F676-1031-4335-A6FB-FC25C53C8FAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{A026AF2C-D327-458D-9D16-95DE7BD461DC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\syberia\game.exe |
"{A1F82C01-7AD0-4D77-8FAF-2BB7CBF22A30}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A4D709B7-3C2A-48FF-AAEB-980E580911C1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A65C3AF2-30A7-40F8-A3A0-5482841CD986}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{A7FC2B55-3A6C-4D92-87AC-70E40154B533}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bastion\bastion.exe |
"{A89CEC9E-A3BB-43E6-BCBE-A3838943B898}" = dir=out | app=e:\games\aliens colonial marines\binaries\win32\acm.exe |
"{A955C6B2-DD65-4F6C-B31C-C3A05818A527}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB8C7966-17C9-4B90-9380-7C167A08F7BA}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe |
"{ADB8D8E0-16D4-46D9-B2D8-1CFE1637DA35}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bastion\bastion.exe |
"{AF02D12B-BF32-4698-8923-96E48107BCA0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{B3E64866-308D-40D1-AB60-D418117D6E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{B68A5CCB-DBFD-4C31-AA19-392F940BB344}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{B741CC1D-19BF-44E9-BBC5-5B8E6E519809}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{BD8002EF-EB45-490F-92BA-06E78F59B736}" = dir=out | app=d:\dead space 3 limited edition cracked multi -sc\deadspace3.exe |
"{BEEAC3C6-F9E3-4D12-A643-E271AF776AB6}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BFDD9C4C-C6A5-43D3-9CE5-FE25DCCFB0E4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{C5A6B742-9BF7-4581-8305-6F628AF55640}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C60E94D8-1486-4578-B259-315FA76EA53A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword 3\bstsd.exe |
"{C6DC1755-CE4F-4ACB-8001-2BE971D0ED46}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C98487D8-227C-4937-9D51-D633AC7F74B2}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver 2\sr2.exe |
"{CC3B62F7-8CF0-4827-8DE5-70BAD097613B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE6A0F2F-9D7C-4C96-B442-8CA0B6044A07}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CE7CE979-7A9D-492E-9762-31640E248831}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFCED5EC-56D9-41C2-A0D6-54C3428C7850}" = dir=out | name=microsoft solitaire collection |
"{D02D6750-3B91-437E-BCB1-64EC980D4F2B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D0C381D6-943A-49BB-9782-522086E6FCA9}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{D45F8B8C-79ED-411E-BD96-7A60013C65ED}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{D4C01400-D761-4709-ADF7-8C644D91AC02}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe |
"{D564323A-86A3-45E0-9E45-11A6D14C19A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{D7E35302-DFEB-4E22-A69C-15D75217D426}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{D8BC9C61-1816-42B6-AA68-E3345C3957EF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE545514-39F8-40BE-842D-1B3EFA55510D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{DF30FB73-4021-49E9-89BF-6BBA81D61AE6}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E1896871-F32C-4DB0-A27D-3F711ED4C566}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E1D3A9FB-919C-4993-80F4-3A6B938C1C25}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{E29AC9BB-7E1B-43C6-8892-CE3EA1D31C75}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\syberia 2\game.exe |
"{E3D09B75-89AA-4968-A7CE-EE374D5AE96A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E53E5FDF-489D-49DD-8A8A-69683E139DED}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E541A26D-F0B9-4BBD-9A96-A67E61449EBF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7EC451B-C6EE-4946-BF5D-1533507255EC}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{EBCD2E76-7300-4F28-B01B-0F15A77A92B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EC5F0710-A5AC-4F28-ADA3-E4E5C04B793F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF35C19D-FC14-40CA-B395-91BD21073618}" = dir=out | name=google search |
"{F8924637-CF88-455F-90FE-A8F512E8462F}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C925017-72A8-4C4A-AF21-84901E26638F}" = HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6047A78-062F-4C6F-A82D-B94DAF72FB73}" = Microsoft Games for Windows 8 x64
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP1
"{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}" = Classic Shell
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Shop for HP Supplies" = Shop for HP Supplies
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.114.08260
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C86E1E36-6D30-4834-9C85-5501F31F7BB4}" = F4200
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CFA33E6D-2D7D-4785-8025-974398E940D1}" = DJ_AIO_03_F4200_Software_Min
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.11 Game
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{E500DF84-3A0A-4989-93C2-D33B935008C1}" = Inhaltsmanager-Assistent für PlayStation(R)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"5513-1208-7298-9440" = JDownloader 0.9
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AVG Secure Search" = AVG Security Toolbar
"Biet-O-Matic v2.14.10" = Biet-O-Matic v2.14.10
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Steam App 107100" = Bastion
"Steam App 11330" = Obulis
"Steam App 201700" = DiRT Showdown
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 219150" = Hotline Miami
"Steam App 224300" = Legacy of Kain: Defiance
"Steam App 22450" = Hunted: The Demon's Forge
"Steam App 224920" = Legacy of Kain: Soul Reaver
"Steam App 224940" = Legacy of Kain: Soul Reaver 2
"Steam App 33600" = Broken Sword II: The Smoking Mirror
"Steam App 33610" = Broken Sword III: The Sleeping Dragon
"Steam App 39160" = Dungeon Siege III
"Steam App 43110" = Metro 2033
"Steam App 46500" = Syberia
"Steam App 46510" = Syberia 2
"Steam App 49520" = Borderlands 2
"Steam App 50650" = Darksiders II
"Steam App 57640" = Broken Sword: Shadow of the Templars - Director's Cut
"Steam App 80310" = Gemini Rue
"Steam App 8870" = BioShock Infinite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2013 14:55:25 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
327599bd-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 14:55:45 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e5cdbd5-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 14:55:46 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e73bfef-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 14:55:46 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e88cf41-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 17.04.2013 15:20:48 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: dmsynth.dll, Version: 6.2.9200.16384,
Zeitstempel: 0x5010a507 Ausnahmecode: 0xc000001d Fehleroffset: 0x00012886 ID des fehlerhaften
Prozesses: 0x15e4 Startzeit der fehlerhaften Anwendung: 0x01ce3b9877315311 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: C:\WINDOWS\System32\dmsynth.dll Berichtskennung: e83fa589-a793-11e2-be7d-00241dd02982
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 17.04.2013 15:20:48 | Computer Name = dark-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der
gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder
der Datenträger fehlt. Das Programm HotlineMiami.exe wurde wegen dieses Fehlers
geschlossen. Programm: HotlineMiami.exe Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche
Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation
ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das
Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen
können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig
in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: 00000000 Datenträgertyp:
0
Error - 25.04.2013 16:10:46 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 25.04.2013 16:18:18 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 25.04.2013 16:18:54 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 26.04.2013 09:58:35 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.2.223.0,
Zeitstempel: 0x51023a8b Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9402.0,
Zeitstempel: 0x5164e0d4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000008929a
ID
des fehlerhaften Prozesses: 0x13bc Startzeit der fehlerhaften Anwendung: 0x01ce38889b039aba
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Defender\MsMpEng.exe Pfad des
fehlerhaften Moduls: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C6943D80-31F9-4D41-8665-FAD82C1D6C76}\mpengine.dll
Berichtskennung:
629016eb-ae79-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
[ System Events ]
Error - 18.04.2013 05:26:12 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 18.04.2013 18:20:58 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 19.04.2013 08:54:55 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 21.04.2013 12:05:18 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 24.04.2013 20:13:58 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 25.04.2013 13:44:53 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Steam Client Service erreicht.
Error - 25.04.2013 13:44:53 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 25.04.2013 19:52:27 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 26.04.2013 05:57:28 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 26.04.2013 09:59:06 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Defender-Dienst" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
< End of report >
|
|
27.04.2013, 10:24
| #2 | |
| /// TB-Ausbilder   | Trojan Generic.32.CCGO Gefährlich? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Zitat:
nvxdsync.exe/dwm.exe ein Virus? Es scheint sich hier um einen Fehlalarm von AVG zu handeln. Gibt es überhaupt Probleme mit deinem Rechner, die auf Malware hindeuten? |
|
27.04.2013, 12:22
| #3 |
| | Trojan Generic.32.CCGO Gefährlich? Hallo Matthias, danke für die schnelle Antwort und Nein ich habe überhaupt keine Probleme mit meinem Rechner. Alles läuft wie es sein sollte, das einzige wo ich ein Problem hatte war bei einem Beta test Spiel(dessen Name ich leider nicht nennen darf) wo ich mich gestern anmelden wollte und es nicht ging. Ich hatte eine Mail bekommen wo drin stand
__________________(Wir möchten Sie darüber informieren, dass wir den Zugang zu Ihrem Konto vorübergehend eingeschränkt haben. Dies wurde zu Ihrer eigenen Sicherheit durchgeführt, da in unserem System ein ungewöhnlicher Zugriff auf Ihr Konto festgestellt wurde. Aus diesem Grund wurde das Konto temporär geschlossen.) aber was genau passiert ist wollen/dürfen sie angeblich nicht sagen. Ich bin dann davon ausgegangen da ich mein Account in der alten Wohnung mit Unity-media als Anbieter erstellt und einmal eingeloggt hatte und jetzt vor einer Woche umgezogen bin und als neuen Anbieter Telekom habe, das die wohl das nicht ganz kapiert haben und mein Account deswegen geschlossen haben. Naja darauf hin habe ich halt ein Scan gemacht und die beiden Viren gefunden, die gelöscht wurden. Windows hat danach auch ein update gemacht und alles ist wie vorher, nur die Angst bleibt weil ich viel Online Banking benutzte. Beim Bericht Steht das es Windows\Explorer\exe(680) sein soll! Sollte ich die 3 schritte befolgen die du im Anderen Post geschrieben hast? Vielen Dank für die Hilfe! |
|
27.04.2013, 15:26
| #4 |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich? Servus, wir können ja mal kurz einen Blick auf deinen Rechner werfen.  Schritt 1 Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop (falls noch nicht vorhanden).
Code:
ATTFilter activex
CREATERESTOREPOINT
Schritt 2 Downloade Dir bitte defogger von jpshortstuff auf Deinem Desktop.
Schritt 3 Bitte lade dir  GMER herunter: (Dateiname zufällig)
 Tauchen Probleme auf?
Bitte poste mit deiner nächsten Antwort
|
|
27.04.2013, 19:47
| #5 |
| | Trojan Generic.32.CCGO Gefährlich? hi selbst im abgesicherten modus startet mein pc neu wenn GMER am scannen ist  hier sind die anderen files Code:
ATTFilter OTL logfile created on: 27.04.2013 19:29:55 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\ 64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 80,69% Memory free 16,00 Gb Paging File | 14,28 Gb Available in Paging File | 89,25% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 146,48 Gb Total Space | 77,04 Gb Free Space | 52,59% Space Free | Partition Type: NTFS Drive D: | 258,79 Gb Total Space | 190,59 Gb Free Space | 73,65% Space Free | Partition Type: NTFS Drive E: | 265,43 Gb Total Space | 77,10 Gb Free Space | 29,05% Space Free | Partition Type: NTFS Computer Name: DARK-PC | User Name: dark | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.26 23:01:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\OTL.exe PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe PRC - [2013.03.14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe PRC - [2013.02.18 19:23:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2013.02.18 19:23:40 | 000,968,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe PRC - [2012.12.29 10:55:32 | 000,068,608 | ---- | M] (IvoSoft) -- C:\Programme\Classic Shell\ClassicShellService.exe PRC - [2012.12.11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe PRC - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe ========== Modules (No Company Name) ========== MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll MOD - [2013.04.09 10:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll MOD - [2013.02.18 19:23:40 | 001,151,152 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2013.02.18 19:23:40 | 000,156,848 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll ========== Services (SafeList) ========== SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker) SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker) SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm) SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc) SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM) SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify) SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder) SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService) SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc) SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure) SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc) SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc) SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc) SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc) SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon) SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc) SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup) SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso) SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS) SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc) SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService) SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent) SRV:64bit: - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange) SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat) SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service) SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService) SRV - [2013.03.14 23:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service) SRV - [2013.02.18 19:23:40 | 000,968,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0) SRV - [2012.12.29 10:55:32 | 000,068,608 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Programme\Classic Shell\ClassicShellService.exe -- (ClassicShellService) SRV - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws) SRV - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2008.12.27 04:55:28 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe -- (SandraAgentSrv) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI) DRV:64bit: - [2013.03.02 12:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport) DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci) DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM) DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc) DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3) DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg) DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot) DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter) DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32) DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid) DRV:64bit: - [2012.11.27 00:36:16 | 000,208,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgwfpa.sys -- (Avgwfpa) DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c) DRV:64bit: - [2012.11.16 00:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM) DRV:64bit: - [2012.10.26 05:17:44 | 000,020,912 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\avgboota.sys -- (Avgboota) DRV:64bit: - [2012.10.22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor) DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam) DRV:64bit: - [2012.10.02 04:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2012.09.21 04:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000) DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101) DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2012.09.14 04:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2012.09.04 11:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgfwd6a.sys -- (Avgfwfd) DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv) DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID) DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt) DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor) DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex) DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis) DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS) DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv) DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass) DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware) DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS) DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS) DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci) DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt) DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf) DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay) DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo) DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender) DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter) DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic) DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime) DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig) DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr) DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr) DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd) DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx) DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx) DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum) DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid) DRV:64bit: - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp) DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr) DRV:64bit: - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr) DRV:64bit: - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp) DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform) DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp) DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu) DRV:64bit: - [2012.06.02 16:31:56 | 000,589,824 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168) DRV:64bit: - [2011.07.01 11:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tap0901.sys -- (tap0901) DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\sandra.sys -- (SANDRA) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\ IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={5F309518-9942-4EAF-9462-12FC8D7BB673}&mid=1fe52ba940dd47d09ddcd16d5b34c071-1ff06a90c643aa812b62f3bc0071b03903534728&lang=de&ds=AVG&pr=fr&d=2013-01-30 17:47:26&v=14.2.0.1&pid=avg&sg=&sap=hp IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3 IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E 1E 75 38 CB E2 CD 01 [binary data] IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={5F309518-9942-4EAF-9462-12FC8D7BB673}&mid=1fe52ba940dd47d09ddcd16d5b34c071-1ff06a90c643aa812b62f3bc0071b03903534728&lang=de&ds=AVG&pr=fr&d=2013-01-30 17:47:26&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-412062012-3371450894-644002048-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.) FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.18 19:23:48 | 000,000,000 | ---D | M] ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: https://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - Extension: Google Docs = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: One Piece Theme2 = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggndmjeamglljedlcacmjipmlhbdgioi\2_0\ CHR - Extension: New Tab Redirect! = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna\2.0_0\ CHR - Extension: Google Mail = C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft) O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft) O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-412062012-3371450894-644002048-1000..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) O4 - HKU\S-1-5-21-412062012-3371450894-644002048-1000..\Run: [Steam] E:\Games\Steam\steam.exe (Valve Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB75D9-BC75-43D0-854D-290B2F72F658}: DhcpNameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{96fca61d-8177-11e2-be77-00241dd02982}\Shell - "" = AutoRun O33 - MountPoints2\{96fca61d-8177-11e2-be77-00241dd02982}\Shell\AutoRun\command - "" = "J:\CMADownloader.exe" O33 - MountPoints2\{d98f093f-4f5f-11e2-be6c-00241dd02982}\Shell - "" = AutoRun O33 - MountPoints2\{d98f093f-4f5f-11e2-be6c-00241dd02982}\Shell\AutoRun\command - "" = "I:\CMADownloader.exe" O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ACTIVEX CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2013.04.27 00:33:54 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump [2013.04.14 00:06:51 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll [2013.04.14 00:06:47 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll [2013.04.14 00:06:46 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll [2013.04.14 00:06:45 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2013.04.14 00:06:43 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll [2013.04.14 00:06:42 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll [2013.04.14 00:06:42 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll [2013.04.14 00:06:42 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll [2013.04.14 00:06:42 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll [2013.04.14 00:06:42 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys [2013.04.14 00:06:41 | 001,151,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mcmde.dll [2013.04.14 00:06:41 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll [2013.04.14 00:06:41 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll [2013.04.14 00:06:41 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll [2013.04.14 00:06:40 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll [2013.04.14 00:06:40 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll [2013.04.14 00:06:40 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll [2013.04.14 00:06:39 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2013.04.14 00:06:39 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll [2013.04.14 00:06:39 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll [2013.04.14 00:06:39 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll [2013.04.14 00:06:39 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll [2013.04.14 00:06:38 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS [2013.04.14 00:06:38 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys [2013.04.14 00:06:38 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll [2013.04.14 00:06:37 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll [2013.04.14 00:06:37 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll [2013.04.14 00:06:37 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll [2013.04.14 00:06:37 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll [2013.04.14 00:06:37 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll [2013.04.14 00:06:36 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll [2013.04.14 00:06:36 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll [2013.04.14 00:06:36 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll [2013.04.14 00:06:35 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll [2013.04.14 00:06:35 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2013.04.14 00:06:35 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll [2013.04.14 00:06:35 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll [2013.04.14 00:06:35 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll [2013.04.14 00:06:35 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe [2013.04.14 00:06:35 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll [2013.04.14 00:06:34 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll [2013.04.14 00:06:34 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS [2013.04.14 00:06:34 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys [2013.04.14 00:06:34 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys [2013.04.14 00:06:34 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys [2013.04.14 00:06:34 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys [2013.04.14 00:06:34 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll [2013.04.14 00:06:34 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys [2013.04.14 00:06:34 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys [2013.04.14 00:06:34 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe [2013.04.14 00:06:33 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll [2013.04.14 00:06:33 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl [2013.04.14 00:06:33 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl [2013.04.14 00:06:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll [2013.04.14 00:06:33 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe [2013.04.14 00:06:33 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL [2013.04.14 00:06:33 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll [2013.04.14 00:06:32 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll [2013.04.14 00:06:32 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll [2013.04.14 00:06:32 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll [2013.04.14 00:06:32 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll [2013.04.14 00:06:32 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll [2013.04.14 00:06:32 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll [2013.04.14 00:06:32 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe [2013.04.14 00:06:32 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe [2013.04.14 00:06:31 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll [2013.04.10 21:05:39 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll [2013.04.10 21:05:33 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll [2013.04.10 21:05:33 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll [2013.04.10 21:05:33 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.04.10 21:05:32 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll [2013.04.10 21:05:31 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll [2013.04.10 21:05:31 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.04.10 21:05:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.04.10 21:05:31 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe [2013.04.10 21:05:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.04.10 18:36:21 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe [2013.04.10 17:23:03 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll [2013.04.10 17:23:03 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2013.04.02 17:14:30 | 000,000,000 | ---D | C] -- C:\Users\dark\AppData\Roaming\Zeal Game Studio [2013.04.02 00:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Codemasters [2013.04.02 00:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound [2013.04.02 00:32:21 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\WINDOWS\SysWow64\mkl_blueripple.dll [2013.04.02 00:32:21 | 001,306,624 | ---- | C] (Blue Ripple Sound Limited) -- C:\WINDOWS\SysWow64\rapture3d_oal.dll [2013.04.02 00:32:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BRS [2013.04.01 13:58:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HideIPVPN [2013.03.29 11:53:32 | 026,956,576 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll [2013.03.29 11:53:32 | 020,542,752 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll [2013.03.29 11:53:32 | 013,088,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll [2013.03.29 11:53:32 | 007,573,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll [2013.03.29 11:53:32 | 006,271,872 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll [2013.03.29 11:53:32 | 001,807,136 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6431422.dll [2013.03.29 11:53:32 | 001,510,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6431422.dll [2013.03.29 11:53:31 | 025,256,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll [2013.03.29 11:53:31 | 017,990,800 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll [2013.03.29 11:53:31 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll [2013.03.29 11:53:31 | 009,414,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll [2013.03.29 11:53:31 | 007,959,000 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll [2013.03.29 11:53:31 | 002,913,056 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll [2013.03.29 11:53:31 | 002,728,736 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll [2013.03.29 11:53:31 | 002,355,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll [2013.03.29 11:53:31 | 001,995,552 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.27 19:18:37 | 000,001,118 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.27 19:17:23 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.27 13:03:00 | 000,001,122 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.27 00:38:32 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI [2013.04.27 00:38:32 | 000,751,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat [2013.04.27 00:38:32 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat [2013.04.27 00:38:32 | 000,155,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat [2013.04.27 00:38:32 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat [2013.04.27 00:33:48 | 719,718,680 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2013.04.27 00:33:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.04.27 00:33:48 | 2575,712,255 | -HS- | M] () -- C:\hiberfil.sys [2013.04.26 23:22:45 | 000,290,496 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.04.26 23:01:22 | 000,000,000 | ---- | M] () -- C:\Users\dark\defogger_reenable [2013.04.16 21:03:20 | 000,000,017 | ---- | M] () -- C:\Users\dark\AppData\Local\resmon.resmoncfg [2013.04.03 00:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.04.03 00:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2013.04.02 00:32:16 | 000,466,456 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysNative\wrap_oal.dll [2013.04.02 00:32:15 | 000,444,952 | ---- | M] (Creative Labs) -- C:\WINDOWS\SysWow64\wrap_oal.dll [2013.04.02 00:32:15 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysNative\OpenAL32.dll [2013.04.02 00:32:15 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\WINDOWS\SysWow64\OpenAL32.dll [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.27 00:33:48 | 719,718,680 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP [2013.04.26 23:22:35 | 000,290,496 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT [2013.04.26 23:01:22 | 000,000,000 | ---- | C] () -- C:\Users\dark\defogger_reenable [2013.04.16 21:03:20 | 000,000,017 | ---- | C] () -- C:\Users\dark\AppData\Local\resmon.resmoncfg [2013.04.14 00:06:31 | 000,387,867 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml [2013.01.11 15:02:22 | 000,015,873 | ---- | C] () -- C:\WINDOWS\SysWow64\Inetde.dll [2013.01.11 10:16:12 | 000,197,912 | ---- | C] () -- C:\WINDOWS\SysWow64\physxcudart_20.dll [2013.01.09 01:09:25 | 013,131,776 | ---- | C] () -- C:\Users\dark\AppData\Roaming\Sandra.mdb [2012.12.30 22:28:41 | 000,204,154 | ---- | C] () -- C:\WINDOWS\hpoins28.dat [2012.12.30 22:28:41 | 000,000,584 | ---- | C] () -- C:\WINDOWS\hpomdl28.dat [2012.12.25 22:17:10 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2013.01.02 22:14:40 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 27.04.2013 19:29:55 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,45 Gb Available Physical Memory | 80,69% Memory free
16,00 Gb Paging File | 14,28 Gb Available in Paging File | 89,25% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 77,04 Gb Free Space | 52,59% Space Free | Partition Type: NTFS
Drive D: | 258,79 Gb Total Space | 190,59 Gb Free Space | 73,65% Space Free | Partition Type: NTFS
Drive E: | 265,43 Gb Total Space | 77,10 Gb Free Space | 29,05% Space Free | Partition Type: NTFS
Computer Name: DARK-PC | User Name: dark | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
.reg [@ = regfile] -- regedit.exe "%1"
[HKEY_USERS\S-1-5-21-412062012-3371450894-644002048-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [open] -- regedit.exe "%1"
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V"
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05879DF9-A64A-43EE-ADBF-ABBD6BBF7A2A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0B4831FE-92BD-49D0-93F0-44C966B2F202}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{0B54734B-7CD6-4CA1-BC0F-CFD74233AE2E}" = rport=10243 | protocol=6 | dir=out | app=system |
"{1001D7F9-2E70-47D1-8235-672DC2FD3A54}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{1D1301A7-080E-4430-8BBC-702606371B61}" = lport=445 | protocol=6 | dir=in | app=system |
"{26C8168F-4AC6-4E81-A625-974511BA6D63}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{27C1642A-DDFF-4ED6-9E4B-A029559853BE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2919AB06-27C0-45F7-B375-6CAB9A2BDCDF}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{29F7C959-3957-4342-8A1A-41D0429231B4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{2E3736C8-8E8A-4BAA-AEEB-393B07BD9AF9}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{314E714B-78D2-41F9-93A8-2DBACA1BAECD}" = rport=138 | protocol=17 | dir=out | app=system |
"{34AFA95C-F0F8-4762-A5F8-671440C9B919}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{369772DC-EB26-47E6-ACC0-58B1A463DD07}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{39B64C1E-EF83-45F5-BE92-57A9B7A0D3A3}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{43875428-9540-492F-8858-6A775D8D4E20}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4B5E10E2-1405-4E57-B9D0-60FC3B6CD290}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4DB74AE0-E55E-480D-B5B4-029DFDD3EB48}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{4F855B00-ECF7-44FE-ADDD-860D75993B76}" = rport=137 | protocol=17 | dir=out | app=system |
"{50657FA9-5C9A-4A26-9F4C-857B7AD0405B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{51458DDE-AA26-4860-8085-0511BAC85E04}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{56C15E6A-5153-48C5-878F-90C2FB3E550D}" = rport=139 | protocol=6 | dir=out | app=system |
"{5ABF6C48-4676-4157-B11E-1B973A1285BB}" = rport=445 | protocol=6 | dir=out | app=system |
"{5B2A6852-8625-4043-9DB5-8C0D50744ABD}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp1\rpcagentsrv.exe |
"{5FAE2EF0-DCB6-40A1-BC5C-7EB63913BED2}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{6005BC74-C85A-4263-AE6E-A8337E7CA05A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{60C56A0A-8D0D-4992-BCC4-BE224E31D9BB}" = lport=138 | protocol=17 | dir=in | app=system |
"{6C1BBD5F-3711-4683-96F1-2320D8B94854}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7674A5A8-FFCD-4511-B807-E5A8E91F5BA4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7709D004-63F0-42EE-83E4-85BDA33EF472}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{78DF92A4-E544-4C81-8407-BE6E66EF10DF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C6731D3-C3EB-40CA-A62B-30DE6CFC88D8}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{7E1A1E7B-6AC7-4DD7-8776-14C096F5AFD6}" = lport=137 | protocol=17 | dir=in | app=system |
"{80490B46-C4F3-4385-87EB-8F48E9619A11}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{811B7712-EF9A-4EF4-9DBF-F164B5992090}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{850B99DD-2372-4D0A-8322-12B928E9C67B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8930A487-2132-4461-9F0A-6693703FA484}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8A4DFF0A-7A8A-4B7E-A841-C0C1FAD23808}" = lport=139 | protocol=6 | dir=in | app=system |
"{8C24B8C9-6BC5-4C8F-843C-67D068685B0D}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{8DF8E31D-0ED3-4344-9DCC-9C90543A94FE}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{900077AC-997E-47DB-BEE6-FE96F3755FD8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{91F58C1D-0E07-4510-9579-F5B8BEB4AC98}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9D99D511-9A05-49B1-BE96-6DDDF609EF32}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AF040F0C-DC65-4CA2-9630-1D3379CFE30B}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{AFDE8176-EFB7-4F10-AF4F-A0B454B724C5}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{B62DC570-E3DA-4687-8199-3490FBE44B45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C05A270F-4C8D-4626-9324-B2D58A294533}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C20A691C-4774-4E4B-B474-B7D80FB3DDA1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C4A6E9FE-14BC-474E-B38E-86754F173553}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C4D2E709-EC54-4C5F-B931-80E019FC2307}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C71660E1-6D1F-4ADE-97A7-4CBAB6DDC149}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{C8C83B7D-F39C-4498-8D27-25EA48342B50}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C990528C-0916-4F4A-82F2-B04DF72B7D5E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D286363C-7ACC-4572-B14D-E7E02D31D2C6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D4B2E897-762E-4FD4-8092-8D0C63017290}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{D5B9C98B-35BE-467E-B903-0960C867F440}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DC11997B-86E8-42B4-B2D1-0B7871634759}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E7212302-D318-4681-A188-46AA6FF493F1}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E784BF5E-22E4-4E52-969D-D0E4F76A87A4}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{E9978137-0281-498E-976B-4C453F4FCA3C}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EAC04FA8-CDA6-4CC3-BFB5-58D6A3598F8E}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{EB586D47-0F37-45F9-8C22-69C2F2080F48}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE80F5BF-1771-43FB-9507-B58FC6C44B99}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp1\wnt500x64\rpcsandrasrv.exe |
"{F5FF16CD-C708-46A8-BB36-5BA770A8545A}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01EED615-6E3A-4142-A013-AC2B859B3437}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dirt showdown\showdown.exe |
"{0242A155-71D5-4440-AAE7-203A7B284A61}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{02AA7E21-6C40-43DF-86E7-CFAD619EBE9F}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\obulis\obulis_steam.exe |
"{02E7E4AF-FB99-4C66-8EAA-4063C0005B6F}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{02EF1314-FDC3-4C7D-996C-6665BFD3AA8A}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0649DF62-1F91-40DE-A251-33A0D286DE32}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy_kain_defiance\defiance.exe |
"{07787231-5547-4FBF-8034-562A092C82F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{0848EB06-8659-409F-BC03-697281C61324}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{08755D7F-7247-41BE-AD1D-0B46F9EA2988}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{08C95D18-2DF8-45B9-84A8-4B246AF35276}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0911F109-E612-4931-9368-F700021C1D33}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{09FE4E65-D7B3-45D2-8E94-85355BE7634B}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword 2\brokensword2.exe |
"{0A8F589B-FCE1-4E12-B104-4C5E258EDFE5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{0B42F019-697F-4D34-B74C-DD073445FAF0}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver\kain2.exe |
"{0F699860-E7C1-42B0-ACA3-A0039A983A29}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{11392134-D6C7-4DF4-96A6-44BBEB553670}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{1471B14F-C022-4000-9AC6-33231E72CCE2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1527037C-7E6A-46A1-A3A9-8DDD72A53BCD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword 3\bstsd.exe |
"{19C0199E-07DE-4754-A03A-660258790E08}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe |
"{1BEC744D-C351-4ECF-A13C-F6BB262E6FA7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe |
"{1D1799BA-DD68-44C9-9424-4250FA8AF421}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\obulis\obulis_steam.exe |
"{1FF8B8B3-376F-4B9D-87CB-DABBAA76974E}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{206281A0-D6B6-44B6-AED9-69D3D2CE0A0E}" = dir=in | app=e:\games\aliens colonial marines\binaries\win32\acm.exe |
"{24427341-9BFA-4DCB-A280-14B5DC237147}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{36419C2D-F0E5-40FE-AD00-BEAD360C6029}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{37A4DC29-FE68-495C-A737-B6620988BDB5}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{398D5B5A-0CA7-4100-A3E5-2A916943D143}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword shadow of the templars\bs1dc.exe |
"{3C751295-7E2B-4C8D-ADCB-92C656104AD5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{41DCF90D-BE71-4032-A5A2-DA91A45C1C89}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{46F083B1-3CC9-4804-B946-D44AA9E23C9A}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{4CE65A3A-528F-4D90-A428-BD359B87AD90}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hotline_miami\hotlinemiami.exe |
"{4F42FDF9-E187-4718-8408-E6CA55398316}" = dir=out | name=@{microsoft.bingnews_1.7.0.31_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{4F5E0D7E-0A2B-4713-89CD-9BD65B08DB40}" = dir=out | name=@{microsoft.bingfinance_1.7.0.29_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{4FB636FF-B2D7-4E8E-898C-39D41D416DB7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{508C5AD8-5734-4965-85E6-90FC7A5C923C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{51A3AB47-D80E-4E8A-BE96-900F0A588073}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dirt showdown\showdown.exe |
"{52434B39-2A97-48F9-AA6B-9C993EA72311}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{53FD1274-797B-453F-9478-2D40ABC673B7}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy_kain_defiance\defiance.exe |
"{55272F96-904C-421D-8A66-9BA498C08003}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{560F99ED-1D45-478F-B6AA-C8584F38C7DE}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{57442398-C694-4CBA-87D3-DC4B41923243}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{5A18A35D-649B-4442-9FFA-EA6FE74565E4}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{5A2DC7E8-DE2D-4186-B8AE-7D70018DF6B8}" = dir=in | app=d:\dead space 3 limited edition cracked multi -sc\deadspace3.exe |
"{5CCAFFAF-41A9-40A2-9309-9613BAADF2FC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{61B99864-EEE0-49F7-A7F2-4CE3A9EFC7CD}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{64ADCCAA-60AF-4BFA-9656-EBAD0EF23C48}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\darksiders 2\darksiders2.exe |
"{66131969-1A21-4654-87D5-25CC34B46BAD}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{664462E7-074B-4DE9-8F03-0F4A585DFA42}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{6C1982FE-A4BC-4D1B-9597-3186D9E99208}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{6CE97925-9012-4945-A1CF-82C0802449F0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6DF3B82B-4AE8-4EE8-8D85-22616C6B1861}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\broken sword 2\brokensword2.exe |
"{6FB484E4-A701-4EC8-BFAC-75B51CE45985}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6FB628C7-4E8D-4988-B473-941F5DE8CA63}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{70E6EF96-A1DE-4998-B47E-384A8EE3DD78}" = protocol=17 | dir=in | app=e:\games\steam\steam.exe |
"{773FADBC-8AA9-447D-A654-225A6DC11760}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77C4F5FD-150C-4AD4-B924-64FC93DE9149}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\syberia\game.exe |
"{799D29BB-4443-402E-ABCA-62FDB96EFB5E}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{7BAC34BC-3C4F-413D-B7AC-B938A669DF00}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\dungeon siege iii\dungeon siege iii.exe |
"{7BD71061-8E77-45A3-A6E5-CD9E33AA34BC}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{7D4BB418-6F96-4728-8F0D-E74606E7B76B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8192DD4D-7CC4-458D-8D20-4E537ADB6178}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{850371DD-B193-45CE-B928-AABB64F26537}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8510D509-D579-4DA4-BA9D-9BCD49F2EA51}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{8522140C-E3F4-4A47-AAF9-E9D22F9BD2BF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8747D911-DCF4-467D-97D8-77547C341155}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver\kain2.exe |
"{87E88AC2-90CA-4188-884B-FAA3B91C9F6B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\syberia 2\game.exe |
"{884A7B90-4FFD-4BA2-BFE0-95B24B902009}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver 2\sr2.exe |
"{8B831EDE-92F8-451E-B37B-22A2459830D8}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{8BA63F91-484D-4F9D-9BDA-F0B3A95433EF}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{90A9D207-E9F5-47C0-9741-F7D4273D2D12}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{92B9489D-647E-4F85-A8BC-46AF3C973B11}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\bioshockinfinite.exe |
"{93297F35-565D-4606-8982-4B1B271E793B}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{9837027A-DC82-494D-8E62-D242F9B12908}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{98862D39-8A78-4723-9DA2-53B541CB06AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{9B05068E-104D-4DE7-9CD5-0B98A8F87AF3}" = protocol=6 | dir=out | app=system |
"{9C8D0AC9-CB70-4104-9E6E-D3227A8E88B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9CEB6E2D-6BC6-40E2-AC62-82A950622F4C}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{9E3BB7F8-04F7-4A4D-846C-68D9A212E1CE}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bioshock infinite\binaries\win32\benchmark.bat |
"{9F776C2B-1384-4783-B666-B463F63056C9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{9F85F676-1031-4335-A6FB-FC25C53C8FAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{A026AF2C-D327-458D-9D16-95DE7BD461DC}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\syberia\game.exe |
"{A1F82C01-7AD0-4D77-8FAF-2BB7CBF22A30}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A4D709B7-3C2A-48FF-AAEB-980E580911C1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{A65C3AF2-30A7-40F8-A3A0-5482841CD986}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{A7FC2B55-3A6C-4D92-87AC-70E40154B533}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\bastion\bastion.exe |
"{A89CEC9E-A3BB-43E6-BCBE-A3838943B898}" = dir=out | app=e:\games\aliens colonial marines\binaries\win32\acm.exe |
"{A955C6B2-DD65-4F6C-B31C-C3A05818A527}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB8C7966-17C9-4B90-9380-7C167A08F7BA}" = protocol=6 | dir=in | app=e:\games\steam\steam.exe |
"{ADB8D8E0-16D4-46D9-B2D8-1CFE1637DA35}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\bastion\bastion.exe |
"{AF02D12B-BF32-4698-8923-96E48107BCA0}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{B3E64866-308D-40D1-AB60-D418117D6E6D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{B68A5CCB-DBFD-4C31-AA19-392F940BB344}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\gemini rue\reslists\gemini rue.exe |
"{B741CC1D-19BF-44E9-BBC5-5B8E6E519809}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{BD8002EF-EB45-490F-92BA-06E78F59B736}" = dir=out | app=d:\dead space 3 limited edition cracked multi -sc\deadspace3.exe |
"{BEEAC3C6-F9E3-4D12-A643-E271AF776AB6}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BFDD9C4C-C6A5-43D3-9CE5-FE25DCCFB0E4}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{C5A6B742-9BF7-4581-8305-6F628AF55640}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{C60E94D8-1486-4578-B259-315FA76EA53A}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\broken sword 3\bstsd.exe |
"{C6DC1755-CE4F-4ACB-8001-2BE971D0ED46}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C98487D8-227C-4937-9D51-D633AC7F74B2}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\legacy of kain soul reaver 2\sr2.exe |
"{CC3B62F7-8CF0-4827-8DE5-70BAD097613B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CE6A0F2F-9D7C-4C96-B442-8CA0B6044A07}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{CE7CE979-7A9D-492E-9762-31640E248831}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFCED5EC-56D9-41C2-A0D6-54C3428C7850}" = dir=out | name=microsoft solitaire collection |
"{D02D6750-3B91-437E-BCB1-64EC980D4F2B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D0C381D6-943A-49BB-9782-522086E6FCA9}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\red faction guerrilla\rfg_launcher.exe |
"{D45F8B8C-79ED-411E-BD96-7A60013C65ED}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{D4C01400-D761-4709-ADF7-8C644D91AC02}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\hunted\binaries\win32\hunted.exe |
"{D564323A-86A3-45E0-9E45-11A6D14C19A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{D7E35302-DFEB-4E22-A69C-15D75217D426}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{D8BC9C61-1816-42B6-AA68-E3345C3957EF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DE545514-39F8-40BE-842D-1B3EFA55510D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{DF30FB73-4021-49E9-89BF-6BBA81D61AE6}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{E1896871-F32C-4DB0-A27D-3F711ED4C566}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{E1D3A9FB-919C-4993-80F4-3A6B938C1C25}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{E29AC9BB-7E1B-43C6-8892-CE3EA1D31C75}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\syberia 2\game.exe |
"{E3D09B75-89AA-4968-A7CE-EE374D5AE96A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E53E5FDF-489D-49DD-8A8A-69683E139DED}" = protocol=17 | dir=in | app=e:\games\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe |
"{E541A26D-F0B9-4BBD-9A96-A67E61449EBF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7EC451B-C6EE-4946-BF5D-1533507255EC}" = protocol=6 | dir=in | app=e:\games\steam\steamapps\common\metro 2033\metro2033.exe |
"{EBCD2E76-7300-4F28-B01B-0F15A77A92B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EC5F0710-A5AC-4F28-ADA3-E4E5C04B793F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EF35C19D-FC14-40CA-B395-91BD21073618}" = dir=out | name=google search |
"{F8924637-CF88-455F-90FE-A8F512E8462F}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8C925017-72A8-4C4A-AF21-84901E26638F}" = HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6047A78-062F-4C6F-A82D-B94DAF72FB73}" = Microsoft Games for Windows 8 x64
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP1
"{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}" = Classic Shell
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Shop for HP Supplies" = Shop for HP Supplies
"VLC media player" = VLC media player 2.0.5
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.114.08260
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{5454085C-129F-416C-9C0B-8B1000058301}" = BioShock 2
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C86E1E36-6D30-4834-9C85-5501F31F7BB4}" = F4200
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CFA33E6D-2D7D-4785-8025-974398E940D1}" = DJ_AIO_03_F4200_Software_Min
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.11 Game
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{E500DF84-3A0A-4989-93C2-D33B935008C1}" = Inhaltsmanager-Assistent für PlayStation(R)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"5513-1208-7298-9440" = JDownloader 0.9
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AVG Secure Search" = AVG Security Toolbar
"Biet-O-Matic v2.14.10" = Biet-O-Matic v2.14.10
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Origin" = Origin
"Steam App 107100" = Bastion
"Steam App 11330" = Obulis
"Steam App 201700" = DiRT Showdown
"Steam App 20500" = Red Faction: Guerrilla
"Steam App 219150" = Hotline Miami
"Steam App 224300" = Legacy of Kain: Defiance
"Steam App 22450" = Hunted: The Demon's Forge
"Steam App 224920" = Legacy of Kain: Soul Reaver
"Steam App 224940" = Legacy of Kain: Soul Reaver 2
"Steam App 33600" = Broken Sword II: The Smoking Mirror
"Steam App 33610" = Broken Sword III: The Sleeping Dragon
"Steam App 39160" = Dungeon Siege III
"Steam App 43110" = Metro 2033
"Steam App 46500" = Syberia
"Steam App 46510" = Syberia 2
"Steam App 49520" = Borderlands 2
"Steam App 50650" = Darksiders II
"Steam App 57640" = Broken Sword: Shadow of the Templars - Director's Cut
"Steam App 80310" = Gemini Rue
"Steam App 8870" = BioShock Infinite
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.04.2013 14:55:45 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e5cdbd5-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 14:55:46 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e73bfef-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 16.04.2013 14:55:46 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: bgm.dll, Version: 2.0.4.8,
Zeitstempel: 0x450a2d55 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00005250 ID des fehlerhaften
Prozesses: 0x4a8 Startzeit der fehlerhaften Anwendung: 0x01ce3ad3d86515c0 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: E:\Games\Steam\steamapps\common\hotline_miami\bgm.dll Berichtskennung:
3e88cf41-a6c7-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 17.04.2013 15:20:48 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: HotlineMiami.exe, Version: 1.0.0.0,
Zeitstempel: 0x2a425e19 Name des fehlerhaften Moduls: dmsynth.dll, Version: 6.2.9200.16384,
Zeitstempel: 0x5010a507 Ausnahmecode: 0xc000001d Fehleroffset: 0x00012886 ID des fehlerhaften
Prozesses: 0x15e4 Startzeit der fehlerhaften Anwendung: 0x01ce3b9877315311 Pfad der
fehlerhaften Anwendung: E:\Games\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
Pfad
des fehlerhaften Moduls: C:\WINDOWS\System32\dmsynth.dll Berichtskennung: e83fa589-a793-11e2-be7d-00241dd02982
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
Error - 17.04.2013 15:20:48 | Computer Name = dark-PC | Source = Application Error | ID = 1005
Description = Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen
werden: Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der
gespeicherten Datei bzw. den auf dem Computer installierten Speichertreibern, oder
der Datenträger fehlt. Das Programm HotlineMiami.exe wurde wegen dieses Fehlers
geschlossen. Programm: HotlineMiami.exe Datei: Der Fehlerwert ist im Abschnitt "Zusätzliche
Dateien" aufgelistet. Benutzeraktion 1. Öffnen Sie die Datei erneut. Diese Situation
ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das
Programm erneut ausgeführt wird. 2. Wenn Sie weiterhin nicht auf die Datei zugreifen
können und - diese sich im Netzwerk befindet, dann sollte der Netzwerkadministrator
überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem
Server hergestellt werden kann. - diese sich auf einem Wechseldatenträger, wie z.
B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig
in den Computer eingelegt ist. 3. Überprüfen und reparieren Sie das Dateisystem,
indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben
Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK
/F ein, und drücken Sie die EINGABETASTE. 4. Stellen Sie die Datei von einer Sicherungskopie
wieder her, wenn das Problem weiterhin besteht. 5. Überprüfen Sie, ob andere Dateien
auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist,
ist der Datenträger eventuell beschädigt. Wenden Sie sich an den Administrator
oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten,
wenn es sich um eine Festplatte handelt. Zusätzliche Daten Fehlerwert: 00000000 Datenträgertyp:
0
Error - 25.04.2013 16:10:46 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 25.04.2013 16:18:18 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 25.04.2013 16:18:54 | Computer Name = dark-PC | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“
wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error - 26.04.2013 09:58:35 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: MsMpEng.exe, Version: 4.2.223.0,
Zeitstempel: 0x51023a8b Name des fehlerhaften Moduls: mpengine.dll, Version: 1.1.9402.0,
Zeitstempel: 0x5164e0d4 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000008929a
ID
des fehlerhaften Prozesses: 0x13bc Startzeit der fehlerhaften Anwendung: 0x01ce38889b039aba
Pfad
der fehlerhaften Anwendung: C:\Program Files\Windows Defender\MsMpEng.exe Pfad des
fehlerhaften Moduls: C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C6943D80-31F9-4D41-8665-FAD82C1D6C76}\mpengine.dll
Berichtskennung:
629016eb-ae79-11e2-be7d-00241dd02982 Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error - 26.04.2013 17:15:44 | Computer Name = dark-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: OTL.exe, Version: 3.2.69.0, Zeitstempel:
0x2a425e19 Name des fehlerhaften Moduls: OTL.exe, Version: 3.2.69.0, Zeitstempel:
0x2a425e19 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00012c42 ID des fehlerhaften Prozesses:
0x1ea4 Startzeit der fehlerhaften Anwendung: 0x01ce42c199140329 Pfad der fehlerhaften
Anwendung: D:\OTL.exe Pfad des fehlerhaften Moduls: D:\OTL.exe Berichtskennung: 746f5f46-aeb6-11e2-be7d-00241dd02982
Vollständiger
Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket
ist:
[ System Events ]
Error - 26.04.2013 17:18:49 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 26.04.2013 17:23:00 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 26.04.2013 17:23:03 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 26.04.2013 18:33:56 | Computer Name = dark-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?27.?04.?2013 um 00:02:51 unerwartet heruntergefahren.
Error - 26.04.2013 18:34:04 | Computer Name = DARK-PC | Source = BugCheck | ID = 1001
Description =
Error - 26.04.2013 18:34:07 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 26.04.2013 18:34:09 | Computer Name = dark-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 26.04.2013 20:19:54 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 27.04.2013 03:49:00 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
Error - 27.04.2013 07:45:00 | Computer Name = dark-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:41 on 27/04/2013 (dark)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
|
|
28.04.2013, 19:55
| #6 | |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich? Servus, Zitat:
Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
28.04.2013, 23:34
| #7 |
| | Trojan Generic.32.CCGO Gefährlich? hallo und vielen dank nochmal für die mühe. also als aswMBR am scannen war hatte mein pc ein frezze. ich musste neu starten weil garnichts mehr ging! nach dem neutstart mit der einstellung av scan (none) gabs ein fehler und das programm wurde beendet, habs 2 mal versucht. hier die daten von tdsskiller Code:
ATTFilter 00:22:01.0450 3900 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:22:01.0982 3900 ============================================================
00:22:01.0982 3900 Current date / time: 2013/04/29 00:22:01.0982
00:22:01.0982 3900 SystemInfo:
00:22:01.0982 3900
00:22:01.0982 3900 OS Version: 6.2.9200 ServicePack: 0.0
00:22:01.0982 3900 Product type: Workstation
00:22:01.0982 3900 ComputerName: DARK-PC
00:22:01.0982 3900 UserName: dark
00:22:01.0982 3900 Windows directory: C:\WINDOWS
00:22:01.0982 3900 System windows directory: C:\WINDOWS
00:22:01.0983 3900 Running under WOW64
00:22:01.0983 3900 Processor architecture: Intel x64
00:22:01.0983 3900 Number of processors: 4
00:22:01.0983 3900 Page size: 0x1000
00:22:01.0983 3900 Boot type: Normal boot
00:22:01.0983 3900 ============================================================
00:22:02.0410 3900 Drive \Device\Harddisk0\DR0 - Size: 0xA7ACF60000 (670.70 Gb), SectorSize: 0x200, Cylinders: 0x15602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:22:02.0414 3900 ============================================================
00:22:02.0414 3900 \Device\Harddisk0\DR0:
00:22:02.0414 3900 MBR partitions:
00:22:02.0414 3900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
00:22:02.0414 3900 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x20594000
00:22:02.0414 3900 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x32A8C800, BlocksNum 0x212DA800
00:22:02.0414 3900 ============================================================
00:22:02.0433 3900 C: <-> \Device\Harddisk0\DR0\Partition1
00:22:02.0487 3900 D: <-> \Device\Harddisk0\DR0\Partition2
00:22:02.0517 3900 E: <-> \Device\Harddisk0\DR0\Partition3
00:22:02.0517 3900 ============================================================
00:22:02.0518 3900 Initialize success
00:22:02.0518 3900 ============================================================
00:22:53.0098 2184 ============================================================
00:22:53.0098 2184 Scan started
00:22:53.0098 2184 Mode: Manual; SigCheck; TDLFS;
00:22:53.0098 2184 ============================================================
00:22:53.0386 2184 ================ Scan system memory ========================
00:22:53.0386 2184 System memory - ok
00:22:53.0386 2184 ================ Scan services =============================
00:22:53.0532 2184 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
00:22:53.0634 2184 1394ohci - ok
00:22:53.0651 2184 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
00:22:53.0665 2184 3ware - ok
00:22:53.0695 2184 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
00:22:53.0719 2184 ACPI - ok
00:22:53.0740 2184 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
00:22:53.0759 2184 acpiex - ok
00:22:53.0784 2184 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
00:22:53.0813 2184 acpipagr - ok
00:22:53.0835 2184 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
00:22:53.0878 2184 AcpiPmi - ok
00:22:53.0901 2184 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
00:22:53.0914 2184 acpitime - ok
00:22:53.0952 2184 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
00:22:53.0985 2184 adp94xx - ok
00:22:54.0010 2184 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
00:22:54.0031 2184 adpahci - ok
00:22:54.0064 2184 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
00:22:54.0097 2184 adpu320 - ok
00:22:54.0127 2184 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
00:22:54.0175 2184 AeLookupSvc - ok
00:22:54.0209 2184 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
00:22:54.0314 2184 AFD - ok
00:22:54.0339 2184 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
00:22:54.0358 2184 agp440 - ok
00:22:54.0386 2184 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
00:22:54.0415 2184 ALG - ok
00:22:54.0440 2184 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
00:22:54.0480 2184 AllUserInstallAgent - ok
00:22:54.0504 2184 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
00:22:54.0565 2184 AmdK8 - ok
00:22:54.0589 2184 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
00:22:54.0611 2184 AmdPPM - ok
00:22:54.0639 2184 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
00:22:54.0651 2184 amdsata - ok
00:22:54.0676 2184 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
00:22:54.0694 2184 amdsbs - ok
00:22:54.0709 2184 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
00:22:54.0721 2184 amdxata - ok
00:22:54.0740 2184 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
00:22:54.0766 2184 AppID - ok
00:22:54.0793 2184 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
00:22:54.0821 2184 AppIDSvc - ok
00:22:54.0845 2184 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
00:22:54.0877 2184 Appinfo - ok
00:22:54.0906 2184 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:22:54.0956 2184 AppMgmt - ok
00:22:54.0988 2184 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
00:22:55.0001 2184 arc - ok
00:22:55.0015 2184 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
00:22:55.0028 2184 arcsas - ok
00:22:55.0051 2184 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:22:55.0075 2184 AsyncMac - ok
00:22:55.0092 2184 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
00:22:55.0104 2184 atapi - ok
00:22:55.0134 2184 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
00:22:55.0165 2184 AudioEndpointBuilder - ok
00:22:55.0206 2184 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
00:22:55.0237 2184 Audiosrv - ok
00:22:55.0287 2184 [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys
00:22:55.0299 2184 Avgboota - ok
00:22:55.0317 2184 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys
00:22:55.0328 2184 Avgfwfd - ok
00:22:55.0444 2184 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
00:22:55.0491 2184 avgfws - ok
00:22:55.0633 2184 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
00:22:55.0715 2184 AVGIDSAgent - ok
00:22:55.0743 2184 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
00:22:55.0754 2184 AVGIDSDriver - ok
00:22:55.0764 2184 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys
00:22:55.0773 2184 AVGIDSHA - ok
00:22:55.0799 2184 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys
00:22:55.0810 2184 Avgldx64 - ok
00:22:55.0826 2184 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys
00:22:55.0838 2184 Avgloga - ok
00:22:55.0868 2184 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
00:22:55.0877 2184 Avgmfx64 - ok
00:22:55.0887 2184 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
00:22:55.0896 2184 Avgrkx64 - ok
00:22:55.0914 2184 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
00:22:55.0925 2184 avgwd - ok
00:22:55.0956 2184 [ 64A0A811F096834E8B85AB5009609D10 ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
00:22:55.0968 2184 Avgwfpa - ok
00:22:55.0999 2184 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
00:22:56.0059 2184 AxInstSV - ok
00:22:56.0096 2184 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
00:22:56.0141 2184 b06bdrv - ok
00:22:56.0164 2184 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
00:22:56.0181 2184 BasicDisplay - ok
00:22:56.0193 2184 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
00:22:56.0211 2184 BasicRender - ok
00:22:56.0239 2184 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
00:22:56.0287 2184 BDESVC - ok
00:22:56.0309 2184 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:22:56.0372 2184 Beep - ok
00:22:56.0421 2184 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
00:22:56.0500 2184 BFE - ok
00:22:56.0540 2184 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
00:22:56.0599 2184 BITS - ok
00:22:56.0615 2184 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
00:22:56.0668 2184 bowser - ok
00:22:56.0693 2184 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
00:22:56.0738 2184 BrokerInfrastructure - ok
00:22:56.0770 2184 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
00:22:56.0799 2184 Browser - ok
00:22:56.0825 2184 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
00:22:56.0856 2184 BthAvrcpTg - ok
00:22:56.0879 2184 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
00:22:56.0982 2184 BthHFEnum - ok
00:22:57.0011 2184 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
00:22:57.0052 2184 bthhfhid - ok
00:22:57.0079 2184 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
00:22:57.0102 2184 BTHMODEM - ok
00:22:57.0124 2184 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
00:22:57.0146 2184 bthserv - ok
00:22:57.0196 2184 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
00:22:57.0244 2184 cdfs - ok
00:22:57.0272 2184 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
00:22:57.0325 2184 cdrom - ok
00:22:57.0354 2184 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
00:22:57.0400 2184 CertPropSvc - ok
00:22:57.0426 2184 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
00:22:57.0449 2184 circlass - ok
00:22:57.0503 2184 [ 93C7703442C7CBD4053FC7DE07D9C896 ] ClassicShellService C:\Program Files\Classic Shell\ClassicShellService.exe
00:22:57.0508 2184 ClassicShellService ( UnsignedFile.Multi.Generic ) - warning
00:22:57.0508 2184 ClassicShellService - detected UnsignedFile.Multi.Generic (1)
00:22:57.0541 2184 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
00:22:57.0567 2184 CLFS - ok
00:22:57.0600 2184 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
00:22:57.0627 2184 CmBatt - ok
00:22:57.0666 2184 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
00:22:57.0701 2184 CNG - ok
00:22:57.0727 2184 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
00:22:57.0758 2184 CompositeBus - ok
00:22:57.0763 2184 COMSysApp - ok
00:22:57.0782 2184 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
00:22:57.0835 2184 condrv - ok
00:22:57.0862 2184 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
00:22:57.0891 2184 CryptSvc - ok
00:22:57.0932 2184 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
00:22:57.0992 2184 CSC - ok
00:22:58.0029 2184 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
00:22:58.0107 2184 CscService - ok
00:22:58.0130 2184 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
00:22:58.0143 2184 dam - ok
00:22:58.0183 2184 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:22:58.0232 2184 DcomLaunch - ok
00:22:58.0258 2184 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
00:22:58.0300 2184 defragsvc - ok
00:22:58.0332 2184 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
00:22:58.0355 2184 DeviceAssociationService - ok
00:22:58.0378 2184 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
00:22:58.0392 2184 DeviceInstall - ok
00:22:58.0414 2184 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
00:22:58.0436 2184 Dfsc - ok
00:22:58.0464 2184 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
00:22:58.0480 2184 Dhcp - ok
00:22:58.0506 2184 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
00:22:58.0524 2184 discache - ok
00:22:58.0544 2184 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
00:22:58.0557 2184 disk - ok
00:22:58.0583 2184 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
00:22:58.0630 2184 dmvsc - ok
00:22:58.0657 2184 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:22:58.0718 2184 Dnscache - ok
00:22:58.0745 2184 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
00:22:58.0792 2184 dot3svc - ok
00:22:58.0819 2184 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
00:22:58.0829 2184 dot4 - ok
00:22:58.0840 2184 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
00:22:58.0848 2184 Dot4Print - ok
00:22:58.0866 2184 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
00:22:58.0874 2184 dot4usb - ok
00:22:58.0922 2184 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
00:22:58.0964 2184 DPS - ok
00:22:58.0989 2184 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:22:59.0032 2184 drmkaud - ok
00:22:59.0062 2184 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
00:22:59.0109 2184 DsmSvc - ok
00:22:59.0167 2184 [ ED120AA770A78B5079F8C7BB5AF8A035 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
00:22:59.0227 2184 DXGKrnl - ok
00:22:59.0253 2184 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
00:22:59.0284 2184 Eaphost - ok
00:22:59.0386 2184 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
00:22:59.0512 2184 ebdrv - ok
00:22:59.0540 2184 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
00:22:59.0553 2184 EFS - ok
00:22:59.0600 2184 [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
00:22:59.0685 2184 ehRecvr - ok
00:22:59.0714 2184 [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched C:\WINDOWS\ehome\ehsched.exe
00:22:59.0729 2184 ehSched - ok
00:22:59.0761 2184 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
00:22:59.0774 2184 EhStorClass - ok
00:22:59.0792 2184 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
00:22:59.0806 2184 EhStorTcgDrv - ok
00:22:59.0832 2184 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
00:22:59.0857 2184 ErrDev - ok
00:22:59.0891 2184 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
00:22:59.0909 2184 EventSystem - ok
00:22:59.0932 2184 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
00:22:59.0959 2184 exfat - ok
00:22:59.0982 2184 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
00:22:59.0999 2184 fastfat - ok
00:23:00.0032 2184 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
00:23:00.0059 2184 Fax - ok
00:23:00.0075 2184 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
00:23:00.0100 2184 fdc - ok
00:23:00.0123 2184 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
00:23:00.0153 2184 fdPHost - ok
00:23:00.0183 2184 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
00:23:00.0202 2184 FDResPub - ok
00:23:00.0229 2184 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
00:23:00.0294 2184 fhsvc - ok
00:23:00.0325 2184 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
00:23:00.0338 2184 FileInfo - ok
00:23:00.0350 2184 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
00:23:00.0381 2184 Filetrace - ok
00:23:00.0397 2184 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
00:23:00.0413 2184 flpydisk - ok
00:23:00.0443 2184 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:23:00.0462 2184 FltMgr - ok
00:23:00.0505 2184 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
00:23:00.0578 2184 FontCache - ok
00:23:00.0666 2184 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:23:00.0687 2184 FontCache3.0.0.0 - ok
00:23:00.0703 2184 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
00:23:00.0716 2184 FsDepends - ok
00:23:00.0743 2184 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:23:00.0755 2184 Fs_Rec - ok
00:23:00.0787 2184 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
00:23:00.0808 2184 fvevol - ok
00:23:00.0831 2184 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
00:23:00.0842 2184 FxPPM - ok
00:23:00.0856 2184 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
00:23:00.0869 2184 gagp30kx - ok
00:23:00.0888 2184 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
00:23:00.0913 2184 gencounter - ok
00:23:00.0940 2184 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
00:23:00.0953 2184 GPIOClx0101 - ok
00:23:01.0002 2184 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
00:23:01.0037 2184 gpsvc - ok
00:23:01.0059 2184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:23:01.0069 2184 gupdate - ok
00:23:01.0075 2184 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:23:01.0085 2184 gupdatem - ok
00:23:01.0105 2184 [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
00:23:01.0157 2184 HdAudAddService - ok
00:23:01.0187 2184 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
00:23:01.0242 2184 HDAudBus - ok
00:23:01.0258 2184 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
00:23:01.0276 2184 HidBatt - ok
00:23:01.0303 2184 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
00:23:01.0345 2184 HidBth - ok
00:23:01.0363 2184 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
00:23:01.0406 2184 hidi2c - ok
00:23:01.0436 2184 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
00:23:01.0468 2184 HidIr - ok
00:23:01.0494 2184 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
00:23:01.0507 2184 hidserv - ok
00:23:01.0534 2184 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
00:23:01.0599 2184 HidUsb - ok
00:23:01.0626 2184 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
00:23:01.0665 2184 hkmsvc - ok
00:23:01.0692 2184 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
00:23:01.0728 2184 HomeGroupListener - ok
00:23:01.0761 2184 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
00:23:01.0802 2184 HomeGroupProvider - ok
00:23:01.0904 2184 [ 930370725FA0FE272346583A7A7D6BDB ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
00:23:01.0920 2184 hpqcxs08 - ok
00:23:01.0944 2184 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
00:23:01.0953 2184 hpqddsvc - ok
00:23:01.0982 2184 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
00:23:01.0995 2184 HpSAMD - ok
00:23:02.0037 2184 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
00:23:02.0128 2184 HTTP - ok
00:23:02.0151 2184 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
00:23:02.0163 2184 hwpolicy - ok
00:23:02.0200 2184 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
00:23:02.0218 2184 hyperkbd - ok
00:23:02.0238 2184 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
00:23:02.0250 2184 HyperVideo - ok
00:23:02.0283 2184 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
00:23:02.0331 2184 i8042prt - ok
00:23:02.0360 2184 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
00:23:02.0392 2184 iaStorV - ok
00:23:02.0418 2184 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
00:23:02.0430 2184 iirsp - ok
00:23:02.0509 2184 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
00:23:02.0568 2184 IKEEXT - ok
00:23:02.0584 2184 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
00:23:02.0602 2184 intelide - ok
00:23:02.0627 2184 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
00:23:02.0644 2184 intelppm - ok
00:23:02.0669 2184 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:23:02.0695 2184 IpFilterDriver - ok
00:23:02.0729 2184 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
00:23:02.0768 2184 iphlpsvc - ok
00:23:02.0786 2184 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
00:23:02.0850 2184 IPMIDRV - ok
00:23:02.0876 2184 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
00:23:02.0905 2184 IPNAT - ok
00:23:02.0923 2184 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
00:23:02.0992 2184 IRENUM - ok
00:23:03.0013 2184 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
00:23:03.0026 2184 isapnp - ok
00:23:03.0057 2184 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
00:23:03.0076 2184 iScsiPrt - ok
00:23:03.0104 2184 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
00:23:03.0117 2184 kbdclass - ok
00:23:03.0139 2184 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
00:23:03.0161 2184 kbdhid - ok
00:23:03.0200 2184 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
00:23:03.0252 2184 kdnic - ok
00:23:03.0267 2184 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
00:23:03.0287 2184 KeyIso - ok
00:23:03.0319 2184 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
00:23:03.0339 2184 KSecDD - ok
00:23:03.0371 2184 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
00:23:03.0393 2184 KSecPkg - ok
00:23:03.0417 2184 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
00:23:03.0435 2184 ksthunk - ok
00:23:03.0460 2184 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
00:23:03.0487 2184 KtmRm - ok
00:23:03.0515 2184 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
00:23:03.0545 2184 LanmanServer - ok
00:23:03.0558 2184 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
00:23:03.0574 2184 LanmanWorkstation - ok
00:23:03.0604 2184 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
00:23:03.0620 2184 lltdio - ok
00:23:03.0638 2184 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
00:23:03.0681 2184 lltdsvc - ok
00:23:03.0695 2184 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
00:23:03.0740 2184 lmhosts - ok
00:23:03.0759 2184 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
00:23:03.0773 2184 LSI_SAS - ok
00:23:03.0795 2184 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
00:23:03.0809 2184 LSI_SAS2 - ok
00:23:03.0825 2184 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
00:23:03.0839 2184 LSI_SCSI - ok
00:23:03.0864 2184 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
00:23:03.0877 2184 LSI_SSS - ok
00:23:03.0910 2184 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll
00:23:03.0958 2184 LSM - ok
00:23:03.0987 2184 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
00:23:04.0007 2184 luafv - ok
00:23:04.0023 2184 [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
00:23:04.0038 2184 Mcx2Svc - ok
00:23:04.0053 2184 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
00:23:04.0066 2184 megasas - ok
00:23:04.0096 2184 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
00:23:04.0117 2184 MegaSR - ok
00:23:04.0144 2184 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
00:23:04.0182 2184 MMCSS - ok
00:23:04.0203 2184 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
00:23:04.0228 2184 Modem - ok
00:23:04.0251 2184 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
00:23:04.0308 2184 monitor - ok
00:23:04.0327 2184 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
00:23:04.0345 2184 mouclass - ok
00:23:04.0365 2184 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
00:23:04.0398 2184 mouhid - ok
00:23:04.0414 2184 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
00:23:04.0428 2184 mountmgr - ok
00:23:04.0457 2184 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
00:23:04.0523 2184 mpsdrv - ok
00:23:04.0563 2184 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
00:23:04.0597 2184 MpsSvc - ok
00:23:04.0628 2184 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
00:23:04.0651 2184 MRxDAV - ok
00:23:04.0679 2184 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:23:04.0731 2184 mrxsmb - ok
00:23:04.0758 2184 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
00:23:04.0775 2184 mrxsmb10 - ok
00:23:04.0791 2184 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
00:23:04.0813 2184 mrxsmb20 - ok
00:23:04.0841 2184 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
00:23:04.0870 2184 MsBridge - ok
00:23:04.0901 2184 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:23:04.0920 2184 MSDTC - ok
00:23:04.0950 2184 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:23:04.0973 2184 Msfs - ok
00:23:04.0990 2184 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
00:23:05.0001 2184 msgpiowin32 - ok
00:23:05.0027 2184 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
00:23:05.0049 2184 mshidkmdf - ok
00:23:05.0069 2184 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
00:23:05.0081 2184 mshidumdf - ok
00:23:05.0108 2184 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
00:23:05.0120 2184 msisadrv - ok
00:23:05.0147 2184 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
00:23:05.0174 2184 MSiSCSI - ok
00:23:05.0178 2184 msiserver - ok
00:23:05.0198 2184 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:23:05.0220 2184 MSKSSRV - ok
00:23:05.0233 2184 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
00:23:05.0259 2184 MsLldp - ok
00:23:05.0273 2184 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:23:05.0294 2184 MSPCLOCK - ok
00:23:05.0324 2184 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:23:05.0344 2184 MSPQM - ok
00:23:05.0363 2184 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
00:23:05.0382 2184 MsRPC - ok
00:23:05.0402 2184 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
00:23:05.0414 2184 mssmbios - ok
00:23:05.0423 2184 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:23:05.0435 2184 MSTEE - ok
00:23:05.0458 2184 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
00:23:05.0470 2184 MTConfig - ok
00:23:05.0500 2184 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
00:23:05.0513 2184 Mup - ok
00:23:05.0533 2184 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
00:23:05.0545 2184 mvumis - ok
00:23:05.0580 2184 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
00:23:05.0623 2184 napagent - ok
00:23:05.0644 2184 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
00:23:05.0665 2184 NativeWifiP - ok
00:23:05.0692 2184 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
00:23:05.0729 2184 NcaSvc - ok
00:23:05.0755 2184 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
00:23:05.0782 2184 NcdAutoSetup - ok
00:23:05.0815 2184 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
00:23:05.0863 2184 NDIS - ok
00:23:05.0880 2184 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
00:23:05.0902 2184 NdisCap - ok
00:23:05.0928 2184 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
00:23:05.0958 2184 NdisImPlatform - ok
00:23:05.0988 2184 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:23:06.0012 2184 NdisTapi - ok
00:23:06.0036 2184 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:23:06.0060 2184 Ndisuio - ok
00:23:06.0078 2184 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:23:06.0109 2184 NdisWan - ok
00:23:06.0127 2184 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:23:06.0144 2184 NDISWANLEGACY - ok
00:23:06.0172 2184 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:23:06.0184 2184 NDProxy - ok
00:23:06.0197 2184 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
00:23:06.0218 2184 Ndu - ok
00:23:06.0238 2184 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
00:23:06.0242 2184 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:23:06.0242 2184 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:23:06.0254 2184 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:23:06.0278 2184 NetBIOS - ok
00:23:06.0310 2184 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:23:06.0363 2184 NetBT - ok
00:23:06.0378 2184 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
00:23:06.0391 2184 Netlogon - ok
00:23:06.0423 2184 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
00:23:06.0452 2184 Netman - ok
00:23:06.0483 2184 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
00:23:06.0533 2184 netprofm - ok
00:23:06.0571 2184 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:23:06.0668 2184 NetTcpPortSharing - ok
00:23:06.0692 2184 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
00:23:06.0710 2184 nfrd960 - ok
00:23:06.0742 2184 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
00:23:06.0758 2184 NlaSvc - ok
00:23:06.0769 2184 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:23:06.0782 2184 Npfs - ok
00:23:06.0802 2184 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
00:23:06.0841 2184 npsvctrig - ok
00:23:06.0869 2184 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
00:23:06.0883 2184 nsi - ok
00:23:06.0906 2184 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
00:23:06.0918 2184 nsiproxy - ok
00:23:06.0979 2184 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:23:07.0035 2184 Ntfs - ok
00:23:07.0060 2184 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
00:23:07.0083 2184 Null - ok
00:23:07.0323 2184 [ 4EE399576F76D38C04745DB739BBC8C7 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
00:23:07.0635 2184 nvlddmkm - ok
00:23:07.0660 2184 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
00:23:07.0674 2184 nvraid - ok
00:23:07.0699 2184 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
00:23:07.0714 2184 nvstor - ok
00:23:07.0749 2184 [ 7335C3D78A7746D76D37F6722CC4A466 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
00:23:07.0770 2184 nvsvc - ok
00:23:07.0845 2184 [ B7C53DA1C73FF39F4A6248643EFD979A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
00:23:07.0880 2184 nvUpdatusService - ok
00:23:07.0903 2184 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
00:23:07.0917 2184 nv_agp - ok
00:23:07.0946 2184 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
00:23:07.0989 2184 p2pimsvc - ok
00:23:08.0021 2184 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
00:23:08.0068 2184 p2psvc - ok
00:23:08.0094 2184 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
00:23:08.0126 2184 Parport - ok
00:23:08.0149 2184 [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
00:23:08.0162 2184 partmgr - ok
00:23:08.0189 2184 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
00:23:08.0229 2184 PcaSvc - ok
00:23:08.0257 2184 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
00:23:08.0279 2184 pci - ok
00:23:08.0307 2184 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
00:23:08.0320 2184 pciide - ok
00:23:08.0352 2184 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
00:23:08.0369 2184 pcmcia - ok
00:23:08.0392 2184 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
00:23:08.0405 2184 pcw - ok
00:23:08.0425 2184 [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
00:23:08.0438 2184 pdc - ok
00:23:08.0472 2184 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
00:23:08.0512 2184 PEAUTH - ok
00:23:08.0584 2184 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
00:23:08.0685 2184 PeerDistSvc - ok
00:23:08.0757 2184 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
00:23:08.0899 2184 PerfHost - ok
00:23:08.0970 2184 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
00:23:09.0026 2184 pla - ok
00:23:09.0049 2184 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
00:23:09.0063 2184 PlugPlay - ok
00:23:09.0084 2184 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
00:23:09.0088 2184 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:23:09.0089 2184 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:23:09.0112 2184 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
00:23:09.0126 2184 PNRPAutoReg - ok
00:23:09.0144 2184 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
00:23:09.0160 2184 PNRPsvc - ok
00:23:09.0200 2184 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
00:23:09.0226 2184 PolicyAgent - ok
00:23:09.0252 2184 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
00:23:09.0266 2184 Power - ok
00:23:09.0290 2184 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:23:09.0314 2184 PptpMiniport - ok
00:23:09.0395 2184 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
00:23:09.0534 2184 PrintNotify - ok
00:23:09.0560 2184 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
00:23:09.0583 2184 Processor - ok
00:23:09.0600 2184 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
00:23:09.0615 2184 ProfSvc - ok
00:23:09.0638 2184 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
00:23:09.0664 2184 Psched - ok
00:23:09.0694 2184 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
00:23:09.0730 2184 QWAVE - ok
00:23:09.0745 2184 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
00:23:09.0758 2184 QWAVEdrv - ok
00:23:09.0779 2184 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:23:09.0794 2184 RasAcd - ok
00:23:09.0810 2184 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
00:23:09.0825 2184 RasAgileVpn - ok
00:23:09.0851 2184 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:23:09.0877 2184 RasAuto - ok
00:23:09.0883 2184 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:23:09.0905 2184 Rasl2tp - ok
00:23:09.0945 2184 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:23:09.0993 2184 RasMan - ok
00:23:10.0019 2184 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:23:10.0035 2184 RasPppoe - ok
00:23:10.0041 2184 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
00:23:10.0057 2184 RasSstp - ok
00:23:10.0068 2184 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:23:10.0089 2184 rdbss - ok
00:23:10.0099 2184 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
00:23:10.0132 2184 rdpbus - ok
00:23:10.0154 2184 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
00:23:10.0195 2184 RDPDR - ok
00:23:10.0218 2184 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
00:23:10.0230 2184 RdpVideoMiniport - ok
00:23:10.0256 2184 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:23:10.0279 2184 RDPWD - ok
00:23:10.0309 2184 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
00:23:10.0324 2184 rdyboost - ok
00:23:10.0350 2184 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:23:10.0382 2184 RemoteAccess - ok
00:23:10.0405 2184 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:23:10.0435 2184 RemoteRegistry - ok
00:23:10.0471 2184 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
00:23:10.0495 2184 RpcEptMapper - ok
00:23:10.0512 2184 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
00:23:10.0526 2184 RpcLocator - ok
00:23:10.0573 2184 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:23:10.0595 2184 RpcSs - ok
00:23:10.0614 2184 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
00:23:10.0638 2184 rspndr - ok
00:23:10.0678 2184 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
00:23:10.0722 2184 RTL8168 - ok
00:23:10.0735 2184 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
00:23:10.0746 2184 s3cap - ok
00:23:10.0760 2184 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
00:23:10.0773 2184 SamSs - ok
00:23:10.0849 2184 [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\WNt500x64\Sandra.sys
00:23:10.0862 2184 SANDRA - ok
00:23:10.0890 2184 [ D5C3BE660BA6DB061C7D05BAFC1C4242 ] SandraAgentSrv C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1\RpcAgentSrv.exe
00:23:10.0905 2184 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
00:23:10.0905 2184 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
00:23:10.0931 2184 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
00:23:10.0950 2184 sbp2port - ok
00:23:10.0984 2184 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
00:23:11.0005 2184 SCardSvr - ok
00:23:11.0039 2184 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
00:23:11.0073 2184 scfilter - ok
00:23:11.0130 2184 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:23:11.0164 2184 Schedule - ok
00:23:11.0189 2184 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
00:23:11.0206 2184 SCPolicySvc - ok
00:23:11.0226 2184 [ 047315E75392CEA447ACC86257824C16 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
00:23:11.0243 2184 sdbus - ok
00:23:11.0271 2184 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
00:23:11.0308 2184 SDRSVC - ok
00:23:11.0332 2184 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
00:23:11.0345 2184 sdstor - ok
00:23:11.0359 2184 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
00:23:11.0373 2184 secdrv - ok
00:23:11.0399 2184 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
00:23:11.0424 2184 seclogon - ok
00:23:11.0450 2184 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
00:23:11.0480 2184 SENS - ok
00:23:11.0499 2184 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
00:23:11.0546 2184 SensrSvc - ok
00:23:11.0562 2184 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
00:23:11.0574 2184 SerCx - ok
00:23:11.0606 2184 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
00:23:11.0632 2184 Serenum - ok
00:23:11.0673 2184 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
00:23:11.0691 2184 Serial - ok
00:23:11.0709 2184 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
00:23:11.0726 2184 sermouse - ok
00:23:11.0761 2184 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
00:23:11.0790 2184 SessionEnv - ok
00:23:11.0818 2184 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
00:23:11.0840 2184 sfloppy - ok
00:23:11.0888 2184 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:23:11.0929 2184 SharedAccess - ok
00:23:11.0993 2184 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:23:12.0028 2184 ShellHWDetection - ok
00:23:12.0050 2184 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
00:23:12.0062 2184 SiSRaid2 - ok
00:23:12.0088 2184 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
00:23:12.0100 2184 SiSRaid4 - ok
00:23:12.0123 2184 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
00:23:12.0150 2184 SNMPTRAP - ok
00:23:12.0176 2184 [ 739A739DCC5D02FE30EDEADEBD7B9898 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
00:23:12.0193 2184 spaceport - ok
00:23:12.0207 2184 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
00:23:12.0220 2184 SpbCx - ok
00:23:12.0258 2184 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
00:23:12.0279 2184 Spooler - ok
00:23:12.0397 2184 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
00:23:12.0458 2184 sppsvc - ok
00:23:12.0474 2184 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:23:12.0504 2184 srv - ok
00:23:12.0535 2184 [ 9912FDF63EC78E1977083E20DEAE4889 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
00:23:12.0566 2184 srv2 - ok
00:23:12.0584 2184 [ FD8B4F201B681C555A4AF41922C52557 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
00:23:12.0615 2184 srvnet - ok
00:23:12.0655 2184 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:23:12.0677 2184 SSDPSRV - ok
00:23:12.0709 2184 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
00:23:12.0730 2184 SstpSvc - ok
00:23:12.0757 2184 Steam Client Service - ok
00:23:12.0822 2184 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
00:23:12.0841 2184 Stereo Service - ok
00:23:12.0859 2184 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
00:23:12.0871 2184 stexstor - ok
00:23:12.0907 2184 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
00:23:12.0948 2184 stisvc - ok
00:23:12.0973 2184 [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
00:23:12.0986 2184 storahci - ok
00:23:13.0017 2184 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
00:23:13.0030 2184 storflt - ok
00:23:13.0044 2184 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
00:23:13.0079 2184 StorSvc - ok
00:23:13.0101 2184 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
00:23:13.0114 2184 storvsc - ok
00:23:13.0146 2184 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
00:23:13.0179 2184 storvsp - ok
00:23:13.0196 2184 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
00:23:13.0230 2184 svsvc - ok
00:23:13.0243 2184 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
00:23:13.0255 2184 swenum - ok
00:23:13.0303 2184 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
00:23:13.0369 2184 swprv - ok
00:23:13.0423 2184 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
00:23:13.0461 2184 SysMain - ok
00:23:13.0500 2184 [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
00:23:13.0549 2184 SystemEventsBroker - ok
00:23:13.0568 2184 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
00:23:13.0600 2184 TabletInputService - ok
00:23:13.0636 2184 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\WINDOWS\system32\DRIVERS\tap0901.sys
00:23:13.0682 2184 tap0901 - ok
00:23:13.0712 2184 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:23:13.0741 2184 TapiSrv - ok
00:23:13.0824 2184 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
00:23:13.0884 2184 Tcpip - ok
00:23:13.0940 2184 [ B6D52E2C38B49A156E58FF5B9C6CA8BE ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:23:14.0000 2184 TCPIP6 - ok
00:23:14.0027 2184 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
00:23:14.0042 2184 tcpipreg - ok
00:23:14.0063 2184 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
00:23:14.0089 2184 tdx - ok
00:23:14.0108 2184 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
00:23:14.0120 2184 terminpt - ok
00:23:14.0155 2184 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
00:23:14.0193 2184 TermService - ok
00:23:14.0214 2184 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
00:23:14.0244 2184 Themes - ok
00:23:14.0272 2184 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
00:23:14.0285 2184 THREADORDER - ok
00:23:14.0322 2184 [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
00:23:14.0339 2184 TimeBroker - ok
00:23:14.0356 2184 [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\WINDOWS\system32\drivers\tpm.sys
00:23:14.0371 2184 TPM - ok
00:23:14.0402 2184 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
00:23:14.0427 2184 TrkWks - ok
00:23:14.0471 2184 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
00:23:14.0502 2184 TrustedInstaller - ok
00:23:14.0518 2184 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
00:23:14.0556 2184 TsUsbFlt - ok
00:23:14.0573 2184 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
00:23:14.0591 2184 TsUsbGD - ok
00:23:14.0609 2184 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
00:23:14.0626 2184 tunnel - ok
00:23:14.0652 2184 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
00:23:14.0665 2184 uagp35 - ok
00:23:14.0691 2184 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
00:23:14.0705 2184 UASPStor - ok
00:23:14.0726 2184 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
00:23:14.0742 2184 UCX01000 - ok
00:23:14.0802 2184 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
00:23:14.0844 2184 udfs - ok
00:23:14.0872 2184 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
00:23:14.0890 2184 UI0Detect - ok
00:23:14.0906 2184 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
00:23:14.0919 2184 uliagpkx - ok
00:23:14.0942 2184 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
00:23:14.0967 2184 umbus - ok
00:23:14.0989 2184 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
00:23:15.0007 2184 UmPass - ok
00:23:15.0035 2184 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
00:23:15.0069 2184 UmRdpService - ok
00:23:15.0103 2184 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
00:23:15.0137 2184 upnphost - ok
00:23:15.0160 2184 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
00:23:15.0185 2184 usbccgp - ok
00:23:15.0211 2184 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
00:23:15.0245 2184 usbcir - ok
00:23:15.0269 2184 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
00:23:15.0282 2184 usbehci - ok
00:23:15.0305 2184 [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
00:23:15.0339 2184 usbhub - ok
00:23:15.0365 2184 [ C5986337DE3BF63ABD9ED4D834D34B89 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
00:23:15.0392 2184 USBHUB3 - ok
00:23:15.0403 2184 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
00:23:15.0424 2184 usbohci - ok
00:23:15.0451 2184 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
00:23:15.0496 2184 usbprint - ok
00:23:15.0516 2184 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:23:15.0545 2184 usbscan - ok
00:23:15.0582 2184 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
00:23:15.0595 2184 USBSTOR - ok
00:23:15.0634 2184 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
00:23:15.0669 2184 usbuhci - ok
00:23:15.0693 2184 [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
00:23:15.0714 2184 USBXHCI - ok
00:23:15.0719 2184 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
00:23:15.0733 2184 VaultSvc - ok
00:23:15.0758 2184 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
00:23:15.0770 2184 vdrvroot - ok
00:23:15.0899 2184 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
00:23:15.0972 2184 vds - ok
00:23:15.0999 2184 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
00:23:16.0019 2184 VerifierExt - ok
00:23:16.0073 2184 [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
00:23:16.0119 2184 vhdmp - ok
00:23:16.0136 2184 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
00:23:16.0148 2184 viaide - ok
00:23:16.0215 2184 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
00:23:16.0252 2184 Vid - ok
00:23:16.0270 2184 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
00:23:16.0285 2184 vmbus - ok
00:23:16.0305 2184 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
00:23:16.0317 2184 VMBusHID - ok
00:23:16.0354 2184 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
00:23:16.0371 2184 vmbusr - ok
00:23:16.0437 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
00:23:16.0481 2184 vmicheartbeat - ok
00:23:16.0503 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
00:23:16.0522 2184 vmickvpexchange - ok
00:23:16.0607 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
00:23:16.0631 2184 vmicrdv - ok
00:23:16.0667 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
00:23:16.0682 2184 vmicshutdown - ok
00:23:16.0727 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
00:23:16.0743 2184 vmictimesync - ok
00:23:16.0780 2184 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
00:23:16.0795 2184 vmicvss - ok
00:23:16.0832 2184 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
00:23:16.0854 2184 volmgr - ok
00:23:16.0917 2184 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
00:23:16.0943 2184 volmgrx - ok
00:23:17.0001 2184 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
00:23:17.0026 2184 volsnap - ok
00:23:17.0080 2184 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
00:23:17.0099 2184 vpci - ok
00:23:17.0129 2184 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
00:23:17.0142 2184 vpcivsp - ok
00:23:17.0190 2184 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
00:23:17.0205 2184 vsmraid - ok
00:23:17.0315 2184 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
00:23:17.0392 2184 VSS - ok
00:23:17.0453 2184 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
00:23:17.0500 2184 VSTXRAID - ok
00:23:17.0641 2184 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
00:23:17.0672 2184 vToolbarUpdater14.2.0 - ok
00:23:17.0709 2184 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
00:23:17.0748 2184 vwifibus - ok
00:23:17.0781 2184 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
00:23:17.0832 2184 W32Time - ok
00:23:17.0848 2184 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
00:23:17.0870 2184 WacomPen - ok
00:23:17.0893 2184 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:23:17.0911 2184 Wanarp - ok
00:23:17.0936 2184 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:23:17.0954 2184 Wanarpv6 - ok
00:23:18.0074 2184 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
00:23:18.0143 2184 wbengine - ok
00:23:18.0169 2184 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
00:23:18.0209 2184 WbioSrvc - ok
00:23:18.0233 2184 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
00:23:18.0250 2184 Wcmsvc - ok
00:23:18.0331 2184 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
00:23:18.0389 2184 wcncsvc - ok
00:23:18.0405 2184 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
00:23:18.0446 2184 WcsPlugInService - ok
00:23:18.0461 2184 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
00:23:18.0474 2184 Wd - ok
00:23:18.0493 2184 [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
00:23:18.0505 2184 WdBoot - ok
00:23:18.0590 2184 [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
00:23:18.0622 2184 Wdf01000 - ok
00:23:18.0693 2184 [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
00:23:18.0741 2184 WdFilter - ok
00:23:18.0773 2184 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
00:23:18.0794 2184 WdiServiceHost - ok
00:23:18.0805 2184 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
00:23:18.0825 2184 WdiSystemHost - ok
00:23:18.0870 2184 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:23:18.0900 2184 WebClient - ok
00:23:18.0914 2184 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
00:23:18.0935 2184 Wecsvc - ok
00:23:18.0946 2184 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
00:23:18.0971 2184 wercplsupport - ok
00:23:18.0994 2184 [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
00:23:19.0100 2184 WerSvc - ok
00:23:19.0128 2184 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
00:23:19.0148 2184 WFPLWFS - ok
00:23:19.0172 2184 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
00:23:19.0205 2184 WiaRpc - ok
00:23:19.0224 2184 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
00:23:19.0242 2184 WIMMount - ok
00:23:19.0273 2184 WinDefend - ok
00:23:19.0411 2184 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
00:23:19.0465 2184 WinHttpAutoProxySvc - ok
00:23:19.0556 2184 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:23:19.0602 2184 Winmgmt - ok
00:23:19.0760 2184 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:23:19.0860 2184 WinRM - ok
00:23:19.0904 2184 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
00:23:19.0944 2184 WinUsb - ok
00:23:20.0063 2184 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
00:23:20.0132 2184 WlanSvc - ok
00:23:20.0273 2184 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
00:23:20.0389 2184 wlidsvc - ok
00:23:20.0405 2184 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
00:23:20.0417 2184 WmiAcpi - ok
00:23:20.0482 2184 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
00:23:20.0514 2184 wmiApSrv - ok
00:23:20.0530 2184 WMPNetworkSvc - ok
00:23:20.0549 2184 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
00:23:20.0585 2184 wpcfltr - ok
00:23:20.0615 2184 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
00:23:20.0641 2184 WPCSvc - ok
00:23:20.0672 2184 [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
00:23:20.0734 2184 WPDBusEnum - ok
00:23:20.0745 2184 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
00:23:20.0779 2184 WpdUpFltr - ok
00:23:20.0808 2184 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
00:23:20.0820 2184 ws2ifsl - ok
00:23:20.0849 2184 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
00:23:20.0898 2184 wscsvc - ok
00:23:20.0901 2184 WSearch - ok
00:23:21.0023 2184 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
00:23:21.0139 2184 WSService - ok
00:23:21.0404 2184 [ 79F95469604B77296346DE7DB463EA2A ] wuauserv C:\WINDOWS\system32\wuaueng.dll
00:23:21.0537 2184 wuauserv - ok
00:23:21.0569 2184 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
00:23:21.0595 2184 WudfPf - ok
00:23:21.0615 2184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
00:23:21.0636 2184 WUDFRd - ok
00:23:21.0674 2184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:23:21.0687 2184 WUDFSensorLP - ok
00:23:21.0704 2184 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
00:23:21.0730 2184 wudfsvc - ok
00:23:21.0749 2184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:23:21.0762 2184 WUDFWpdFs - ok
00:23:21.0779 2184 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
00:23:21.0793 2184 WUDFWpdMtp - ok
00:23:21.0873 2184 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
00:23:21.0925 2184 WwanSvc - ok
00:23:21.0933 2184 ================ Scan global ===============================
00:23:21.0984 2184 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
00:23:22.0039 2184 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
00:23:22.0057 2184 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
00:23:22.0152 2184 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
00:23:22.0157 2184 [Global] - ok
00:23:22.0158 2184 ================ Scan MBR ==================================
00:23:22.0174 2184 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:23:22.0984 2184 \Device\Harddisk0\DR0 - ok
00:23:22.0985 2184 ================ Scan VBR ==================================
00:23:23.0012 2184 [ C936DB38D1726711ECD7E3653D13369F ] \Device\Harddisk0\DR0\Partition1
00:23:23.0023 2184 \Device\Harddisk0\DR0\Partition1 - ok
00:23:23.0058 2184 [ 7220452F30E0B913BEB7A4330600909E ] \Device\Harddisk0\DR0\Partition2
00:23:23.0073 2184 \Device\Harddisk0\DR0\Partition2 - ok
00:23:23.0103 2184 [ 6F8B0E884325D94F34DB63768022C197 ] \Device\Harddisk0\DR0\Partition3
00:23:23.0140 2184 \Device\Harddisk0\DR0\Partition3 - ok
00:23:23.0141 2184 ============================================================
00:23:23.0141 2184 Scan finished
00:23:23.0141 2184 ============================================================
00:23:23.0152 1324 Detected object count: 4
00:23:23.0152 1324 Actual detected object count: 4
00:24:24.0863 1324 ClassicShellService ( UnsignedFile.Multi.Generic ) - skipped by user
00:24:24.0863 1324 ClassicShellService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:24:24.0863 1324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:24:24.0863 1324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:24:24.0865 1324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:24:24.0865 1324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:24:24.0866 1324 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
00:24:24.0866 1324 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:24:32.0561 4788 Deinitialize success
|
|
29.04.2013, 08:15
| #8 |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich? Servus, Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Bitte poste mit deiner nächsten Antwort
|
|
29.04.2013, 13:17
| #9 |
| | Trojan Generic.32.CCGO Gefährlich? also nach 2 std scannen mit mbar wollte ich auf die festplatte zugreifen was nicht geklappt hat (keine rückmeldung) mbar hat auch nicht mehr reagiert ich konnte garnichts mehr machen ausser neustart. lag das an mbar? soll ich nochmal versuchen zu scannen?? hier ist die log datei von adw cleaner Code:
ATTFilter # AdwCleaner v2.300 - Datei am 29/04/2013 um 11:54:54 erstellt
# Aktualisiert am 28/04/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center (64 bits)
# Benutzer : dark - DARK-PC
# Bootmodus : Normal
# Ausgeführt unter : D:\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : vToolbarUpdater14.2.0
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\dark\AppData\Local\Temp\Uninstall.exe
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\APN
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\dark\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\dark\AppData\LocalLow\AVG Secure Search
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16540
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={5F309518-9942-4EAF-9462-12FC8D7BB673}&mid=1fe52ba940dd47d09ddcd16d5b34c071-1ff06a90c643aa812b62f3bc0071b03903534728&lang=de&ds=AVG&pr=fr&d=2013-01-30 17:47:26&v=14.2.0.1&pid=avg&sg=&sap=hp --> hxxp://www.google.com
-\\ Google Chrome v26.0.1410.64
Datei : C:\Users\dark\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [6537 octets] - [29/04/2013 11:54:54]
########## EOF - C:\AdwCleaner[S1].txt - [6597 octets] ##########
|
|
29.04.2013, 14:30
| #10 |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich? Servus, MBAR dauert eigentlich nicht lange. Wir versuchen es mal so: Schritt 1 Fixen mit OTL
Code:
ATTFilter :Commands
[emptytemp]
Schritt 2 Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Bitte poste mit deiner nächsten Antwort
|
|
29.04.2013, 15:11
| #11 |
| | Trojan Generic.32.CCGO Gefährlich? oh man selbst das klappt nicht, er hat zwar einige zeit was gemacht aber dann stand da auch keine rückmeldung. soll ich mal mbar nochmal starten? |
|
29.04.2013, 15:17
| #12 | |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich?Zitat:
 |
|
29.04.2013, 19:48
| #13 |
| | Trojan Generic.32.CCGO Gefährlich? hi und hallo, ich habe jetzt nach über 3 std das programm abgebrochen weil es einfach nicht zu ende gehen will. hier die logdatei. kann ich noch was anderes machen? Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.29.05
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16540
dark :: DARK-PC [administrator]
29.04.2013 19:38:55
mbar-log-2013-04-29 (19-38-55).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 34176
Time elapsed: 3 hour(s), 17 minute(s), 57 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
30.04.2013, 09:38
| #14 |
| /// TB-Ausbilder | Trojan Generic.32.CCGO Gefährlich? Servus, alles klar. Wir kontrollieren nochmal alles. Bitte gedulde dich insbesondere bei ESET. Dieser Scan kann lange dauern. Schritt 1 Fixen mit OTL
Code:
ATTFilter :Commands
[emptyjava]
[emptyflash]
[reboot]
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
30.04.2013, 18:28
| #15 |
| | Trojan Generic.32.CCGO Gefährlich? hier sind die logs : Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.30.04 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16540 dark :: DARK-PC [Administrator] Schutz: Aktiviert 30.04.2013 15:26:13 mbam-log-2013-04-30 (15-26-13).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 377267 Laufzeit: 12 Minute(n), 25 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: dark
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: dark
->Flash cache emptied: 0 bytes
User: Default
User: Default User
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 04302013_151216
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=0a9f590b3b9a0644b2e0ce04bfcf8c3b
# engine=13727
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-30 04:38:42
# local_time=2013-04-30 06:38:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1045 16777213 100 94 14000 54473906 0 0
# compatibility_mode=5893 16776573 100 94 33355 7929021 0 0
# scanned=465835
# found=3
# cleaned=0
# scan_time=10546
sh=A3400420F246FF990DFC8D223F70A7EDCB42BAD5 ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Windows.old\Users\dark\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C06L9YP2\firstload_com[1].htm"
sh=52B652A736EB57AF2A265F20CD02E3F09C19DD02 ft=0 fh=0000000000000000 vn="a variant of Win32/Adware.SpeedingUpMyPC.A application" ac=I fn="C:\Windows.old\Users\dark\AppData\Local\Temp\OptimizerPro_new.zip"
sh=415788A0C3A0C0AEFFE5DC2707F00D56BC10FC86 ft=1 fh=9a01efc3b7a794b4 vn="a variant of Win32/Adware.SpeedingUpMyPC.A application" ac=I fn="C:\Windows.old\Users\dark\AppData\Local\Temp\1606e1353324abdcd295dfd1d5956201\OptimizerPro.exe"
|
|
| Themen zu Trojan Generic.32.CCGO Gefährlich? |
| autorun, avg secure search, avg security toolbar, bho, cid, desktop, down, downloader, error, festplatte, firefox, frage, gefährlich?, google, homepage, iexplore.exe, install.exe, logfile, nicht möglich, plug-in, problem, realtek, registry, scan, secure search, security, svchost.exe, trojan, updates, virus, visual studio, vtoolbarupdater, windows |
Textbox.
Linear-Darstellung
