| |
| |||||||
Log-Analyse und Auswertung: LAP06-2.vbs auf USB-StickWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.04.2013, 18:25
| #1 |
 |  LAP06-2.vbs auf USB-Stick Hallo Community! Auf einem USB Stick meiner Freundin, welchen sie mir gab, schien sich die Datei "LAP06-2.vbs" versteckt zu haben, welche Avast als "VBS:AutoRun-gen [Wrm]" beschreibt. Da ich mir nun Sorgen um mein System mache, würde ich darum bitten, meine Logs auszuwrten und mir zu sagen, ob ich ein Problem habe oder nicht. Hier ist das MBAM-Log: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.04.04.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 Marcel :: ********* [limited] 29.04.2013 18:10:51 mbam-log-2013-04-29 (18-10-51).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 404780 Time elapsed: 50 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Und hier die OTL-Logs: OTL logfile created on: 29.04.2013 19:08:52 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Marcel\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free 11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS Computer Name: ********* | User Name: ********* | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\******\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia) PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) PRC - C:\Programme\Logitech Gaming Software\Applets\LCDYT.exe (Logitech Inc.) PRC - C:\Programme\Logitech Gaming Software\Applets\LCDWebCam.exe (Logitech Inc.) PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMovieViewer.exe (Logitech Inc.) PRC - C:\Programme\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.) PRC - C:\Program Files (x86)\Hama\Common\RaUI.exe (Ralink Technology, Corp.) PRC - C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\Hama\Common\RaWLAPI.dll () ========== Services (SafeList) ========== SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software) SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia) SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (RalinkRegistryWriter64) -- C:\Program Files (x86)\Hama\Common\RaRegistry64.exe (Ralink Technology, Corp.) SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\Hama\Common\RaRegistry.exe (Ralink Technology, Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia) DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (LGPBTDD) -- C:\Windows\SysNative\drivers\LGPBTDD.sys (Logitech Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?pc=skyp&ocid=skydhp IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.12 22:37:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 14:13:10 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013.02.01 19:29:34 | 000,000,000 | ---D | M] [2013.04.12 14:13:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.12 14:13:07 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.04.12 14:13:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.01.05 17:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.05 17:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.01.05 17:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.01.05 17:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.05 17:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.05 17:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [*Restore] C:\Windows\SysNative\rstrui.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software) O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software) O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software) O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{9D15E~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{9D15E~1\reboot.ini File not found O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\RunOnce: [mcpatcherefdg] File not found O4 - HKCU..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKCU..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*********\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5280806A-217A-4B66-ADDB-0642A258CCF8}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96A7B7E4-E87C-4404-AFDE-90B8D8BDDB0E}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.24 20:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.12 14:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.04.10 18:10:23 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.10 18:10:22 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.10 18:10:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.10 18:10:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.10 18:10:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.10 18:10:22 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.10 18:10:21 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.10 18:10:21 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.10 18:10:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.10 18:10:21 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.10 18:10:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.10 18:10:21 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.10 18:10:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.10 18:10:20 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.10 18:10:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.10 17:26:44 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 17:26:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 17:26:43 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 17:26:43 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 17:26:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 17:26:42 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.03.30 21:41:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D [2013.03.30 21:40:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sweet Home 3D ========== Files - Modified Within 30 Days ========== [2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.29 18:15:59 | 000,014,608 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.29 18:15:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.29 18:08:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.29 18:08:19 | 504,688,639 | -HS- | M] () -- C:\hiberfil.sys [2013.04.29 18:02:34 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.04.29 17:45:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.04.29 17:37:46 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.29 17:37:46 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.29 17:37:46 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.29 17:37:46 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.29 17:37:46 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.27 20:33:22 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\WebReg HP Deskjet F300 series.job [2013.04.10 20:02:27 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.10 20:02:27 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.10 19:53:21 | 000,310,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys ========== Files Created - No Company Name ========== [2013.04.29 18:02:34 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.02.01 21:28:20 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat.temp [2013.02.01 19:23:50 | 000,245,557 | ---- | C] () -- C:\Windows\hpoins19.dat [2013.02.01 19:23:50 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2012.11.22 14:28:12 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.11.22 14:27:55 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.09.28 22:56:34 | 000,014,051 | ---- | C] () -- C:\Windows\SysWow64\RaCoInst.dat [2012.09.28 22:56:00 | 000,000,451 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.ini [2012.09.28 22:55:45 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\DiagFunc.dll [2012.09.20 16:29:16 | 504,688,639 | -HS- | C] () -- \hiberfil.sys [2012.08.26 23:10:34 | 000,039,904 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe [2012.08.21 05:15:22 | 003,978,240 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll [2012.08.21 05:14:04 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012.08.21 05:12:48 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll [2012.08.21 05:12:34 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll [2012.08.21 05:12:32 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll [2012.08.21 05:12:30 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll [2012.08.21 05:12:28 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll [2012.08.21 05:12:28 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll [2012.08.21 05:12:28 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll [2012.08.21 05:12:24 | 000,330,240 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll [2012.07.19 20:56:08 | 000,172,544 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll [2012.07.19 20:56:02 | 006,894,331 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll [2012.07.19 20:56:02 | 001,111,581 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll [2012.07.19 20:56:02 | 000,401,685 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll [2012.07.19 20:56:02 | 000,232,895 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-51.dll [2012.07.19 20:56:02 | 000,162,743 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll [2012.07.19 20:56:02 | 000,101,820 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-0.dll [2012.06.19 14:02:17 | 003,123,272 | R--- | C] () -- C:\Windows\SysWow64\pbsvc.exe [2011.12.07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll [2011.09.08 16:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll [2011.09.08 16:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll [2011.09.08 16:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll [2011.09.08 16:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll [2011.09.08 16:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe [2011.09.08 16:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll [2011.09.08 16:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe [2011.09.08 16:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe [2011.09.08 15:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll [2011.09.08 15:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll [2011.05.30 15:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011.05.23 09:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL Extras logfile created on: 29.04.2013 19:08:52 - Run 5 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\******\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 5,96 Gb Total Physical Memory | 3,12 Gb Available Physical Memory | 52,30% Memory free 11,92 Gb Paging File | 8,90 Gb Available in Paging File | 74,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920,54 Gb Total Space | 713,44 Gb Free Space | 77,50% Space Free | Partition Type: NTFS Drive I: | 465,76 Gb Total Space | 455,67 Gb Free Space | 97,83% Space Free | Partition Type: NTFS Computer Name: KAWAII-PC | User Name: Admin-san | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01206FCA-F841-432B-A460-B054A68CF507}" = lport=138 | protocol=17 | dir=in | app=system | "{1C99E57C-A366-475D-9BBD-5BD61D8635DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1DB8046C-2BB5-4132-A075-D2F78223D45C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{2C906D14-B2CD-44D9-9063-0442F7BE50A4}" = rport=137 | protocol=17 | dir=out | app=system | "{2E18036F-8BCC-47FC-8949-80DF471DFB5E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{33512AED-3310-4C77-8218-C303DC247A82}" = rport=139 | protocol=6 | dir=out | app=system | "{468C2F20-8A64-4FDF-8D02-4877DECA07D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{59D1E017-1541-40F7-8D1B-A30AC0068CB8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5C1A9C92-204C-4ADE-AAD1-EE322DF2E228}" = lport=10243 | protocol=6 | dir=in | app=system | "{5C38C9C6-7158-40F1-92B6-891A29E1DCC3}" = lport=137 | protocol=17 | dir=in | app=system | "{5DD418D0-366F-4F0D-9DCF-6F87B32AEC36}" = lport=2869 | protocol=6 | dir=in | app=system | "{7BFE35F1-8705-48D9-9EF9-159054970CD3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{7DF009B6-CECD-4EA4-8E2C-477A7C36A398}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{83F1FC19-5AFA-470A-8259-1E6EA990E729}" = rport=138 | protocol=17 | dir=out | app=system | "{8A69C3BD-2D73-4EEB-B72B-6EBF9152D6A3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8D2F142C-170F-4095-B6C5-BB68C50EB274}" = lport=445 | protocol=6 | dir=in | app=system | "{901A9148-6A64-418C-82D3-B375FA16971C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{91CDE7E7-D1B8-4B40-B9C6-858B6154B070}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{96C01591-AF40-4049-B4CE-76808DD09B05}" = rport=10243 | protocol=6 | dir=out | app=system | "{99AA57BC-5CB0-4228-8F60-8FF829D90D12}" = lport=139 | protocol=6 | dir=in | app=system | "{A7D6A79C-2EA6-49CC-8E4E-9D8A20BC27E5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B8057F9B-59EB-4CB0-AB28-1064430B4A19}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{BF8D4F5D-0147-41C2-9152-CEC4ED5E634E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{E0C063EB-2D68-46FF-B446-981C411AB46C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{F3EC24CE-DA46-439A-8D0B-90CF2CFDF6A4}" = rport=445 | protocol=6 | dir=out | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02F3D25B-613C-4875-B2C3-2D785B4109FB}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe | "{05C6E242-7CDD-445E-9586-0CA3742B6269}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{06C310EB-8E6A-49FC-B975-708BF13AB5C7}" = protocol=6 | dir=out | app=system | "{079BE555-CC7F-4399-9C9D-3F94A67F46B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{0B1FF26A-435F-415B-AE34-E4ADDD83C53E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{0E89601C-697B-48F0-876F-C1189D9FBA2A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{10349D4C-37E0-4B0E-980B-E61EB4EE9046}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{108FACDF-C3F4-4BB8-9D06-BF1DA95EBEB3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{10A96265-1D56-473F-91FA-F99CE47EC6CE}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{125A89B9-77F1-4E48-97E2-B2443D3333CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{1BC5997E-1BAC-4256-A844-F357E65BE1F1}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe | "{1C41E9EA-CB51-437E-8605-3455DE0B09EC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe | "{1E283FD1-A426-49FE-9BA7-FDA104D41EB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1FF83CC0-F9B6-4840-A348-5CB41DD43501}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | "{2035A271-0736-4D84-A659-D4963835CB1F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{20BDDC42-B774-450A-972A-DF36B8B25A11}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{22EA8186-AF1C-4C02-9454-B3C8C0B055F7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{26BFFC09-461D-46BC-8919-F015CE16A8D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe | "{2828DFED-B40F-4F2A-B3E4-BF3E7425102F}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{29DC5369-6118-49C3-8D6A-F1AE9FF3D480}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3mp.exe | "{2A922E1B-9837-4A12-8C81-CAAA864005C7}" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe | "{2AD00A7E-E293-40F9-AB5A-241754E7E2D7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe | "{2ADF97DC-89AC-450A-B0D2-A7C205EBAB7B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | "{2F1EF178-603B-472A-BCA7-9B1A3E7C5D26}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | "{2F3C2FB5-2825-42D2-9DBA-732D3D649842}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\ac3sp.exe | "{329774BF-691E-42FC-8394-4A0FC3510443}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe | "{386B4519-C489-4F51-A1AB-A7D347286560}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{39DFAE92-C332-4006-9D38-BE709F4E268A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe | "{3F94D3AF-CDBF-4F81-A44E-F475CA56ECDB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{4335E2B2-AE9C-419D-A13C-353F07D1BB78}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{46541142-CFA1-471E-9906-711CDF5855ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | "{4CEFA2B8-ED2D-46E2-B0F8-E97DF10E3B23}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{4DB18CFE-9765-4191-92EE-1FEF81C0A803}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{4FBBB10F-9A57-4898-8BC1-A577E3055067}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe | "{5377B385-0F0D-4A90-88A1-DFA2C32055F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{54B36543-2690-4703-83C8-1B72E079AB7E}" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "{5532E41D-D48D-418C-AFA9-922D633C969A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe | "{56D75BF9-E201-4FF6-A399-E09C6548ADB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{57F5AAEB-8D05-471D-8447-CCF597907E0B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe | "{5A24E8BD-9D20-47A0-AF81-5A9F182E3D8D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe | "{5CE8C554-2D64-4291-AF22-A030D21D1F61}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{5E039FD1-2FBF-4937-A945-19D895FC5BEE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe | "{5F3EEA7A-E172-49A8-A522-8EFDE31F0199}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe | "{5FDB8CF5-B066-48F9-A21D-20236A39EC9A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{60B296E7-D5CA-4B84-9FA5-7F7781971D89}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{664F0037-2835-4E85-B38E-FB63FBF929EA}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | "{6A43C36E-37F7-4CF2-BFF6-DF0CBE27AEE9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe | "{6B3B04F3-3E3F-4C7A-AF32-3BE77D8C0708}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe | "{6B6B141E-0AF0-4A9A-8579-E692246C68EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{6B966EEB-D4CA-4461-BD29-5BB7CFB6A61A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{72337EBE-1694-4504-AB01-8261353B7376}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{72CCD81D-FDD4-4631-826E-5D4630D6F849}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{72DF97AB-669E-43EA-A3C5-A1680E64F92C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | "{72DFD5C0-5497-4955-B4F6-BDBC6342AE5A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe | "{73A71208-1C25-4383-AFEB-B51ECA73EBAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{77A99E11-BA9C-4A91-8E48-CA740B77DCB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{77D18086-7A03-40B7-A826-6BF3EBCCE637}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{78FE1E40-8DAB-46D4-9DBD-24B2F0B78032}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\gamesw.exe | "{79A3CEB5-2C18-4B42-A4C1-E6046CB0959B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | "{7B03B66B-F409-4543-AF47-CF336CC76C9A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe | "{7B70DBEE-74A3-4274-B2E2-5DFD0E605151}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe | "{7CAE9174-15E6-4F7C-BDF0-88BBA704B65D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe | "{7DE9E39A-65C9-4670-9B3A-F71EFDE8ECC9}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8A8DB8F5-B8C5-4D00-A57A-15B3A5BD2BAF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8D5EB4D1-DDDB-411C-960D-56D29716364E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{8EBA644A-BCB2-4C61-98D2-81251C66EEAD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{90C26014-18A1-4BE2-AE3D-56553AB15B33}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{90CD8FD1-051D-428C-B508-EEA8EECB170F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{932D2805-62FB-4605-99BE-96448C696A6B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{93695211-BF60-4D1F-89FB-908C3928930E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | "{94D97E17-95B7-4CFE-9D34-0042D37409AC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{96C9A87F-ACC1-4254-8A4C-797030DFD653}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\falloutnvlauncher.exe | "{9802D616-2DBE-4EBC-8B22-5324107397F2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garrysmod\hl2.exe | "{984C382A-2F7A-41D3-9F3C-9F6B2F519BAA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{9927ACCD-26D4-4354-AF69-B8AFEA87CF26}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | "{9BE1E4BD-ED7F-47A2-A79B-FDE04F31B2DC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | "{9C21881B-07C2-461D-995A-3F86B8D22003}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe | "{9C892C60-CCA0-4319-8F74-80F71AC21A45}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe | "{9E202595-245B-4E3A-ABFB-CA071F6EDF31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreedii.exe | "{A1B32D66-C74B-47C2-ABD9-B7DC49E1F3EB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe | "{A2D544E2-DBF5-4668-BC18-3A3861633ED3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe | "{A33F2535-18CE-4144-89BA-8A10CE859041}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{A38AFE41-0DA0-4F0E-AF0E-8791EFC7A116}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe | "{A40F0861-5241-4FC6-845B-D562CE7E29AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | "{A72226A2-B155-4716-9DD8-C2606D0FF7A3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\creationkit.exe | "{A8ABB70C-3ABA-4394-A244-63E304F5858E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\recettear.exe | "{AA29384D-EB86-456D-AA83-4FFFD3502CE1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{AAE74808-8BFA-42A0-A1B3-7179CC063C27}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magical diary demo\magicaldiary.exe | "{B0174C6F-91F3-41B0-842D-5E17C8E331E1}" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "{B31858BC-83DE-41BE-92A0-05DF916BF590}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{B34422AC-1CAB-446A-8AF2-F669B8DC1FD8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | "{B47C0F56-4FAD-4BED-8F0A-55187AE980BA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe | "{B5C0F2A4-20A5-47BD-B1BB-8406365FD110}" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe | "{B5C7D15D-B872-46A3-A5A7-FA6637A4BB23}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{B7956A4E-01FF-4B97-BB90-8A8E49DEFE73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\terraria\terraria.exe | "{BBB96C35-3344-47A1-91F0-2E92FDEC52B6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\toy soldiers\game.exe | "{BEE9E782-7698-4559-AC57-171509FCB69E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{C59D8830-0C51-41BE-B432-542E3CDEC8D9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{C5D87CAA-794A-4921-A1E8-070A997A9AC1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{C77FF4D0-F319-443F-9B3A-DB0CEBC31B8F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | "{C98630AE-4C91-4046-ACCE-FB3C6B523A7F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{CC0DE909-D605-41A1-8CCB-47919216D4F6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{CFC29B5B-AB7A-4066-8811-FC71C759678D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{D37664C6-5E9C-431C-8768-D7D7DA5ECDCE}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "{D3FBFDCF-AA21-47FE-8E71-987F8546AB27}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{D4C01DE4-5FDD-4220-B3A7-5E7F7C978806}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | "{D4FC82D2-EB64-4300-A679-1143CE75F641}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\uplaybrowser.exe | "{D60AB8BC-C347-4FA4-874A-3923CCD5BAA0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | "{D8125DF0-1546-4393-9C93-BA9D004DAC6D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe | "{D9A40395-208A-4392-BBAF-CC940B759096}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{DBDE8CC9-4D44-46F8-83AE-A265C320660B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{E0C63BAA-9F83-4B1B-A986-A760FF1168F7}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe | "{E0E6060E-2BAB-41ED-80A2-3E277BEDF465}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe | "{E4FCFD59-EACC-4B9A-9872-14A20A5EC3D7}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{E84C0F18-5A60-4B78-8997-832B20BBA0B1}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{E8E62174-AD52-439F-8A3A-60151DFF21A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EA6390D2-28EA-47D9-8A00-781838C9FA3C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EBEC52E0-3C4D-4D48-97BF-766717846ED5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | "{EFC8061C-7FAD-41CE-8656-070F26CBE37D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{F16D0597-15ED-4E4F-9C48-11411FDCDC88}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\recettear - demo\custom.exe | "{F2F6AE99-9DB4-4BDD-9224-2ACE2021C765}" = protocol=58 | dir=in | app=system | "{F6C076FF-F51E-4274-B88A-60542422A534}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\trine demo\trine_launcher.exe | "{F7E7FA67-FAEB-42CA-AE06-79745840894B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe | "{FAB54238-3B3C-49D4-887C-D8AA4B7FC5AD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FAE8822F-AA7C-4E3D-A4AB-556FB792AABB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FC477E3A-B7F6-4B1A-B606-5F2DA235E2A9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\just cause 2\justcause2.exe | "{FF1F51D3-4C7E-4BEE-84C9-50C60227F050}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed iii\assassinscreed3.exe | "TCP Query User{16F9CE79-4008-4DAF-A1A0-4E330A4640ED}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{50C135D5-5E06-4095-83D7-A1961513800A}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe | "TCP Query User{5608CA92-912A-4599-8976-814D2DBE48E9}C:\users\******\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe | "TCP Query User{58A85CC8-15E7-4DB1-B762-0F9A66A2F671}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe | "TCP Query User{5DAA8A9B-EC57-4C48-828F-430E5AEAA167}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe | "TCP Query User{645D32DB-20E2-4FA4-8BD9-0CD9339287B2}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe | "TCP Query User{68AD8263-05CC-4F7D-A0B0-FE2D49029B31}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "TCP Query User{851500EC-8A62-44D7-B053-8D91D8342CA2}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe | "TCP Query User{B93D60A1-B481-46EA-B7CD-2273537F3115}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=6 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe | "UDP Query User{67F10B10-DE97-413F-AC49-CC4E9592C5C1}C:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\half-life 2 deathmatch\hl2.exe | "UDP Query User{8CC6095C-3ADA-4772-94CF-53EC5DC87BD8}C:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallout new vegas\vaultmp.exe | "UDP Query User{99DFD034-0E8D-4286-89C1-88295606551B}C:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\team fortress 2\hl2.exe | "UDP Query User{AA043430-FAB2-4C96-AE41-51A694BF5330}C:\users\******\desktop\warcraftiii\war3.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\warcraftiii\war3.exe | "UDP Query User{BA94540B-E457-4E3E-BB05-E647EE25C685}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe | "UDP Query User{BED7B405-DF0F-4137-84B3-46B58827F192}C:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\shootingm\garry's mod beta\hl2.exe | "UDP Query User{CD06F978-2386-490E-A273-0143C23A9262}C:\users\******\desktop\killingfloor\system\killingfloor.exe" = protocol=17 | dir=in | app=c:\users\******\desktop\killingfloor\system\killingfloor.exe | "UDP Query User{D1ACE927-1F06-402F-85F5-1F39B51CBA75}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{E78826F8-F692-493F-8CF8-977AE680C77C}C:\users\******\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\******\appdata\local\temp\gw2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes "{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64 "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 311.06 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B "{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant "{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "Blender" = Blender "CCleaner" = CCleaner "GIMP-2_is1" = GIMP 2.8.2 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "Logitech Gaming Software" = Logitech Gaming Software 8.35 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Shop for HP Supplies" = Shop for HP Supplies "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker "{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = HALO 2 FÜR WINDOWS VISTA "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan "{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}" = Hama Wireless LAN Adapter "{2E87F4AB-99BF-421C-AF7B-365A9C08549A}" = F300 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module "{5E6D6161-5509-4f55-9372-1E01792F843A}" = F300_Help "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module "{668B80AF-D98F-42FC-8EE1-36252B03C5C9}_is1" = MIDI4all "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials "{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II "{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher "{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110 "{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}" = Assassin's Creed III 1.01 "{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack "{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX "{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C3592426-531E-4110-911D-BFECE2CE284C}" = osu! "{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013 "{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common "{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module "{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE) "{F6AC5364-2FB7-437a-811A-D645F22AA6AC}" = F300Trb "{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Audacity_is1" = Audacity 2.0.2 "avast" = avast! Free Antivirus "Codecs for Windows 7 Pack" = Codecs for Windows 7 Pack 4.0.5 "EVEREST Home Edition_is1" = EVEREST Home Edition v2.20 "Free Video to Flash Converter_is1" = Free Video to Flash Converter version 5.0.22.128 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128 "Frets on Fire" = Frets On Fire "Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21 "Guild Wars 2" = Guild Wars 2 "Guitar Pro 5_is1" = Guitar Pro 5.2 "Halo 2" = HALO 2 FÜR WINDOWS VISTA "LogMeIn Hamachi" = LogMeIn Hamachi "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300 "Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NifSkope" = NifSkope (remove only) "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Patch-Master" = Patch-Master "PunkBusterSvc" = PunkBuster Services "Secunia PSI" = Secunia PSI (3.0.0.3001) "Steam App 105600" = Terraria "Steam App 12900" = Audiosurf "Steam App 202480" = Creation Kit "Steam App 212140" = Magical Diary Demo "Steam App 218" = Source SDK Base 2007 "Steam App 220" = Half-Life 2 "Steam App 22380" = Fallout: New Vegas "Steam App 320" = Half-Life 2: Deathmatch "Steam App 35710" = Trine Demo "Steam App 4000" = Garry's Mod "Steam App 42680" = Call of Duty: Modern Warfare 3 "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer "Steam App 42750" = Call of Duty: Modern Warfare 3 - Dedicated Server "Steam App 440" = Team Fortress 2 "Steam App 49600" = Beat Hazard "Steam App 500" = Left 4 Dead "Steam App 550" = Left 4 Dead 2 "Steam App 70410" = Recettear: An Item Shop's Tale - Demo "Steam App 72850" = The Elder Scrolls V: Skyrim "Steam App 8190" = Just Cause 2 "Steam App 98300" = Toy Soldiers "Sweet Home 3D_is1" = Sweet Home 3D version 4.0 "TuneUp Utilities 2013" = TuneUp Utilities 2013 "WinLiveSuite" = Windows Live Essentials "Yahoo! Companion" = Yahoo! Toolbar ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 29.04.2013 04:45:29 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8237 Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9235 Error - 29.04.2013 04:45:30 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 9235 Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 10249 Error - 29.04.2013 04:45:31 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 10249 Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 29.04.2013 04:45:32 | Computer Name = ********* | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 11248 Error - 29.04.2013 04:45:32 | Computer Name = *********| Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 11248 [ System Events ] Error - 18.04.2013 03:31:04 | Computer Name = ********* | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden. Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7038 Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1352 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 19.04.2013 12:42:06 | Computer Name = ********* | Source = Service Control Manager | ID = 7000 Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 23.04.2013 06:29:22 | Computer Name = ********* | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7038 Description = Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 25.04.2013 16:44:36 | Computer Name = ********* | Source = Service Control Manager | ID = 7000 Description = Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 27.04.2013 14:33:32 | Computer Name = ********* | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. Error - 27.04.2013 14:33:33 | Computer Name = ********* | Source = Disk | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden. < End of report > Vielen Dank im Voraus! MfG. Keahl |
|
01.05.2013, 22:02
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | LAP06-2.vbs auf USB-Stick Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.05.2013, 08:00
| #3 |
| | LAP06-2.vbs auf USB-Stick Vielen Dank für die schnelle Antwort, Cosinus!
__________________ Die beiden Avast Logs, in welchen die Funde verzeichnet waren (erstes Log beim direkten erkennen der Datei und zweites als ich sie mit Malwarebytes untersucht habe. Da hat er mir dann Malwarebytes als infiziert dargestellt) haben sich aus dem Protokollreiter von Avast verabschiedet und sind nicht mehr aufzufinden, obwohl sie vorgestern noch da waren. Das kommt mir etwas seltsam vor. Ansonsten habe ich keine Logs mit Funden. Den Ordner auf dem Stick habe ich mit MBAM und Avast überprüft und laut denen ist er sauber. |
|
02.05.2013, 13:03
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-Stick Ich versteh noch nicht ganz, hatte Malwarebytes denn je mal etwas gefunden oder nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.05.2013, 16:41
| #5 |
| | LAP06-2.vbs auf USB-Stick Malwarebytes nicht, Avast hingegen schon. |
|
03.05.2013, 14:29
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-Stick Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> LAP06-2.vbs auf USB-Stick |
|
03.05.2013, 16:26
| #7 |
| | LAP06-2.vbs auf USB-Stick Vielen Dank für die Antwort! Hier die Logs: 1. MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.03.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
********* :: ******** [administrator]
03.05.2013 16:24:51
mbar-log-2013-05-03 (16-24-51).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28752
Time elapsed: 6 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
2. MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.03.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
********* :: ********* [administrator]
03.05.2013 17:17:18
mbar-log-2013-05-03 (17-17-18).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28759
Time elapsed: 6 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Geändert von Keahl (03.05.2013 um 16:31 Uhr) Grund: Verbesserung des Textverständnisses. |
|
03.05.2013, 23:13
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-Stick ja, bitte gezipt in Anhang. Aber nur dann wenn die Logs zu groß sind.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.05.2013, 20:40
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-Stick aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.05.2013, 17:36
| #11 |
| | LAP06-2.vbs auf USB-Stick Verzeihung nocheinmal, ich war wieder so lange abwesend. >_< MBR: Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-13 18:28:33
-----------------------------
18:28:33.282 OS Version: Windows x64 6.1.7601 Service Pack 1
18:28:33.282 Number of processors: 8 586 0x1E05
18:28:33.282 ComputerName: ********* UserName: *********
18:28:35.202 Initialize success
18:28:35.343 AVAST engine defs: 13051300
18:29:05.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:29:05.223 Disk 0 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 8
18:29:05.304 Disk 0 MBR read successfully
18:29:05.309 Disk 0 MBR scan
18:29:05.315 Disk 0 Windows 7 default MBR code
18:29:05.321 Disk 0 Partition 1 00 DE Dell Utility NTFS 94 MB offset 63
18:29:05.334 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 11142 MB offset 194560
18:29:05.355 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 942631 MB offset 23013376
18:29:05.383 Disk 0 scanning C:\Windows\system32\drivers
18:29:10.345 Service scanning
18:29:21.010 Modules scanning
18:29:21.012 Disk 0 trace - called modules:
18:29:21.027 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorV.sys hal.dll
18:29:21.032 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800654a790]
18:29:21.033 3 CLASSPNP.SYS[fffff880013b643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006300050]
18:29:22.742 AVAST engine scan C:\Windows
18:29:25.102 AVAST engine scan C:\Windows\system32
18:30:55.397 AVAST engine scan C:\Windows\system32\drivers
18:31:02.255 AVAST engine scan C:\Users\*********
18:31:54.760 AVAST engine scan C:\ProgramData
18:32:45.980 Scan finished successfully
18:33:12.117 Disk 0 MBR has been saved successfully to "C:\Users\******\Desktop\Logs Mai\MBR.dat"
18:33:12.123 The log file has been saved successfully to "C:\Users\******\Desktop\Logs Mai\aswMBR.txt"
Code:
ATTFilter 18:33:46.0762 2616 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:33:47.0223 2616 ============================================================
18:33:47.0223 2616 Current date / time: 2013/05/13 18:33:47.0223
18:33:47.0223 2616 SystemInfo:
18:33:47.0223 2616
18:33:47.0223 2616 OS Version: 6.1.7601 ServicePack: 1.0
18:33:47.0223 2616 Product type: Workstation
18:33:47.0223 2616 ComputerName: *********
18:33:47.0223 2616 UserName: *********
18:33:47.0223 2616 Windows directory: C:\Windows
18:33:47.0223 2616 System windows directory: C:\Windows
18:33:47.0223 2616 Running under WOW64
18:33:47.0223 2616 Processor architecture: Intel x64
18:33:47.0223 2616 Number of processors: 8
18:33:47.0223 2616 Page size: 0x1000
18:33:47.0223 2616 Boot type: Normal boot
18:33:47.0223 2616 ============================================================
18:33:48.0097 2616 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:33:48.0122 2616 Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:33:48.0143 2616 ============================================================
18:33:48.0143 2616 \Device\Harddisk0\DR0:
18:33:48.0143 2616 MBR partitions:
18:33:48.0143 2616 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x15C3000
18:33:48.0143 2616 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F2800, BlocksNum 0x73113800
18:33:48.0143 2616 \Device\Harddisk5\DR5:
18:33:48.0144 2616 MBR partitions:
18:33:48.0144 2616 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
18:33:48.0144 2616 ============================================================
18:33:48.0175 2616 C: <-> \Device\Harddisk0\DR0\Partition2
18:33:48.0178 2616 I: <-> \Device\Harddisk5\DR5\Partition1
18:33:48.0179 2616 ============================================================
18:33:48.0179 2616 Initialize success
18:33:48.0179 2616 ============================================================
18:33:51.0642 6908 ============================================================
18:33:51.0642 6908 Scan started
18:33:51.0642 6908 Mode: Manual;
18:33:51.0642 6908 ============================================================
18:33:52.0405 6908 ================ Scan system memory ========================
18:33:52.0405 6908 System memory - ok
18:33:52.0406 6908 ================ Scan services =============================
18:33:52.0523 6908 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:33:52.0527 6908 1394ohci - ok
18:33:52.0546 6908 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:33:52.0551 6908 ACPI - ok
18:33:52.0567 6908 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:33:52.0568 6908 AcpiPmi - ok
18:33:52.0653 6908 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:33:52.0654 6908 AdobeARMservice - ok
18:33:52.0736 6908 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:33:52.0740 6908 AdobeFlashPlayerUpdateSvc - ok
18:33:52.0770 6908 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:33:52.0777 6908 adp94xx - ok
18:33:52.0798 6908 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:33:52.0803 6908 adpahci - ok
18:33:52.0816 6908 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:33:52.0819 6908 adpu320 - ok
18:33:52.0836 6908 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:33:52.0838 6908 AeLookupSvc - ok
18:33:52.0869 6908 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:33:52.0876 6908 AFD - ok
18:33:52.0893 6908 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:33:52.0895 6908 agp440 - ok
18:33:52.0909 6908 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:33:52.0911 6908 ALG - ok
18:33:52.0920 6908 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:33:52.0921 6908 aliide - ok
18:33:52.0928 6908 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:33:52.0929 6908 amdide - ok
18:33:52.0940 6908 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:33:52.0942 6908 AmdK8 - ok
18:33:52.0953 6908 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:33:52.0954 6908 AmdPPM - ok
18:33:52.0967 6908 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:33:52.0969 6908 amdsata - ok
18:33:52.0980 6908 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:33:52.0983 6908 amdsbs - ok
18:33:52.0993 6908 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:33:52.0994 6908 amdxata - ok
18:33:53.0017 6908 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:33:53.0019 6908 AppID - ok
18:33:53.0028 6908 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:33:53.0030 6908 AppIDSvc - ok
18:33:53.0050 6908 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
18:33:53.0052 6908 Appinfo - ok
18:33:53.0104 6908 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:33:53.0106 6908 Apple Mobile Device - ok
18:33:53.0121 6908 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
18:33:53.0122 6908 arc - ok
18:33:53.0135 6908 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:33:53.0137 6908 arcsas - ok
18:33:53.0150 6908 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:33:53.0151 6908 aswFsBlk - ok
18:33:53.0190 6908 [ 36949EB7E71C5779C5163AF6AFB2A161 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
18:33:53.0191 6908 aswKbd - ok
18:33:53.0216 6908 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:33:53.0217 6908 aswMonFlt - ok
18:33:53.0228 6908 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
18:33:53.0229 6908 aswRdr - ok
18:33:53.0289 6908 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:33:53.0290 6908 aswRvrt - ok
18:33:53.0323 6908 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:33:53.0333 6908 aswSnx - ok
18:33:53.0354 6908 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:33:53.0358 6908 aswSP - ok
18:33:53.0372 6908 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:33:53.0373 6908 aswTdi - ok
18:33:53.0392 6908 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:33:53.0395 6908 aswVmm - ok
18:33:53.0407 6908 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:33:53.0408 6908 AsyncMac - ok
18:33:53.0414 6908 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:33:53.0415 6908 atapi - ok
18:33:53.0450 6908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:33:53.0461 6908 AudioEndpointBuilder - ok
18:33:53.0475 6908 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:33:53.0482 6908 AudioSrv - ok
18:33:53.0552 6908 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:33:53.0554 6908 avast! Antivirus - ok
18:33:53.0581 6908 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:33:53.0584 6908 AxInstSV - ok
18:33:53.0605 6908 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:33:53.0612 6908 b06bdrv - ok
18:33:53.0642 6908 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:33:53.0647 6908 b57nd60a - ok
18:33:53.0658 6908 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:33:53.0661 6908 BDESVC - ok
18:33:53.0666 6908 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:33:53.0667 6908 Beep - ok
18:33:53.0717 6908 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:33:53.0727 6908 BFE - ok
18:33:53.0754 6908 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
18:33:53.0775 6908 BITS - ok
18:33:53.0786 6908 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:33:53.0788 6908 blbdrive - ok
18:33:53.0818 6908 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:33:53.0826 6908 Bonjour Service - ok
18:33:53.0848 6908 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:33:53.0850 6908 bowser - ok
18:33:53.0856 6908 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:33:53.0857 6908 BrFiltLo - ok
18:33:53.0870 6908 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:33:53.0871 6908 BrFiltUp - ok
18:33:53.0900 6908 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:33:53.0904 6908 Browser - ok
18:33:53.0913 6908 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:33:53.0917 6908 Brserid - ok
18:33:53.0929 6908 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:33:53.0930 6908 BrSerWdm - ok
18:33:53.0935 6908 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:33:53.0936 6908 BrUsbMdm - ok
18:33:53.0944 6908 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:33:53.0945 6908 BrUsbSer - ok
18:33:53.0950 6908 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:33:53.0952 6908 BTHMODEM - ok
18:33:53.0986 6908 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:33:53.0989 6908 bthserv - ok
18:33:54.0000 6908 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:33:54.0002 6908 cdfs - ok
18:33:54.0015 6908 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:33:54.0017 6908 cdrom - ok
18:33:54.0030 6908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:33:54.0032 6908 CertPropSvc - ok
18:33:54.0041 6908 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:33:54.0042 6908 circlass - ok
18:33:54.0051 6908 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:33:54.0055 6908 CLFS - ok
18:33:54.0095 6908 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:33:54.0097 6908 clr_optimization_v2.0.50727_32 - ok
18:33:54.0114 6908 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:33:54.0117 6908 clr_optimization_v2.0.50727_64 - ok
18:33:54.0172 6908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:33:54.0176 6908 clr_optimization_v4.0.30319_32 - ok
18:33:54.0198 6908 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:33:54.0201 6908 clr_optimization_v4.0.30319_64 - ok
18:33:54.0205 6908 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:33:54.0206 6908 CmBatt - ok
18:33:54.0220 6908 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:33:54.0221 6908 cmdide - ok
18:33:54.0260 6908 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
18:33:54.0267 6908 CNG - ok
18:33:54.0285 6908 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:33:54.0286 6908 Compbatt - ok
18:33:54.0310 6908 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:33:54.0311 6908 CompositeBus - ok
18:33:54.0323 6908 COMSysApp - ok
18:33:54.0329 6908 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:33:54.0330 6908 crcdisk - ok
18:33:54.0365 6908 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:33:54.0368 6908 CryptSvc - ok
18:33:54.0396 6908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:33:54.0403 6908 DcomLaunch - ok
18:33:54.0419 6908 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:33:54.0423 6908 defragsvc - ok
18:33:54.0441 6908 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:33:54.0442 6908 DfsC - ok
18:33:54.0460 6908 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:33:54.0464 6908 Dhcp - ok
18:33:54.0467 6908 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:33:54.0467 6908 discache - ok
18:33:54.0476 6908 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:33:54.0477 6908 Disk - ok
18:33:54.0498 6908 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:33:54.0500 6908 Dnscache - ok
18:33:54.0514 6908 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:33:54.0517 6908 dot3svc - ok
18:33:54.0567 6908 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:33:54.0570 6908 Dot4 - ok
18:33:54.0586 6908 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:33:54.0587 6908 Dot4Print - ok
18:33:54.0617 6908 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:33:54.0618 6908 dot4usb - ok
18:33:54.0637 6908 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:33:54.0641 6908 DPS - ok
18:33:54.0665 6908 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:33:54.0666 6908 drmkaud - ok
18:33:54.0703 6908 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:33:54.0712 6908 DXGKrnl - ok
18:33:54.0724 6908 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:33:54.0728 6908 EapHost - ok
18:33:54.0787 6908 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:33:54.0851 6908 ebdrv - ok
18:33:54.0941 6908 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:33:54.0945 6908 EFS - ok
18:33:54.0990 6908 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:33:55.0000 6908 ehRecvr - ok
18:33:55.0029 6908 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:33:55.0032 6908 ehSched - ok
18:33:55.0054 6908 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:33:55.0062 6908 elxstor - ok
18:33:55.0069 6908 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:33:55.0070 6908 ErrDev - ok
18:33:55.0095 6908 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:33:55.0102 6908 EventSystem - ok
18:33:55.0117 6908 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:33:55.0120 6908 exfat - ok
18:33:55.0136 6908 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:33:55.0140 6908 fastfat - ok
18:33:55.0170 6908 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:33:55.0181 6908 Fax - ok
18:33:55.0196 6908 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:33:55.0197 6908 fdc - ok
18:33:55.0213 6908 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:33:55.0216 6908 fdPHost - ok
18:33:55.0226 6908 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:33:55.0229 6908 FDResPub - ok
18:33:55.0241 6908 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:33:55.0243 6908 FileInfo - ok
18:33:55.0251 6908 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:33:55.0252 6908 Filetrace - ok
18:33:55.0257 6908 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:33:55.0258 6908 flpydisk - ok
18:33:55.0277 6908 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:33:55.0280 6908 FltMgr - ok
18:33:55.0317 6908 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:33:55.0331 6908 FontCache - ok
18:33:55.0356 6908 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:33:55.0358 6908 FontCache3.0.0.0 - ok
18:33:55.0366 6908 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:33:55.0367 6908 FsDepends - ok
18:33:55.0386 6908 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:33:55.0387 6908 Fs_Rec - ok
18:33:55.0418 6908 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:33:55.0421 6908 fvevol - ok
18:33:55.0435 6908 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:33:55.0437 6908 gagp30kx - ok
18:33:55.0479 6908 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:33:55.0479 6908 GEARAspiWDM - ok
18:33:55.0516 6908 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:33:55.0527 6908 gpsvc - ok
18:33:55.0571 6908 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
18:33:55.0572 6908 hamachi - ok
18:33:55.0771 6908 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
18:33:55.0814 6908 Hamachi2Svc - ok
18:33:55.0820 6908 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:33:55.0821 6908 hcw85cir - ok
18:33:55.0842 6908 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:33:55.0847 6908 HdAudAddService - ok
18:33:55.0877 6908 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:33:55.0879 6908 HDAudBus - ok
18:33:55.0901 6908 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:33:55.0903 6908 HECIx64 - ok
18:33:55.0908 6908 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:33:55.0909 6908 HidBatt - ok
18:33:55.0922 6908 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:33:55.0924 6908 HidBth - ok
18:33:55.0931 6908 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:33:55.0933 6908 HidIr - ok
18:33:55.0957 6908 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
18:33:55.0961 6908 hidserv - ok
18:33:55.0965 6908 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:33:55.0967 6908 HidUsb - ok
18:33:55.0990 6908 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:33:55.0994 6908 hkmsvc - ok
18:33:56.0017 6908 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:33:56.0023 6908 HomeGroupListener - ok
18:33:56.0035 6908 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:33:56.0041 6908 HomeGroupProvider - ok
18:33:56.0128 6908 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:33:56.0132 6908 hpqcxs08 - ok
18:33:56.0156 6908 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:33:56.0158 6908 hpqddsvc - ok
18:33:56.0170 6908 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:33:56.0172 6908 HpSAMD - ok
18:33:56.0201 6908 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:33:56.0220 6908 HPSLPSVC - ok
18:33:56.0278 6908 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:33:56.0289 6908 HTTP - ok
18:33:56.0309 6908 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:33:56.0310 6908 hwpolicy - ok
18:33:56.0325 6908 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:33:56.0327 6908 i8042prt - ok
18:33:56.0338 6908 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:33:56.0343 6908 iaStorV - ok
18:33:56.0375 6908 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:33:56.0388 6908 idsvc - ok
18:33:56.0409 6908 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:33:56.0411 6908 iirsp - ok
18:33:56.0441 6908 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:33:56.0456 6908 IKEEXT - ok
18:33:56.0526 6908 [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:33:56.0544 6908 IntcAzAudAddService - ok
18:33:56.0562 6908 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:33:56.0563 6908 intelide - ok
18:33:56.0576 6908 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:33:56.0577 6908 intelppm - ok
18:33:56.0592 6908 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:33:56.0595 6908 IPBusEnum - ok
18:33:56.0610 6908 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:33:56.0612 6908 IpFilterDriver - ok
18:33:56.0649 6908 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:33:56.0659 6908 iphlpsvc - ok
18:33:56.0674 6908 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:33:56.0677 6908 IPMIDRV - ok
18:33:56.0694 6908 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:33:56.0696 6908 IPNAT - ok
18:33:56.0754 6908 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:33:56.0764 6908 iPod Service - ok
18:33:56.0778 6908 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:33:56.0779 6908 IRENUM - ok
18:33:56.0792 6908 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:33:56.0793 6908 isapnp - ok
18:33:56.0814 6908 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:33:56.0819 6908 iScsiPrt - ok
18:33:56.0859 6908 [ B2B34FD7372E6E01A26E9AE22CC8F1EC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:33:56.0863 6908 k57nd60a - ok
18:33:56.0874 6908 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:33:56.0875 6908 kbdclass - ok
18:33:56.0881 6908 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:33:56.0882 6908 kbdhid - ok
18:33:56.0888 6908 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:33:56.0890 6908 KeyIso - ok
18:33:56.0912 6908 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:33:56.0913 6908 KSecDD - ok
18:33:56.0946 6908 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:33:56.0949 6908 KSecPkg - ok
18:33:56.0958 6908 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:33:56.0959 6908 ksthunk - ok
18:33:56.0983 6908 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:33:56.0993 6908 KtmRm - ok
18:33:57.0018 6908 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:33:57.0026 6908 LanmanServer - ok
18:33:57.0047 6908 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:33:57.0055 6908 LanmanWorkstation - ok
18:33:57.0083 6908 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
18:33:57.0084 6908 LGBusEnum - ok
18:33:57.0095 6908 [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
18:33:57.0096 6908 LGPBTDD - ok
18:33:57.0124 6908 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
18:33:57.0125 6908 LGVirHid - ok
18:33:57.0154 6908 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:33:57.0156 6908 lltdio - ok
18:33:57.0180 6908 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:33:57.0188 6908 lltdsvc - ok
18:33:57.0210 6908 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:33:57.0214 6908 lmhosts - ok
18:33:57.0231 6908 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:33:57.0234 6908 LSI_FC - ok
18:33:57.0248 6908 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:33:57.0251 6908 LSI_SAS - ok
18:33:57.0264 6908 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:33:57.0266 6908 LSI_SAS2 - ok
18:33:57.0280 6908 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:33:57.0283 6908 LSI_SCSI - ok
18:33:57.0298 6908 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:33:57.0301 6908 luafv - ok
18:33:57.0366 6908 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:33:57.0367 6908 MBAMProtector - ok
18:33:57.0418 6908 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:33:57.0424 6908 MBAMScheduler - ok
18:33:57.0450 6908 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:33:57.0462 6908 MBAMService - ok
18:33:57.0501 6908 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:33:57.0506 6908 Mcx2Svc - ok
18:33:57.0524 6908 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:33:57.0526 6908 megasas - ok
18:33:57.0541 6908 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:33:57.0545 6908 MegaSR - ok
18:33:57.0555 6908 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:33:57.0560 6908 MMCSS - ok
18:33:57.0574 6908 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:33:57.0576 6908 Modem - ok
18:33:57.0585 6908 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:33:57.0586 6908 monitor - ok
18:33:57.0607 6908 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:33:57.0608 6908 mouclass - ok
18:33:57.0624 6908 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:33:57.0626 6908 mouhid - ok
18:33:57.0643 6908 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:33:57.0646 6908 mountmgr - ok
18:33:57.0675 6908 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:33:57.0678 6908 MozillaMaintenance - ok
18:33:57.0697 6908 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:33:57.0701 6908 mpio - ok
18:33:57.0713 6908 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:33:57.0715 6908 mpsdrv - ok
18:33:57.0753 6908 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:33:57.0775 6908 MpsSvc - ok
18:33:57.0803 6908 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:33:57.0806 6908 MRxDAV - ok
18:33:57.0828 6908 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:33:57.0832 6908 mrxsmb - ok
18:33:57.0847 6908 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:33:57.0852 6908 mrxsmb10 - ok
18:33:57.0869 6908 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:33:57.0872 6908 mrxsmb20 - ok
18:33:57.0882 6908 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:33:57.0884 6908 msahci - ok
18:33:57.0896 6908 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:33:57.0899 6908 msdsm - ok
18:33:57.0914 6908 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:33:57.0920 6908 MSDTC - ok
18:33:57.0931 6908 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:33:57.0933 6908 Msfs - ok
18:33:57.0939 6908 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:33:57.0940 6908 mshidkmdf - ok
18:33:57.0945 6908 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:33:57.0945 6908 msisadrv - ok
18:33:57.0962 6908 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:33:57.0965 6908 MSiSCSI - ok
18:33:57.0968 6908 msiserver - ok
18:33:57.0986 6908 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:33:57.0987 6908 MSKSSRV - ok
18:33:57.0990 6908 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:33:57.0991 6908 MSPCLOCK - ok
18:33:57.0994 6908 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:33:57.0995 6908 MSPQM - ok
18:33:58.0023 6908 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:33:58.0027 6908 MsRPC - ok
18:33:58.0037 6908 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:33:58.0037 6908 mssmbios - ok
18:33:58.0048 6908 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:33:58.0049 6908 MSTEE - ok
18:33:58.0064 6908 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:33:58.0065 6908 MTConfig - ok
18:33:58.0077 6908 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:33:58.0078 6908 Mup - ok
18:33:58.0096 6908 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:33:58.0104 6908 napagent - ok
18:33:58.0128 6908 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:33:58.0132 6908 NativeWifiP - ok
18:33:58.0154 6908 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:33:58.0164 6908 NDIS - ok
18:33:58.0207 6908 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:33:58.0208 6908 NdisCap - ok
18:33:58.0224 6908 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:33:58.0226 6908 NdisTapi - ok
18:33:58.0251 6908 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:33:58.0253 6908 Ndisuio - ok
18:33:58.0274 6908 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:33:58.0277 6908 NdisWan - ok
18:33:58.0297 6908 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:33:58.0299 6908 NDProxy - ok
18:33:58.0354 6908 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:33:58.0357 6908 Net Driver HPZ12 - ok
18:33:58.0362 6908 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:33:58.0364 6908 NetBIOS - ok
18:33:58.0373 6908 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:33:58.0377 6908 NetBT - ok
18:33:58.0391 6908 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:33:58.0394 6908 Netlogon - ok
18:33:58.0416 6908 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:33:58.0424 6908 Netman - ok
18:33:58.0440 6908 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:33:58.0449 6908 netprofm - ok
18:33:58.0492 6908 [ C9E9017AC2291E96ED3376B72BC7CF8D ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
18:33:58.0503 6908 netr28ux - ok
18:33:58.0529 6908 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:33:58.0531 6908 NetTcpPortSharing - ok
18:33:58.0543 6908 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:33:58.0544 6908 nfrd960 - ok
18:33:58.0555 6908 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:33:58.0560 6908 NlaSvc - ok
18:33:58.0564 6908 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:33:58.0565 6908 Npfs - ok
18:33:58.0578 6908 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:33:58.0581 6908 nsi - ok
18:33:58.0590 6908 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:33:58.0590 6908 nsiproxy - ok
18:33:58.0648 6908 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:33:58.0690 6908 Ntfs - ok
18:33:58.0701 6908 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:33:58.0702 6908 Null - ok
18:33:58.0884 6908 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:33:58.0923 6908 nvlddmkm - ok
18:33:58.0935 6908 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:33:58.0937 6908 nvraid - ok
18:33:58.0960 6908 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:33:58.0962 6908 nvstor - ok
18:33:59.0002 6908 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:33:59.0009 6908 nvsvc - ok
18:33:59.0077 6908 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:33:59.0085 6908 nvUpdatusService - ok
18:33:59.0103 6908 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:33:59.0106 6908 nv_agp - ok
18:33:59.0115 6908 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:33:59.0116 6908 ohci1394 - ok
18:33:59.0130 6908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:33:59.0136 6908 p2pimsvc - ok
18:33:59.0145 6908 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:33:59.0158 6908 p2psvc - ok
18:33:59.0168 6908 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:33:59.0170 6908 Parport - ok
18:33:59.0179 6908 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:33:59.0180 6908 partmgr - ok
18:33:59.0197 6908 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:33:59.0202 6908 PcaSvc - ok
18:33:59.0207 6908 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:33:59.0210 6908 pci - ok
18:33:59.0230 6908 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:33:59.0231 6908 pciide - ok
18:33:59.0237 6908 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:33:59.0239 6908 pcmcia - ok
18:33:59.0243 6908 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:33:59.0244 6908 pcw - ok
18:33:59.0264 6908 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:33:59.0271 6908 PEAUTH - ok
18:33:59.0336 6908 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:33:59.0340 6908 PerfHost - ok
18:33:59.0392 6908 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:33:59.0419 6908 pla - ok
18:33:59.0441 6908 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:33:59.0449 6908 PlugPlay - ok
18:33:59.0507 6908 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:33:59.0511 6908 Pml Driver HPZ12 - ok
18:33:59.0522 6908 PnkBstrA - ok
18:33:59.0528 6908 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:33:59.0532 6908 PNRPAutoReg - ok
18:33:59.0553 6908 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:33:59.0559 6908 PNRPsvc - ok
18:33:59.0595 6908 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:33:59.0604 6908 PolicyAgent - ok
18:33:59.0622 6908 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:33:59.0628 6908 Power - ok
18:33:59.0645 6908 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:33:59.0647 6908 PptpMiniport - ok
18:33:59.0657 6908 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:33:59.0659 6908 Processor - ok
18:33:59.0684 6908 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:33:59.0691 6908 ProfSvc - ok
18:33:59.0699 6908 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:33:59.0702 6908 ProtectedStorage - ok
18:33:59.0726 6908 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:33:59.0728 6908 Psched - ok
18:33:59.0750 6908 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
18:33:59.0751 6908 PSI - ok
18:33:59.0781 6908 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:33:59.0807 6908 ql2300 - ok
18:33:59.0816 6908 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:33:59.0819 6908 ql40xx - ok
18:33:59.0838 6908 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:33:59.0844 6908 QWAVE - ok
18:33:59.0852 6908 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:33:59.0853 6908 QWAVEdrv - ok
18:33:59.0904 6908 [ D319343661F7FEBFB6F43C453C26E779 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RaRegistry.exe
18:33:59.0906 6908 RalinkRegistryWriter - ok
18:33:59.0919 6908 [ C0E618F5A0D643F71FDD96CDC0C561C3 ] RalinkRegistryWriter64 C:\Program Files (x86)\Hama\Common\RaRegistry64.exe
18:33:59.0923 6908 RalinkRegistryWriter64 - ok
18:33:59.0940 6908 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:33:59.0942 6908 RasAcd - ok
18:33:59.0969 6908 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:33:59.0971 6908 RasAgileVpn - ok
18:33:59.0981 6908 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:33:59.0987 6908 RasAuto - ok
18:33:59.0993 6908 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:33:59.0996 6908 Rasl2tp - ok
18:34:00.0016 6908 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:34:00.0026 6908 RasMan - ok
18:34:00.0032 6908 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:00.0034 6908 RasPppoe - ok
18:34:00.0040 6908 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:34:00.0042 6908 RasSstp - ok
18:34:00.0060 6908 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:34:00.0064 6908 rdbss - ok
18:34:00.0075 6908 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:34:00.0076 6908 rdpbus - ok
18:34:00.0097 6908 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:00.0097 6908 RDPCDD - ok
18:34:00.0103 6908 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:34:00.0103 6908 RDPENCDD - ok
18:34:00.0112 6908 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:34:00.0113 6908 RDPREFMP - ok
18:34:00.0167 6908 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:34:00.0168 6908 RdpVideoMiniport - ok
18:34:00.0196 6908 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:34:00.0200 6908 RDPWD - ok
18:34:00.0238 6908 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:34:00.0242 6908 rdyboost - ok
18:34:00.0264 6908 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:34:00.0269 6908 RemoteAccess - ok
18:34:00.0283 6908 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:34:00.0290 6908 RemoteRegistry - ok
18:34:00.0298 6908 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:34:00.0303 6908 RpcEptMapper - ok
18:34:00.0355 6908 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:34:00.0358 6908 RpcLocator - ok
18:34:00.0380 6908 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:34:00.0390 6908 RpcSs - ok
18:34:00.0409 6908 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:34:00.0411 6908 rspndr - ok
18:34:00.0424 6908 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:34:00.0427 6908 SamSs - ok
18:34:00.0450 6908 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:34:00.0453 6908 sbp2port - ok
18:34:00.0473 6908 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:34:00.0480 6908 SCardSvr - ok
18:34:00.0500 6908 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:34:00.0501 6908 scfilter - ok
18:34:00.0542 6908 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:34:00.0568 6908 Schedule - ok
18:34:00.0580 6908 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:34:00.0581 6908 SCPolicySvc - ok
18:34:00.0599 6908 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:34:00.0605 6908 SDRSVC - ok
18:34:00.0621 6908 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:34:00.0623 6908 secdrv - ok
18:34:00.0642 6908 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:34:00.0647 6908 seclogon - ok
18:34:00.0712 6908 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:34:00.0739 6908 Secunia PSI Agent - ok
18:34:00.0817 6908 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:34:00.0824 6908 Secunia Update Agent - ok
18:34:00.0830 6908 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
18:34:00.0836 6908 SENS - ok
18:34:00.0852 6908 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:34:00.0858 6908 SensrSvc - ok
18:34:00.0871 6908 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:34:00.0873 6908 Serenum - ok
18:34:00.0884 6908 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:34:00.0887 6908 Serial - ok
18:34:00.0912 6908 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:34:00.0914 6908 sermouse - ok
18:34:00.0934 6908 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:34:00.0941 6908 SessionEnv - ok
18:34:00.0953 6908 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:34:00.0954 6908 sffdisk - ok
18:34:00.0961 6908 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:34:00.0962 6908 sffp_mmc - ok
18:34:00.0968 6908 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:34:00.0969 6908 sffp_sd - ok
18:34:00.0974 6908 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:34:00.0976 6908 sfloppy - ok
18:34:01.0004 6908 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:34:01.0012 6908 SharedAccess - ok
18:34:01.0028 6908 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:01.0038 6908 ShellHWDetection - ok
18:34:01.0052 6908 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:34:01.0054 6908 SiSRaid2 - ok
18:34:01.0066 6908 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:34:01.0068 6908 SiSRaid4 - ok
18:34:01.0207 6908 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
18:34:01.0267 6908 Skype C2C Service - ok
18:34:01.0307 6908 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:01.0310 6908 SkypeUpdate - ok
18:34:01.0334 6908 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:34:01.0337 6908 Smb - ok
18:34:01.0387 6908 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:34:01.0393 6908 SNMPTRAP - ok
18:34:01.0403 6908 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:34:01.0405 6908 spldr - ok
18:34:01.0436 6908 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:34:01.0445 6908 Spooler - ok
18:34:01.0511 6908 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:34:01.0568 6908 sppsvc - ok
18:34:01.0593 6908 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:34:01.0595 6908 sppuinotify - ok
18:34:01.0610 6908 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:34:01.0615 6908 srv - ok
18:34:01.0621 6908 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:34:01.0625 6908 srv2 - ok
18:34:01.0629 6908 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:34:01.0631 6908 srvnet - ok
18:34:01.0659 6908 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:34:01.0663 6908 SSDPSRV - ok
18:34:01.0666 6908 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:34:01.0669 6908 SstpSvc - ok
18:34:01.0690 6908 Steam Client Service - ok
18:34:01.0739 6908 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:34:01.0744 6908 Stereo Service - ok
18:34:01.0759 6908 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:34:01.0760 6908 stexstor - ok
18:34:01.0788 6908 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:34:01.0802 6908 stisvc - ok
18:34:01.0820 6908 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:34:01.0821 6908 swenum - ok
18:34:01.0839 6908 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:34:01.0848 6908 swprv - ok
18:34:01.0890 6908 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:34:01.0923 6908 SysMain - ok
18:34:01.0940 6908 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:01.0944 6908 TabletInputService - ok
18:34:01.0960 6908 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:34:01.0967 6908 TapiSrv - ok
18:34:01.0979 6908 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:34:01.0983 6908 TBS - ok
18:34:02.0038 6908 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:34:02.0082 6908 Tcpip - ok
18:34:02.0122 6908 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:34:02.0140 6908 TCPIP6 - ok
18:34:02.0182 6908 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:34:02.0183 6908 tcpipreg - ok
18:34:02.0196 6908 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:34:02.0197 6908 TDPIPE - ok
18:34:02.0227 6908 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:34:02.0229 6908 TDTCP - ok
18:34:02.0244 6908 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:34:02.0245 6908 tdx - ok
18:34:02.0267 6908 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:34:02.0268 6908 TermDD - ok
18:34:02.0289 6908 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:34:02.0300 6908 TermService - ok
18:34:02.0328 6908 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:34:02.0333 6908 Themes - ok
18:34:02.0348 6908 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:34:02.0351 6908 THREADORDER - ok
18:34:02.0362 6908 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:34:02.0368 6908 TrkWks - ok
18:34:02.0394 6908 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:02.0397 6908 TrustedInstaller - ok
18:34:02.0426 6908 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:02.0427 6908 tssecsrv - ok
18:34:02.0484 6908 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:34:02.0486 6908 TsUsbFlt - ok
18:34:02.0575 6908 [ D27430FD0EFD8CE745CCF6F179A5C4F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
18:34:02.0652 6908 TuneUp.UtilitiesSvc - ok
18:34:02.0686 6908 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
18:34:02.0687 6908 TuneUpUtilitiesDrv - ok
18:34:02.0713 6908 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:34:02.0716 6908 tunnel - ok
18:34:02.0727 6908 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:34:02.0729 6908 uagp35 - ok
18:34:02.0745 6908 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:34:02.0750 6908 udfs - ok
18:34:02.0765 6908 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:34:02.0772 6908 UI0Detect - ok
18:34:02.0780 6908 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:34:02.0782 6908 uliagpkx - ok
18:34:02.0809 6908 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
18:34:02.0811 6908 umbus - ok
18:34:02.0827 6908 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:34:02.0829 6908 UmPass - ok
18:34:02.0850 6908 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:34:02.0861 6908 upnphost - ok
18:34:02.0898 6908 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:34:02.0900 6908 USBAAPL64 - ok
18:34:02.0927 6908 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:34:02.0930 6908 usbaudio - ok
18:34:02.0939 6908 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:02.0942 6908 usbccgp - ok
18:34:02.0954 6908 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:34:02.0956 6908 usbcir - ok
18:34:02.0973 6908 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:34:02.0975 6908 usbehci - ok
18:34:02.0991 6908 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:34:02.0996 6908 usbhub - ok
18:34:03.0012 6908 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:34:03.0014 6908 usbohci - ok
18:34:03.0035 6908 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:34:03.0036 6908 usbprint - ok
18:34:03.0072 6908 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:34:03.0074 6908 usbscan - ok
18:34:03.0102 6908 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:03.0104 6908 USBSTOR - ok
18:34:03.0110 6908 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:34:03.0111 6908 usbuhci - ok
18:34:03.0120 6908 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:34:03.0127 6908 UxSms - ok
18:34:03.0162 6908 [ 9366DA7E69065E314E3FBB1DE4C84CEC ] UxTuneUp C:\Windows\System32\uxtuneup.dll
18:34:03.0168 6908 UxTuneUp - ok
18:34:03.0181 6908 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:34:03.0185 6908 VaultSvc - ok
18:34:03.0201 6908 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:34:03.0202 6908 vdrvroot - ok
18:34:03.0223 6908 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:34:03.0237 6908 vds - ok
18:34:03.0252 6908 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:03.0254 6908 vga - ok
18:34:03.0259 6908 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:34:03.0261 6908 VgaSave - ok
18:34:03.0277 6908 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:34:03.0281 6908 vhdmp - ok
18:34:03.0305 6908 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:34:03.0306 6908 viaide - ok
18:34:03.0312 6908 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:34:03.0314 6908 volmgr - ok
18:34:03.0331 6908 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:34:03.0337 6908 volmgrx - ok
18:34:03.0359 6908 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:34:03.0364 6908 volsnap - ok
18:34:03.0384 6908 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:34:03.0387 6908 vsmraid - ok
18:34:03.0429 6908 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:34:03.0475 6908 VSS - ok
18:34:03.0490 6908 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:03.0491 6908 vwifibus - ok
18:34:03.0518 6908 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:03.0519 6908 vwififlt - ok
18:34:03.0549 6908 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:34:03.0557 6908 W32Time - ok
18:34:03.0568 6908 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:34:03.0569 6908 WacomPen - ok
18:34:03.0584 6908 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:34:03.0586 6908 WANARP - ok
18:34:03.0590 6908 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:34:03.0591 6908 Wanarpv6 - ok
18:34:03.0623 6908 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:34:03.0650 6908 wbengine - ok
18:34:03.0667 6908 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:34:03.0673 6908 WbioSrvc - ok
18:34:03.0687 6908 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:34:03.0694 6908 wcncsvc - ok
18:34:03.0705 6908 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:03.0709 6908 WcsPlugInService - ok
18:34:03.0721 6908 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:34:03.0722 6908 Wd - ok
18:34:03.0755 6908 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:34:03.0763 6908 Wdf01000 - ok
18:34:03.0774 6908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:34:03.0778 6908 WdiServiceHost - ok
18:34:03.0782 6908 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:34:03.0786 6908 WdiSystemHost - ok
18:34:03.0797 6908 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:34:03.0804 6908 WebClient - ok
18:34:03.0818 6908 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:34:03.0824 6908 Wecsvc - ok
18:34:03.0834 6908 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:34:03.0839 6908 wercplsupport - ok
18:34:03.0849 6908 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:34:03.0854 6908 WerSvc - ok
18:34:03.0865 6908 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:03.0866 6908 WfpLwf - ok
18:34:03.0875 6908 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:34:03.0877 6908 WIMMount - ok
18:34:03.0884 6908 WinDefend - ok
18:34:03.0897 6908 WinHttpAutoProxySvc - ok
18:34:03.0933 6908 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:34:03.0936 6908 Winmgmt - ok
18:34:03.0978 6908 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:34:04.0021 6908 WinRM - ok
18:34:04.0070 6908 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:04.0071 6908 WinUsb - ok
18:34:04.0108 6908 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:34:04.0134 6908 Wlansvc - ok
18:34:04.0241 6908 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:34:04.0284 6908 wlidsvc - ok
18:34:04.0290 6908 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:34:04.0292 6908 WmiAcpi - ok
18:34:04.0308 6908 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:34:04.0311 6908 wmiApSrv - ok
18:34:04.0330 6908 WMPNetworkSvc - ok
18:34:04.0350 6908 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:34:04.0354 6908 WPCSvc - ok
18:34:04.0374 6908 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:34:04.0379 6908 WPDBusEnum - ok
18:34:04.0388 6908 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:34:04.0389 6908 ws2ifsl - ok
18:34:04.0400 6908 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
18:34:04.0405 6908 wscsvc - ok
18:34:04.0409 6908 WSearch - ok
18:34:04.0469 6908 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:34:04.0530 6908 wuauserv - ok
18:34:04.0566 6908 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:34:04.0567 6908 WudfPf - ok
18:34:04.0608 6908 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:04.0612 6908 WUDFRd - ok
18:34:04.0645 6908 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:34:04.0652 6908 wudfsvc - ok
18:34:04.0664 6908 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
18:34:04.0674 6908 WwanSvc - ok
18:34:04.0694 6908 ================ Scan global ===============================
18:34:04.0715 6908 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:34:04.0757 6908 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:34:04.0772 6908 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:34:04.0826 6908 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:34:04.0862 6908 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:34:04.0872 6908 [Global] - ok
18:34:04.0872 6908 ================ Scan MBR ==================================
18:34:04.0887 6908 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:34:05.0099 6908 \Device\Harddisk0\DR0 - ok
18:34:05.0105 6908 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk5\DR5
18:34:05.0155 6908 \Device\Harddisk5\DR5 - ok
18:34:05.0156 6908 ================ Scan VBR ==================================
18:34:05.0159 6908 [ 8FC7486FF94FD6FBE84BB89702437BD7 ] \Device\Harddisk0\DR0\Partition1
18:34:05.0162 6908 \Device\Harddisk0\DR0\Partition1 - ok
18:34:05.0180 6908 [ 61DFB193D6FD34A493390610355B70BF ] \Device\Harddisk0\DR0\Partition2
18:34:05.0183 6908 \Device\Harddisk0\DR0\Partition2 - ok
18:34:05.0207 6908 [ CA17BB78C4E0E30855A9148E82962D80 ] \Device\Harddisk5\DR5\Partition1
18:34:05.0211 6908 \Device\Harddisk5\DR5\Partition1 - ok
18:34:05.0211 6908 ============================================================
18:34:05.0211 6908 Scan finished
18:34:05.0211 6908 ============================================================
18:34:05.0225 4324 Detected object count: 0
18:34:05.0225 4324 Actual detected object count: 0
18:34:14.0896 5964 Deinitialize success
|
|
14.05.2013, 10:01
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-StickZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.05.2013, 16:17
| #13 |
| | LAP06-2.vbs auf USB-Stick Entschuldigung.. Code:
ATTFilter 17:15:14.0406 3244 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:15:14.0715 3244 ============================================================
17:15:14.0715 3244 Current date / time: 2013/05/16 17:15:14.0715
17:15:14.0715 3244 SystemInfo:
17:15:14.0715 3244
17:15:14.0715 3244 OS Version: 6.1.7601 ServicePack: 1.0
17:15:14.0715 3244 Product type: Workstation
17:15:14.0715 3244 ComputerName: *********
17:15:14.0715 3244 UserName: *********
17:15:14.0715 3244 Windows directory: C:\Windows
17:15:14.0715 3244 System windows directory: C:\Windows
17:15:14.0715 3244 Running under WOW64
17:15:14.0715 3244 Processor architecture: Intel x64
17:15:14.0715 3244 Number of processors: 8
17:15:14.0715 3244 Page size: 0x1000
17:15:14.0715 3244 Boot type: Normal boot
17:15:14.0715 3244 ============================================================
17:15:15.0682 3244 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:15.0702 3244 Drive \Device\Harddisk5\DR5 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:15:19.0496 3244 ============================================================
17:15:19.0496 3244 \Device\Harddisk0\DR0:
17:15:19.0497 3244 MBR partitions:
17:15:19.0497 3244 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2F800, BlocksNum 0x15C3000
17:15:19.0497 3244 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15F2800, BlocksNum 0x73113800
17:15:19.0497 3244 \Device\Harddisk5\DR5:
17:15:19.0509 3244 MBR partitions:
17:15:19.0509 3244 \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
17:15:19.0509 3244 ============================================================
17:15:19.0534 3244 C: <-> \Device\Harddisk0\DR0\Partition2
17:15:19.0546 3244 I: <-> \Device\Harddisk5\DR5\Partition1
17:15:19.0546 3244 ============================================================
17:15:19.0547 3244 Initialize success
17:15:19.0547 3244 ============================================================
17:15:33.0520 4948 ============================================================
17:15:33.0520 4948 Scan started
17:15:33.0520 4948 Mode: Manual; SigCheck; TDLFS;
17:15:33.0520 4948 ============================================================
17:15:33.0835 4948 ================ Scan system memory ========================
17:15:33.0835 4948 System memory - ok
17:15:33.0836 4948 ================ Scan services =============================
17:15:33.0942 4948 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:15:34.0072 4948 1394ohci - ok
17:15:34.0104 4948 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:15:34.0121 4948 ACPI - ok
17:15:34.0130 4948 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:15:34.0186 4948 AcpiPmi - ok
17:15:34.0279 4948 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:15:34.0304 4948 AdobeARMservice - ok
17:15:34.0391 4948 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:34.0414 4948 AdobeFlashPlayerUpdateSvc - ok
17:15:34.0437 4948 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:15:34.0462 4948 adp94xx - ok
17:15:34.0473 4948 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:15:34.0487 4948 adpahci - ok
17:15:34.0500 4948 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:15:34.0513 4948 adpu320 - ok
17:15:34.0529 4948 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:15:34.0585 4948 AeLookupSvc - ok
17:15:34.0637 4948 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:15:34.0703 4948 AFD - ok
17:15:34.0736 4948 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:15:34.0760 4948 agp440 - ok
17:15:34.0777 4948 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:15:34.0824 4948 ALG - ok
17:15:34.0854 4948 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:15:34.0871 4948 aliide - ok
17:15:34.0879 4948 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:15:34.0896 4948 amdide - ok
17:15:34.0906 4948 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:15:34.0955 4948 AmdK8 - ok
17:15:34.0986 4948 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:15:35.0047 4948 AmdPPM - ok
17:15:35.0077 4948 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:15:35.0100 4948 amdsata - ok
17:15:35.0105 4948 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:15:35.0120 4948 amdsbs - ok
17:15:35.0128 4948 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:15:35.0138 4948 amdxata - ok
17:15:35.0159 4948 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:15:35.0250 4948 AppID - ok
17:15:35.0280 4948 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:15:35.0349 4948 AppIDSvc - ok
17:15:35.0391 4948 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
17:15:35.0443 4948 Appinfo - ok
17:15:35.0514 4948 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:15:35.0538 4948 Apple Mobile Device - ok
17:15:35.0547 4948 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:15:35.0563 4948 arc - ok
17:15:35.0570 4948 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:15:35.0585 4948 arcsas - ok
17:15:35.0612 4948 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:15:35.0641 4948 aswFsBlk - ok
17:15:35.0666 4948 [ 36949EB7E71C5779C5163AF6AFB2A161 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
17:15:35.0680 4948 aswKbd - ok
17:15:35.0701 4948 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:15:35.0715 4948 aswMonFlt - ok
17:15:35.0721 4948 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:15:35.0734 4948 aswRdr - ok
17:15:35.0865 4948 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:15:35.0887 4948 aswRvrt - ok
17:15:35.0979 4948 [ 10ED1CAB84AA65983C41A11F60294C9B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:15:36.0011 4948 aswSnx - ok
17:15:36.0029 4948 [ 00E5253353717D3CA12A0F5A6F9991EC ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:15:36.0043 4948 aswSP - ok
17:15:36.0057 4948 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:15:36.0067 4948 aswTdi - ok
17:15:36.0077 4948 [ 6359B99C955DB9F40B653159A0EED261 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:15:36.0090 4948 aswVmm - ok
17:15:36.0092 4948 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:15:36.0169 4948 AsyncMac - ok
17:15:36.0207 4948 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:15:36.0231 4948 atapi - ok
17:15:36.0258 4948 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:15:36.0355 4948 AudioEndpointBuilder - ok
17:15:36.0365 4948 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:15:36.0398 4948 AudioSrv - ok
17:15:36.0480 4948 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:15:36.0501 4948 avast! Antivirus - ok
17:15:36.0524 4948 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:15:36.0585 4948 AxInstSV - ok
17:15:36.0637 4948 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:15:36.0702 4948 b06bdrv - ok
17:15:36.0756 4948 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:15:36.0818 4948 b57nd60a - ok
17:15:36.0859 4948 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:15:36.0887 4948 BDESVC - ok
17:15:36.0907 4948 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:15:36.0994 4948 Beep - ok
17:15:37.0068 4948 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:15:37.0125 4948 BFE - ok
17:15:37.0143 4948 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:15:37.0215 4948 BITS - ok
17:15:37.0246 4948 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:15:37.0295 4948 blbdrive - ok
17:15:37.0353 4948 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:15:37.0383 4948 Bonjour Service - ok
17:15:37.0399 4948 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:15:37.0432 4948 bowser - ok
17:15:37.0448 4948 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:15:37.0477 4948 BrFiltLo - ok
17:15:37.0491 4948 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:15:37.0514 4948 BrFiltUp - ok
17:15:37.0535 4948 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:15:37.0560 4948 Browser - ok
17:15:37.0583 4948 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:15:37.0640 4948 Brserid - ok
17:15:37.0673 4948 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:15:37.0730 4948 BrSerWdm - ok
17:15:37.0762 4948 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:15:37.0830 4948 BrUsbMdm - ok
17:15:37.0863 4948 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:15:37.0878 4948 BrUsbSer - ok
17:15:37.0889 4948 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:15:37.0945 4948 BTHMODEM - ok
17:15:37.0979 4948 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:15:38.0061 4948 bthserv - ok
17:15:38.0092 4948 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:15:38.0148 4948 cdfs - ok
17:15:38.0174 4948 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:15:38.0222 4948 cdrom - ok
17:15:38.0265 4948 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:15:38.0332 4948 CertPropSvc - ok
17:15:38.0349 4948 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:15:38.0402 4948 circlass - ok
17:15:38.0436 4948 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:15:38.0463 4948 CLFS - ok
17:15:38.0508 4948 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:38.0523 4948 clr_optimization_v2.0.50727_32 - ok
17:15:38.0547 4948 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:15:38.0561 4948 clr_optimization_v2.0.50727_64 - ok
17:15:38.0606 4948 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:38.0622 4948 clr_optimization_v4.0.30319_32 - ok
17:15:38.0649 4948 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:15:38.0659 4948 clr_optimization_v4.0.30319_64 - ok
17:15:38.0673 4948 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:15:38.0724 4948 CmBatt - ok
17:15:38.0754 4948 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:15:38.0776 4948 cmdide - ok
17:15:38.0810 4948 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
17:15:38.0837 4948 CNG - ok
17:15:38.0845 4948 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:15:38.0857 4948 Compbatt - ok
17:15:38.0869 4948 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:15:38.0910 4948 CompositeBus - ok
17:15:38.0913 4948 COMSysApp - ok
17:15:38.0947 4948 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:15:38.0959 4948 crcdisk - ok
17:15:38.0983 4948 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:15:39.0030 4948 CryptSvc - ok
17:15:39.0082 4948 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:15:39.0175 4948 DcomLaunch - ok
17:15:39.0213 4948 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:15:39.0262 4948 defragsvc - ok
17:15:39.0295 4948 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:15:39.0369 4948 DfsC - ok
17:15:39.0411 4948 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:15:39.0462 4948 Dhcp - ok
17:15:39.0468 4948 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:15:39.0508 4948 discache - ok
17:15:39.0544 4948 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:15:39.0569 4948 Disk - ok
17:15:39.0591 4948 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:15:39.0646 4948 Dnscache - ok
17:15:39.0691 4948 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:15:39.0781 4948 dot3svc - ok
17:15:39.0836 4948 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:15:39.0895 4948 Dot4 - ok
17:15:39.0900 4948 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:15:39.0927 4948 Dot4Print - ok
17:15:39.0957 4948 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:15:40.0015 4948 dot4usb - ok
17:15:40.0046 4948 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:15:40.0122 4948 DPS - ok
17:15:40.0165 4948 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:15:40.0224 4948 drmkaud - ok
17:15:40.0279 4948 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:15:40.0321 4948 DXGKrnl - ok
17:15:40.0350 4948 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:15:40.0409 4948 EapHost - ok
17:15:40.0459 4948 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:15:40.0545 4948 ebdrv - ok
17:15:40.0567 4948 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:15:40.0581 4948 EFS - ok
17:15:40.0624 4948 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:15:40.0691 4948 ehRecvr - ok
17:15:40.0739 4948 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:15:40.0767 4948 ehSched - ok
17:15:40.0778 4948 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:15:40.0798 4948 elxstor - ok
17:15:40.0815 4948 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:15:40.0865 4948 ErrDev - ok
17:15:40.0904 4948 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:15:40.0956 4948 EventSystem - ok
17:15:40.0967 4948 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:15:41.0002 4948 exfat - ok
17:15:41.0076 4948 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:15:41.0172 4948 fastfat - ok
17:15:41.0302 4948 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:15:41.0349 4948 Fax - ok
17:15:41.0364 4948 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:15:41.0389 4948 fdc - ok
17:15:41.0405 4948 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:15:41.0467 4948 fdPHost - ok
17:15:41.0493 4948 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:15:41.0520 4948 FDResPub - ok
17:15:41.0525 4948 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:15:41.0536 4948 FileInfo - ok
17:15:41.0543 4948 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:15:41.0645 4948 Filetrace - ok
17:15:41.0659 4948 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:15:41.0671 4948 flpydisk - ok
17:15:41.0686 4948 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:15:41.0699 4948 FltMgr - ok
17:15:41.0738 4948 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
17:15:41.0790 4948 FontCache - ok
17:15:41.0827 4948 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:15:41.0847 4948 FontCache3.0.0.0 - ok
17:15:41.0858 4948 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:15:41.0871 4948 FsDepends - ok
17:15:41.0887 4948 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:15:41.0899 4948 Fs_Rec - ok
17:15:41.0927 4948 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:15:41.0946 4948 fvevol - ok
17:15:41.0949 4948 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:15:41.0964 4948 gagp30kx - ok
17:15:42.0005 4948 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:15:42.0023 4948 GEARAspiWDM - ok
17:15:42.0059 4948 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:15:42.0156 4948 gpsvc - ok
17:15:42.0197 4948 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:15:42.0206 4948 hamachi - ok
17:15:42.0262 4948 [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:15:42.0336 4948 Hamachi2Svc - ok
17:15:42.0351 4948 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:15:42.0396 4948 hcw85cir - ok
17:15:42.0451 4948 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:15:42.0508 4948 HdAudAddService - ok
17:15:42.0561 4948 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:15:42.0577 4948 HDAudBus - ok
17:15:42.0594 4948 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:15:42.0603 4948 HECIx64 - ok
17:15:42.0618 4948 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:15:42.0657 4948 HidBatt - ok
17:15:42.0689 4948 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:15:42.0708 4948 HidBth - ok
17:15:42.0746 4948 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:15:42.0803 4948 HidIr - ok
17:15:42.0850 4948 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:15:42.0933 4948 hidserv - ok
17:15:42.0968 4948 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:15:42.0981 4948 HidUsb - ok
17:15:42.0999 4948 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:15:43.0062 4948 hkmsvc - ok
17:15:43.0101 4948 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:15:43.0152 4948 HomeGroupListener - ok
17:15:43.0194 4948 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:15:43.0246 4948 HomeGroupProvider - ok
17:15:43.0346 4948 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:15:43.0356 4948 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0356 4948 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
17:15:43.0373 4948 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:15:43.0382 4948 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0382 4948 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
17:15:43.0396 4948 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:15:43.0415 4948 HpSAMD - ok
17:15:43.0451 4948 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:15:43.0470 4948 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
17:15:43.0470 4948 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
17:15:43.0504 4948 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:15:43.0596 4948 HTTP - ok
17:15:43.0634 4948 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:15:43.0645 4948 hwpolicy - ok
17:15:43.0671 4948 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:15:43.0685 4948 i8042prt - ok
17:15:43.0692 4948 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:15:43.0708 4948 iaStorV - ok
17:15:43.0736 4948 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:15:43.0771 4948 idsvc - ok
17:15:43.0785 4948 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:15:43.0797 4948 iirsp - ok
17:15:43.0813 4948 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:15:43.0897 4948 IKEEXT - ok
17:15:43.0975 4948 [ 13089F31AA37CDE1CE3784EE01A48484 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:15:44.0021 4948 IntcAzAudAddService - ok
17:15:44.0030 4948 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:15:44.0041 4948 intelide - ok
17:15:44.0056 4948 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:15:44.0069 4948 intelppm - ok
17:15:44.0085 4948 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:15:44.0112 4948 IPBusEnum - ok
17:15:44.0136 4948 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:15:44.0213 4948 IpFilterDriver - ok
17:15:44.0259 4948 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:15:44.0298 4948 iphlpsvc - ok
17:15:44.0309 4948 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:15:44.0325 4948 IPMIDRV - ok
17:15:44.0336 4948 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:15:44.0399 4948 IPNAT - ok
17:15:44.0461 4948 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:15:44.0481 4948 iPod Service - ok
17:15:44.0504 4948 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:15:44.0555 4948 IRENUM - ok
17:15:44.0585 4948 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:15:44.0601 4948 isapnp - ok
17:15:44.0618 4948 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:15:44.0632 4948 iScsiPrt - ok
17:15:44.0666 4948 [ B2B34FD7372E6E01A26E9AE22CC8F1EC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:15:44.0682 4948 k57nd60a - ok
17:15:44.0692 4948 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:15:44.0704 4948 kbdclass - ok
17:15:44.0729 4948 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:15:44.0769 4948 kbdhid - ok
17:15:44.0772 4948 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:15:44.0786 4948 KeyIso - ok
17:15:44.0829 4948 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:15:44.0854 4948 KSecDD - ok
17:15:44.0881 4948 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:15:44.0903 4948 KSecPkg - ok
17:15:44.0917 4948 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:15:44.0947 4948 ksthunk - ok
17:15:44.0966 4948 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:15:45.0037 4948 KtmRm - ok
17:15:45.0068 4948 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:15:45.0100 4948 LanmanServer - ok
17:15:45.0123 4948 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:15:45.0214 4948 LanmanWorkstation - ok
17:15:45.0250 4948 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:15:45.0260 4948 LGBusEnum - ok
17:15:45.0279 4948 [ F705A641C18DF31B48B5DBDA94B425E4 ] LGPBTDD C:\Windows\system32\Drivers\LGPBTDD.sys
17:15:45.0288 4948 LGPBTDD - ok
17:15:45.0308 4948 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:15:45.0318 4948 LGVirHid - ok
17:15:45.0338 4948 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:15:45.0372 4948 lltdio - ok
17:15:45.0388 4948 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:15:45.0427 4948 lltdsvc - ok
17:15:45.0436 4948 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:15:45.0462 4948 lmhosts - ok
17:15:45.0482 4948 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:15:45.0493 4948 LSI_FC - ok
17:15:45.0499 4948 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:15:45.0511 4948 LSI_SAS - ok
17:15:45.0523 4948 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:15:45.0534 4948 LSI_SAS2 - ok
17:15:45.0547 4948 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:15:45.0560 4948 LSI_SCSI - ok
17:15:45.0573 4948 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:15:45.0601 4948 luafv - ok
17:15:45.0650 4948 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:15:45.0662 4948 MBAMProtector - ok
17:15:45.0701 4948 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:15:45.0715 4948 MBAMScheduler - ok
17:15:45.0731 4948 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:15:45.0748 4948 MBAMService - ok
17:15:45.0777 4948 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:15:45.0816 4948 Mcx2Svc - ok
17:15:45.0850 4948 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:15:45.0862 4948 megasas - ok
17:15:45.0874 4948 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:15:45.0890 4948 MegaSR - ok
17:15:45.0898 4948 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:15:45.0958 4948 MMCSS - ok
17:15:45.0991 4948 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:15:46.0050 4948 Modem - ok
17:15:46.0078 4948 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:15:46.0148 4948 monitor - ok
17:15:46.0207 4948 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:15:46.0219 4948 mouclass - ok
17:15:46.0234 4948 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:15:46.0275 4948 mouhid - ok
17:15:46.0311 4948 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:15:46.0326 4948 mountmgr - ok
17:15:46.0359 4948 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:15:46.0374 4948 MozillaMaintenance - ok
17:15:46.0397 4948 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:15:46.0410 4948 mpio - ok
17:15:46.0422 4948 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:15:46.0448 4948 mpsdrv - ok
17:15:46.0466 4948 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:15:46.0535 4948 MpsSvc - ok
17:15:46.0570 4948 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:15:46.0587 4948 MRxDAV - ok
17:15:46.0603 4948 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:15:46.0617 4948 mrxsmb - ok
17:15:46.0630 4948 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:15:46.0668 4948 mrxsmb10 - ok
17:15:46.0703 4948 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:15:46.0715 4948 mrxsmb20 - ok
17:15:46.0725 4948 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:15:46.0736 4948 msahci - ok
17:15:46.0746 4948 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:15:46.0757 4948 msdsm - ok
17:15:46.0771 4948 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:15:46.0819 4948 MSDTC - ok
17:15:46.0824 4948 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:15:46.0851 4948 Msfs - ok
17:15:46.0890 4948 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:15:46.0942 4948 mshidkmdf - ok
17:15:46.0945 4948 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:15:46.0956 4948 msisadrv - ok
17:15:46.0996 4948 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:15:47.0056 4948 MSiSCSI - ok
17:15:47.0058 4948 msiserver - ok
17:15:47.0103 4948 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:15:47.0132 4948 MSKSSRV - ok
17:15:47.0135 4948 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:15:47.0190 4948 MSPCLOCK - ok
17:15:47.0196 4948 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:15:47.0228 4948 MSPQM - ok
17:15:47.0257 4948 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:15:47.0271 4948 MsRPC - ok
17:15:47.0279 4948 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:15:47.0290 4948 mssmbios - ok
17:15:47.0307 4948 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:15:47.0364 4948 MSTEE - ok
17:15:47.0398 4948 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:15:47.0410 4948 MTConfig - ok
17:15:47.0420 4948 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:15:47.0431 4948 Mup - ok
17:15:47.0446 4948 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:15:47.0479 4948 napagent - ok
17:15:47.0495 4948 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:15:47.0541 4948 NativeWifiP - ok
17:15:47.0595 4948 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:15:47.0618 4948 NDIS - ok
17:15:47.0632 4948 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:15:47.0661 4948 NdisCap - ok
17:15:47.0675 4948 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:15:47.0702 4948 NdisTapi - ok
17:15:47.0727 4948 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:15:47.0754 4948 Ndisuio - ok
17:15:47.0766 4948 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:15:47.0794 4948 NdisWan - ok
17:15:47.0840 4948 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:15:47.0936 4948 NDProxy - ok
17:15:48.0013 4948 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:15:48.0018 4948 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:15:48.0018 4948 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:15:48.0021 4948 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:15:48.0049 4948 NetBIOS - ok
17:15:48.0059 4948 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:15:48.0114 4948 NetBT - ok
17:15:48.0141 4948 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:15:48.0154 4948 Netlogon - ok
17:15:48.0182 4948 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:15:48.0239 4948 Netman - ok
17:15:48.0273 4948 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:15:48.0307 4948 netprofm - ok
17:15:48.0338 4948 [ C9E9017AC2291E96ED3376B72BC7CF8D ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
17:15:48.0357 4948 netr28ux - ok
17:15:48.0376 4948 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:15:48.0386 4948 NetTcpPortSharing - ok
17:15:48.0403 4948 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:15:48.0414 4948 nfrd960 - ok
17:15:48.0440 4948 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:15:48.0480 4948 NlaSvc - ok
17:15:48.0483 4948 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:15:48.0516 4948 Npfs - ok
17:15:48.0546 4948 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:15:48.0579 4948 nsi - ok
17:15:48.0591 4948 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:15:48.0648 4948 nsiproxy - ok
17:15:48.0709 4948 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:15:48.0744 4948 Ntfs - ok
17:15:48.0747 4948 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:15:48.0822 4948 Null - ok
17:15:49.0008 4948 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:15:49.0120 4948 nvlddmkm - ok
17:15:49.0137 4948 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:15:49.0148 4948 nvraid - ok
17:15:49.0170 4948 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:15:49.0182 4948 nvstor - ok
17:15:49.0219 4948 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:15:49.0237 4948 nvsvc - ok
17:15:49.0301 4948 [ 4789E020D2617046862D1790FC235FF6 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:15:49.0324 4948 nvUpdatusService - ok
17:15:49.0345 4948 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:15:49.0358 4948 nv_agp - ok
17:15:49.0365 4948 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:15:49.0378 4948 ohci1394 - ok
17:15:49.0398 4948 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:15:49.0415 4948 p2pimsvc - ok
17:15:49.0422 4948 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:15:49.0440 4948 p2psvc - ok
17:15:49.0452 4948 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:15:49.0468 4948 Parport - ok
17:15:49.0486 4948 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:15:49.0499 4948 partmgr - ok
17:15:49.0507 4948 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:15:49.0529 4948 PcaSvc - ok
17:15:49.0534 4948 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:15:49.0549 4948 pci - ok
17:15:49.0556 4948 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:15:49.0569 4948 pciide - ok
17:15:49.0584 4948 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:15:49.0599 4948 pcmcia - ok
17:15:49.0602 4948 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:15:49.0615 4948 pcw - ok
17:15:49.0631 4948 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:15:49.0663 4948 PEAUTH - ok
17:15:49.0729 4948 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:15:49.0790 4948 PerfHost - ok
17:15:49.0855 4948 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:15:49.0936 4948 pla - ok
17:15:49.0967 4948 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:15:49.0984 4948 PlugPlay - ok
17:15:50.0033 4948 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:15:50.0039 4948 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:15:50.0039 4948 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:15:50.0051 4948 PnkBstrA - ok
17:15:50.0059 4948 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:15:50.0100 4948 PNRPAutoReg - ok
17:15:50.0133 4948 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:15:50.0162 4948 PNRPsvc - ok
17:15:50.0179 4948 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:15:50.0219 4948 PolicyAgent - ok
17:15:50.0239 4948 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:15:50.0319 4948 Power - ok
17:15:50.0355 4948 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:15:50.0381 4948 PptpMiniport - ok
17:15:50.0393 4948 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:15:50.0446 4948 Processor - ok
17:15:50.0494 4948 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:15:50.0523 4948 ProfSvc - ok
17:15:50.0534 4948 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:15:50.0549 4948 ProtectedStorage - ok
17:15:50.0577 4948 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:15:50.0653 4948 Psched - ok
17:15:50.0702 4948 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
17:15:50.0721 4948 PSI - ok
17:15:50.0744 4948 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:15:50.0777 4948 ql2300 - ok
17:15:50.0784 4948 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:15:50.0796 4948 ql40xx - ok
17:15:50.0805 4948 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:15:50.0824 4948 QWAVE - ok
17:15:50.0837 4948 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:15:50.0888 4948 QWAVEdrv - ok
17:15:50.0955 4948 [ D319343661F7FEBFB6F43C453C26E779 ] RalinkRegistryWriter C:\Program Files (x86)\Hama\Common\RaRegistry.exe
17:15:50.0975 4948 RalinkRegistryWriter - ok
17:15:50.0988 4948 [ C0E618F5A0D643F71FDD96CDC0C561C3 ] RalinkRegistryWriter64 C:\Program Files (x86)\Hama\Common\RaRegistry64.exe
17:15:51.0004 4948 RalinkRegistryWriter64 - ok
17:15:51.0017 4948 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:15:51.0055 4948 RasAcd - ok
17:15:51.0079 4948 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:15:51.0104 4948 RasAgileVpn - ok
17:15:51.0116 4948 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:15:51.0196 4948 RasAuto - ok
17:15:51.0225 4948 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:15:51.0270 4948 Rasl2tp - ok
17:15:51.0283 4948 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:15:51.0316 4948 RasMan - ok
17:15:51.0319 4948 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:15:51.0346 4948 RasPppoe - ok
17:15:51.0349 4948 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:15:51.0377 4948 RasSstp - ok
17:15:51.0386 4948 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:15:51.0413 4948 rdbss - ok
17:15:51.0426 4948 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:15:51.0483 4948 rdpbus - ok
17:15:51.0523 4948 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:15:51.0569 4948 RDPCDD - ok
17:15:51.0573 4948 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:15:51.0632 4948 RDPENCDD - ok
17:15:51.0672 4948 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:15:51.0727 4948 RDPREFMP - ok
17:15:51.0777 4948 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:15:51.0789 4948 RdpVideoMiniport - ok
17:15:51.0822 4948 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:15:51.0838 4948 RDPWD - ok
17:15:51.0864 4948 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:15:51.0880 4948 rdyboost - ok
17:15:51.0899 4948 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:15:51.0963 4948 RemoteAccess - ok
17:15:51.0993 4948 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:15:52.0022 4948 RemoteRegistry - ok
17:15:52.0033 4948 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:15:52.0087 4948 RpcEptMapper - ok
17:15:52.0123 4948 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:15:52.0164 4948 RpcLocator - ok
17:15:52.0196 4948 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:15:52.0227 4948 RpcSs - ok
17:15:52.0235 4948 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:15:52.0276 4948 rspndr - ok
17:15:52.0284 4948 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:15:52.0296 4948 SamSs - ok
17:15:52.0318 4948 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:15:52.0330 4948 sbp2port - ok
17:15:52.0341 4948 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:15:52.0398 4948 SCardSvr - ok
17:15:52.0435 4948 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:15:52.0480 4948 scfilter - ok
17:15:52.0505 4948 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:15:52.0624 4948 Schedule - ok
17:15:52.0639 4948 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:15:52.0665 4948 SCPolicySvc - ok
17:15:52.0674 4948 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:15:52.0717 4948 SDRSVC - ok
17:15:52.0756 4948 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:15:52.0812 4948 secdrv - ok
17:15:52.0846 4948 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:15:52.0878 4948 seclogon - ok
17:15:52.0924 4948 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:15:52.0944 4948 Secunia PSI Agent - ok
17:15:52.0966 4948 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:15:52.0979 4948 Secunia Update Agent - ok
17:15:52.0990 4948 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:15:53.0055 4948 SENS - ok
17:15:53.0070 4948 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:15:53.0084 4948 SensrSvc - ok
17:15:53.0096 4948 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:15:53.0134 4948 Serenum - ok
17:15:53.0177 4948 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:15:53.0190 4948 Serial - ok
17:15:53.0211 4948 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:15:53.0257 4948 sermouse - ok
17:15:53.0293 4948 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:15:53.0323 4948 SessionEnv - ok
17:15:53.0331 4948 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:15:53.0375 4948 sffdisk - ok
17:15:53.0404 4948 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:15:53.0419 4948 sffp_mmc - ok
17:15:53.0434 4948 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:15:53.0473 4948 sffp_sd - ok
17:15:53.0505 4948 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:15:53.0519 4948 sfloppy - ok
17:15:53.0546 4948 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:15:53.0640 4948 SharedAccess - ok
17:15:53.0679 4948 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:15:53.0755 4948 ShellHWDetection - ok
17:15:53.0804 4948 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:15:53.0817 4948 SiSRaid2 - ok
17:15:53.0825 4948 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:15:53.0839 4948 SiSRaid4 - ok
17:15:53.0949 4948 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:15:53.0998 4948 Skype C2C Service - ok
17:15:54.0032 4948 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:15:54.0043 4948 SkypeUpdate - ok
17:15:54.0060 4948 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:15:54.0091 4948 Smb - ok
17:15:54.0130 4948 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:15:54.0146 4948 SNMPTRAP - ok
17:15:54.0155 4948 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:15:54.0166 4948 spldr - ok
17:15:54.0195 4948 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:15:54.0245 4948 Spooler - ok
17:15:54.0325 4948 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:15:54.0465 4948 sppsvc - ok
17:15:54.0494 4948 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:15:54.0575 4948 sppuinotify - ok
17:15:54.0612 4948 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:15:54.0631 4948 srv - ok
17:15:54.0639 4948 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:15:54.0674 4948 srv2 - ok
17:15:54.0684 4948 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:15:54.0740 4948 srvnet - ok
17:15:54.0779 4948 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:15:54.0873 4948 SSDPSRV - ok
17:15:54.0876 4948 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:15:54.0904 4948 SstpSvc - ok
17:15:54.0942 4948 Steam Client Service - ok
17:15:54.0983 4948 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:15:55.0012 4948 Stereo Service - ok
17:15:55.0028 4948 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:15:55.0040 4948 stexstor - ok
17:15:55.0071 4948 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:15:55.0123 4948 stisvc - ok
17:15:55.0166 4948 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:15:55.0187 4948 swenum - ok
17:15:55.0208 4948 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:15:55.0284 4948 swprv - ok
17:15:55.0341 4948 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:15:55.0415 4948 SysMain - ok
17:15:55.0450 4948 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:15:55.0474 4948 TabletInputService - ok
17:15:55.0488 4948 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:15:55.0567 4948 TapiSrv - ok
17:15:55.0598 4948 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:15:55.0627 4948 TBS - ok
17:15:55.0688 4948 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:15:55.0752 4948 Tcpip - ok
17:15:55.0775 4948 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:15:55.0800 4948 TCPIP6 - ok
17:15:55.0826 4948 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:15:55.0838 4948 tcpipreg - ok
17:15:55.0848 4948 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:15:55.0889 4948 TDPIPE - ok
17:15:55.0930 4948 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:15:55.0977 4948 TDTCP - ok
17:15:56.0021 4948 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:15:56.0048 4948 tdx - ok
17:15:56.0051 4948 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:15:56.0060 4948 TermDD - ok
17:15:56.0084 4948 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:15:56.0125 4948 TermService - ok
17:15:56.0139 4948 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:15:56.0183 4948 Themes - ok
17:15:56.0223 4948 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:15:56.0269 4948 THREADORDER - ok
17:15:56.0281 4948 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:15:56.0310 4948 TrkWks - ok
17:15:56.0338 4948 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:15:56.0397 4948 TrustedInstaller - ok
17:15:56.0436 4948 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:15:56.0462 4948 tssecsrv - ok
17:15:56.0503 4948 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:15:56.0516 4948 TsUsbFlt - ok
17:15:56.0583 4948 [ D27430FD0EFD8CE745CCF6F179A5C4F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
17:15:56.0613 4948 TuneUp.UtilitiesSvc - ok
17:15:56.0638 4948 [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
17:15:56.0647 4948 TuneUpUtilitiesDrv - ok
17:15:56.0682 4948 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:15:56.0724 4948 tunnel - ok
17:15:56.0732 4948 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:15:56.0754 4948 uagp35 - ok
17:15:56.0779 4948 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:15:56.0845 4948 udfs - ok
17:15:56.0876 4948 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:15:56.0891 4948 UI0Detect - ok
17:15:56.0911 4948 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:15:56.0923 4948 uliagpkx - ok
17:15:56.0945 4948 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:15:56.0982 4948 umbus - ok
17:15:57.0012 4948 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:15:57.0023 4948 UmPass - ok
17:15:57.0034 4948 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:15:57.0066 4948 upnphost - ok
17:15:57.0100 4948 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:15:57.0112 4948 USBAAPL64 - ok
17:15:57.0166 4948 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:15:57.0208 4948 usbaudio - ok
17:15:57.0242 4948 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:15:57.0260 4948 usbccgp - ok
17:15:57.0279 4948 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:15:57.0328 4948 usbcir - ok
17:15:57.0359 4948 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:15:57.0375 4948 usbehci - ok
17:15:57.0384 4948 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:15:57.0428 4948 usbhub - ok
17:15:57.0431 4948 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:15:57.0447 4948 usbohci - ok
17:15:57.0488 4948 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:15:57.0514 4948 usbprint - ok
17:15:57.0533 4948 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:15:57.0576 4948 usbscan - ok
17:15:57.0620 4948 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:15:57.0668 4948 USBSTOR - ok
17:15:57.0671 4948 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:15:57.0693 4948 usbuhci - ok
17:15:57.0722 4948 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:15:57.0764 4948 UxSms - ok
17:15:57.0806 4948 [ 9366DA7E69065E314E3FBB1DE4C84CEC ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:15:57.0818 4948 UxTuneUp - ok
17:15:57.0825 4948 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:15:57.0840 4948 VaultSvc - ok
17:15:57.0853 4948 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:15:57.0864 4948 vdrvroot - ok
17:15:57.0890 4948 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:15:57.0921 4948 vds - ok
17:15:57.0929 4948 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:15:57.0943 4948 vga - ok
17:15:57.0953 4948 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:15:57.0979 4948 VgaSave - ok
17:15:57.0983 4948 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:15:57.0995 4948 vhdmp - ok
17:15:58.0015 4948 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:15:58.0027 4948 viaide - ok
17:15:58.0029 4948 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:15:58.0039 4948 volmgr - ok
17:15:58.0056 4948 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:15:58.0069 4948 volmgrx - ok
17:15:58.0085 4948 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:15:58.0098 4948 volsnap - ok
17:15:58.0127 4948 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:15:58.0139 4948 vsmraid - ok
17:15:58.0175 4948 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:15:58.0236 4948 VSS - ok
17:15:58.0250 4948 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:15:58.0294 4948 vwifibus - ok
17:15:58.0327 4948 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:15:58.0373 4948 vwififlt - ok
17:15:58.0417 4948 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:15:58.0453 4948 W32Time - ok
17:15:58.0465 4948 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:15:58.0521 4948 WacomPen - ok
17:15:58.0569 4948 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:15:58.0654 4948 WANARP - ok
17:15:58.0688 4948 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:15:58.0713 4948 Wanarpv6 - ok
17:15:58.0747 4948 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:15:58.0777 4948 wbengine - ok
17:15:58.0793 4948 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:15:58.0811 4948 WbioSrvc - ok
17:15:58.0821 4948 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:15:58.0867 4948 wcncsvc - ok
17:15:58.0898 4948 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:15:58.0913 4948 WcsPlugInService - ok
17:15:58.0922 4948 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:15:58.0933 4948 Wd - ok
17:15:59.0000 4948 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:15:59.0042 4948 Wdf01000 - ok
17:15:59.0050 4948 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:15:59.0101 4948 WdiServiceHost - ok
17:15:59.0104 4948 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:15:59.0127 4948 WdiSystemHost - ok
17:15:59.0223 4948 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:15:59.0339 4948 WebClient - ok
17:15:59.0403 4948 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:15:59.0517 4948 Wecsvc - ok
17:15:59.0552 4948 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:15:59.0599 4948 wercplsupport - ok
17:15:59.0609 4948 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:15:59.0636 4948 WerSvc - ok
17:15:59.0649 4948 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:15:59.0675 4948 WfpLwf - ok
17:15:59.0685 4948 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:15:59.0695 4948 WIMMount - ok
17:15:59.0702 4948 WinDefend - ok
17:15:59.0712 4948 WinHttpAutoProxySvc - ok
17:15:59.0750 4948 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:15:59.0778 4948 Winmgmt - ok
17:15:59.0816 4948 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:15:59.0874 4948 WinRM - ok
17:15:59.0913 4948 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:15:59.0928 4948 WinUsb - ok
17:15:59.0955 4948 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:15:59.0981 4948 Wlansvc - ok
17:16:00.0084 4948 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:00.0183 4948 wlidsvc - ok
17:16:00.0195 4948 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:16:00.0235 4948 WmiAcpi - ok
17:16:00.0267 4948 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:16:00.0324 4948 wmiApSrv - ok
17:16:00.0364 4948 WMPNetworkSvc - ok
17:16:00.0385 4948 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:16:00.0412 4948 WPCSvc - ok
17:16:00.0433 4948 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:16:00.0450 4948 WPDBusEnum - ok
17:16:00.0455 4948 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:16:00.0517 4948 ws2ifsl - ok
17:16:00.0551 4948 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:16:00.0602 4948 wscsvc - ok
17:16:00.0604 4948 WSearch - ok
17:16:00.0686 4948 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:16:00.0764 4948 wuauserv - ok
17:16:00.0792 4948 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:16:00.0805 4948 WudfPf - ok
17:16:00.0825 4948 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:16:00.0840 4948 WUDFRd - ok
17:16:00.0862 4948 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:16:00.0904 4948 wudfsvc - ok
17:16:00.0945 4948 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
17:16:00.0991 4948 WwanSvc - ok
17:16:01.0032 4948 ================ Scan global ===============================
17:16:01.0041 4948 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:16:01.0065 4948 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:01.0073 4948 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:16:01.0093 4948 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:16:01.0113 4948 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:16:01.0123 4948 [Global] - ok
17:16:01.0124 4948 ================ Scan MBR ==================================
17:16:01.0138 4948 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:16:01.0444 4948 \Device\Harddisk0\DR0 - ok
17:16:01.0449 4948 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk5\DR5
17:16:01.0602 4948 \Device\Harddisk5\DR5 - ok
17:16:01.0603 4948 ================ Scan VBR ==================================
17:16:01.0606 4948 [ 8FC7486FF94FD6FBE84BB89702437BD7 ] \Device\Harddisk0\DR0\Partition1
17:16:01.0608 4948 \Device\Harddisk0\DR0\Partition1 - ok
17:16:01.0623 4948 [ 61DFB193D6FD34A493390610355B70BF ] \Device\Harddisk0\DR0\Partition2
17:16:01.0625 4948 \Device\Harddisk0\DR0\Partition2 - ok
17:16:01.0629 4948 [ CA17BB78C4E0E30855A9148E82962D80 ] \Device\Harddisk5\DR5\Partition1
17:16:01.0633 4948 \Device\Harddisk5\DR5\Partition1 - ok
17:16:01.0633 4948 ============================================================
17:16:01.0633 4948 Scan finished
17:16:01.0633 4948 ============================================================
17:16:01.0644 4976 Detected object count: 5
17:16:01.0644 4976 Actual detected object count: 5
17:16:18.0874 4976 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0874 4976 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:18.0876 4976 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0876 4976 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:18.0878 4976 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0878 4976 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:18.0879 4976 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0879 4976 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:18.0881 4976 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:18.0881 4976 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.05.2013, 16:22
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | LAP06-2.vbs auf USB-Stick JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.05.2013, 16:31
| #15 |
| | LAP06-2.vbs auf USB-Stick Beim Junkware Removal Tool bekomme ich folgenden Fehler: "7-Zip: Internal Error, code 105." Schutzsoftware war aus, gestartet wurde mit Administrator. Den Schritt überspringen? |
|
| Themen zu LAP06-2.vbs auf USB-Stick |
| adobe reader xi, antivirus, aswrvrt.sys, bho, bonjour, converter, firefox, flash player, format, helper, home, homepage, iexplore.exe, install.exe, lap06-2.vbs, launch, logfile, mozilla, mp3, msvcrt, officejet, problem, realtek, registry, rundll, secunia psi, security, software, stick, svchost.exe, system, udp, usb, usb-stick |
Linear-Darstellung
