| |
| |||||||
Log-Analyse und Auswertung: Trojaner MitB PC3Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.05.2013, 19:34
| #1 |
 |  Trojaner MitB PC3 Und hier noch die Logfiles des dritten Pcs: OTL logfile created on: 02.05.2013 19:25:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,48% Memory free 7,86 Gb Paging File | 6,59 Gb Available in Paging File | 83,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,87 Gb Total Space | 397,96 Gb Free Space | 86,73% Space Free | Partition Type: NTFS Drive D: | 458,87 Gb Total Space | 458,73 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Drive E: | 1,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe PRC - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe PRC - [2010.02.05 12:33:46 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010.02.01 20:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.12.25 03:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2009.12.25 03:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe ========== Modules (No Company Name) ========== MOD - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe MOD - [2010.05.18 18:01:28 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll MOD - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe MOD - [2010.03.26 04:29:36 | 000,154,144 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll MOD - [2010.02.18 12:03:36 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll MOD - [2010.02.18 11:25:22 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll MOD - [2010.02.18 11:21:10 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll MOD - [2009.06.22 20:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll MOD - [2009.01.10 20:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.02.25 12:07:54 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.24 20:44:47 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.01 20:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection) SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.02 16:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.06.19 18:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.02.25 12:22:38 | 006,369,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.02.25 11:12:10 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.12.09 11:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.10.22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\67900842.sys -- (67900842) DRV:64bit: - [2009.09.25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\67900841.sys -- (67900841) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\*****\Desktop IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_de IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{A1842A62-B6B6-40DE-BA4E-F5E75A3CB3D2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] [2010.11.20 11:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2010.11.20 11:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2011.06.03 11:11:10 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google  riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\plugin/npUrlAdvisor.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Modul zur Link-Untersuchung = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\ CHR - Extension: Anti-Banner = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04C1A2C1-E6AD-4F78-BD26-40662216F83A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77E05783-9DA1-425A-BBC3-9A5C89C94808}: DhcpNameServer = 10.57.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.02 19:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.04.13 10:43:30 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Sonstiges Desktop 13.04.2013 [2013.04.05 19:56:49 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\130405_Streifentorte --Dateien [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | M] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:49 | 000,050,477 | ---- | M] () -- C:\Users\*****\Desktop\Defogger.exe [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:03:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.02 18:03:36 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys [2013.05.02 08:05:50 | 000,000,473 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.05.02 07:56:29 | 001,642,148 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.02 07:56:29 | 000,707,300 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.02 07:56:29 | 000,660,918 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.02 07:56:29 | 000,152,892 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.02 07:56:29 | 000,125,108 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.04.25 05:05:35 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013.04.15 21:16:19 | 000,001,619 | ---- | M] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.11 19:49:20 | 000,425,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.05 19:56:49 | 000,025,614 | ---- | M] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | C] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:48 | 000,050,477 | ---- | C] () -- C:\Users\*****\Desktop\Defogger.exe [2013.04.15 21:16:19 | 000,001,619 | ---- | C] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.05 19:56:49 | 000,025,614 | ---- | C] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [2013.04.04 19:42:18 | 000,002,348 | ---- | C] () -- C:\Users\*****\Desktop\Sicherer Zahlungsverkehr - Kopie.lnk [2011.10.28 15:32:22 | 000,017,408 | ---- | C] () -- C:\Users\*****\AppData\Local\WebpageIcons.db [2011.09.24 14:43:40 | 000,000,701 | ---- | C] () -- C:\Users\*****\***** - Verknüpfung.lnk [2011.06.26 13:20:36 | 001,619,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.26 13:20:33 | 000,000,096 | ---- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2011.06.03 11:11:14 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2010.11.20 12:47:07 | 000,007,599 | ---- | C] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg [2010.03.20 01:05:19 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.10.01 19:57:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\elsterformular [2011.08.13 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Lexware [2010.11.20 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OEM [2012.01.18 10:02:52 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PC-FAX TX ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:93DE1838 < End of report > OTL logfile created on: 02.05.2013 19:25:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,48% Memory free 7,86 Gb Paging File | 6,59 Gb Available in Paging File | 83,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,87 Gb Total Space | 397,96 Gb Free Space | 86,73% Space Free | Partition Type: NTFS Drive D: | 458,87 Gb Total Space | 458,73 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Drive E: | 1,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe PRC - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe PRC - [2010.02.05 12:33:46 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010.02.01 20:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.12.25 03:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2009.12.25 03:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe ========== Modules (No Company Name) ========== MOD - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe MOD - [2010.05.18 18:01:28 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll MOD - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe MOD - [2010.03.26 04:29:36 | 000,154,144 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll MOD - [2010.02.18 12:03:36 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll MOD - [2010.02.18 11:25:22 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll MOD - [2010.02.18 11:21:10 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll MOD - [2009.06.22 20:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll MOD - [2009.01.10 20:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.02.25 12:07:54 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.24 20:44:47 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.01 20:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection) SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.02 16:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.06.19 18:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.02.25 12:22:38 | 006,369,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.02.25 11:12:10 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.12.09 11:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.10.22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\67900842.sys -- (67900842) DRV:64bit: - [2009.09.25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\67900841.sys -- (67900841) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\*****\Desktop IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3950&r=173611102207pe448v1l5w46l1v85n IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_de IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{A1842A62-B6B6-40DE-BA4E-F5E75A3CB3D2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] [2010.11.20 11:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2010.11.20 11:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2011.06.03 11:11:10 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\plugin/npUrlAdvisor.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Modul zur Link-Untersuchung = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\ CHR - Extension: Anti-Banner = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04C1A2C1-E6AD-4F78-BD26-40662216F83A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77E05783-9DA1-425A-BBC3-9A5C89C94808}: DhcpNameServer = 10.57.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.02 19:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.04.13 10:43:30 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Sonstiges Desktop 13.04.2013 [2013.04.05 19:56:49 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\130405_Streifentorte --Dateien [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | M] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:49 | 000,050,477 | ---- | M] () -- C:\Users\*****\Desktop\Defogger.exe [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:03:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.02 18:03:36 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys [2013.05.02 08:05:50 | 000,000,473 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.05.02 07:56:29 | 001,642,148 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.02 07:56:29 | 000,707,300 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.02 07:56:29 | 000,660,918 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.02 07:56:29 | 000,152,892 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.02 07:56:29 | 000,125,108 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.04.25 05:05:35 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013.04.15 21:16:19 | 000,001,619 | ---- | M] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.11 19:49:20 | 000,425,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.05 19:56:49 | 000,025,614 | ---- | M] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | C] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:48 | 000,050,477 | ---- | C] () -- C:\Users\*****\Desktop\Defogger.exe [2013.04.15 21:16:19 | 000,001,619 | ---- | C] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.05 19:56:49 | 000,025,614 | ---- | C] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [2013.04.04 19:42:18 | 000,002,348 | ---- | C] () -- C:\Users\*****\Desktop\Sicherer Zahlungsverkehr - Kopie.lnk [2011.10.28 15:32:22 | 000,017,408 | ---- | C] () -- C:\Users\*****\AppData\Local\WebpageIcons.db [2011.09.24 14:43:40 | 000,000,701 | ---- | C] () -- C:\Users\*****\***** - Verknüpfung.lnk [2011.06.26 13:20:36 | 001,619,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.26 13:20:33 | 000,000,096 | ---- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2011.06.03 11:11:14 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2010.11.20 12:47:07 | 000,007,599 | ---- | C] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg [2010.03.20 01:05:19 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.10.01 19:57:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\elsterformular [2011.08.13 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Lexware [2010.11.20 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OEM [2012.01.18 10:02:52 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PC-FAX TX ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:93DE1838 < End of report > GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-05-02 20:30:49 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.80.0 931,51GB Running: gmer_2.1.19163.exe; Driver: C:\Users\*****\AppData\Local\Temp\fwdirkod.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75] .text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75] .text ... * 2 .text C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe[3408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75] .text C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe[3408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75] .text ... * 2 ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [4060:4232] 000007fef58b9688 ---- EOF - GMER 2.1 ---- |
|
03.05.2013, 05:43
| #2 |
| /// Malwareteam    | Trojaner MitB PC3 Mein Name ist Marius und ich werde dir bei deinem Problem helfen. Eines vorneweg: Hinweis: Wir können hier nie dafür garantieren, dass wir sämtliche Reste von Schadsoftware gefunden haben. Eine Formatierung ist meist der schnellste und immer der sicherste Weg. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass dein Rechner clean ist. Eine Bereinigung ist mitunter mit viel Arbeit für dich verbunden.
Vista und Win7 User Alle Tools mit Rechtsklick --> "als Administrator ausführen" starten. Schritt 1: Scan mit TDSS-Killer Lese bitte folgende Anweisungen genau. Wir wollen hier noch nichts "fixen" sondern nur einen Scan Report sehen. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
03.05.2013, 05:58
| #3 |
| | Trojaner MitB PC3 Guten Morgen, danke erst mal für die Hilfe. Anbei das Logfile des dritten (aber wichtigsten) Pcs.
__________________06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 06:53:19.0820 3888 ============================================================ 06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820 06:53:19.0820 3888 SystemInfo: 06:53:19.0820 3888 06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0 06:53:19.0820 3888 Product type: Workstation 06:53:19.0820 3888 ComputerName: *****-PC 06:53:19.0820 3888 UserName: ***** 06:53:19.0820 3888 Windows directory: C:\Windows 06:53:19.0820 3888 System windows directory: C:\Windows 06:53:19.0820 3888 Running under WOW64 06:53:19.0820 3888 Processor architecture: Intel x64 06:53:19.0820 3888 Number of processors: 4 06:53:19.0820 3888 Page size: 0x1000 06:53:19.0820 3888 Boot type: Normal boot 06:53:19.0820 3888 ============================================================ 06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:53:20.0194 3888 ============================================================ 06:53:20.0194 3888 \Device\Harddisk0\DR0: 06:53:20.0194 3888 MBR partitions: 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0 06:53:20.0194 3888 ============================================================ 06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2 06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3 06:53:20.0256 3888 ============================================================ 06:53:20.0256 3888 Initialize success 06:53:20.0256 3888 ============================================================ 06:53:29.0523 4892 ============================================================ 06:53:29.0523 4892 Scan started 06:53:29.0523 4892 Mode: Manual; 06:53:29.0523 4892 ============================================================ 06:53:30.0069 4892 ================ Scan system memory ======================== 06:53:30.0069 4892 System memory - ok 06:53:30.0069 4892 ================ Scan services ============================= 06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:53:30.0209 4892 1394ohci - ok 06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys 06:53:30.0240 4892 67900841 - ok 06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys 06:53:30.0256 4892 67900842 - ok 06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:53:30.0287 4892 ACPI - ok 06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:53:30.0318 4892 AcpiPmi - ok 06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 06:53:30.0412 4892 AdobeARMservice - ok 06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:53:30.0459 4892 adp94xx - ok 06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:53:30.0474 4892 adpahci - ok 06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:53:30.0521 4892 adpu320 - ok 06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:53:30.0537 4892 AeLookupSvc - ok 06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 06:53:30.0599 4892 AFD - ok 06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 06:53:30.0646 4892 agp440 - ok 06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 06:53:30.0677 4892 ALG - ok 06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 06:53:30.0708 4892 aliide - ok 06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 06:53:30.0755 4892 AMD External Events Utility - ok 06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 06:53:30.0786 4892 amdide - ok 06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:53:30.0818 4892 AmdK8 - ok 06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys 06:53:31.0020 4892 amdkmdag - ok 06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 06:53:31.0052 4892 amdkmdap - ok 06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:53:31.0083 4892 AmdPPM - ok 06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:53:31.0130 4892 amdsata - ok 06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:53:31.0177 4892 amdsbs - ok 06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:53:31.0208 4892 amdxata - ok 06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 06:53:31.0239 4892 AppID - ok 06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:53:31.0270 4892 AppIDSvc - ok 06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 06:53:31.0333 4892 Appinfo - ok 06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 06:53:31.0364 4892 arc - ok 06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:53:31.0395 4892 arcsas - ok 06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 06:53:31.0504 4892 aspnet_state - ok 06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:53:31.0520 4892 AsyncMac - ok 06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 06:53:31.0567 4892 atapi - ok 06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 06:53:31.0613 4892 AtiHdmiService - ok 06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:53:31.0660 4892 AudioEndpointBuilder - ok 06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:53:31.0676 4892 AudioSrv - ok 06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe 06:53:31.0738 4892 AVP - ok 06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:53:31.0801 4892 AxInstSV - ok 06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:53:31.0847 4892 b06bdrv - ok 06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:53:31.0879 4892 b57nd60a - ok 06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 06:53:31.0925 4892 BDESVC - ok 06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 06:53:31.0972 4892 Beep - ok 06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 06:53:32.0035 4892 BFE - ok 06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 06:53:32.0081 4892 BITS - ok 06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:53:32.0097 4892 blbdrive - ok 06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:53:32.0159 4892 bowser - ok 06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:53:32.0191 4892 BrFiltLo - ok 06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:53:32.0206 4892 BrFiltUp - ok 06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 06:53:32.0237 4892 Browser - ok 06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:53:32.0269 4892 Brserid - ok 06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:53:32.0284 4892 BrSerWdm - ok 06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:53:32.0300 4892 BrUsbMdm - ok 06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:53:32.0315 4892 BrUsbSer - ok 06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:53:32.0347 4892 BTHMODEM - ok 06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 06:53:32.0393 4892 bthserv - ok 06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:53:32.0425 4892 cdfs - ok 06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:53:32.0456 4892 cdrom - ok 06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 06:53:32.0487 4892 CertPropSvc - ok 06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:53:32.0518 4892 circlass - ok 06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 06:53:32.0549 4892 CLFS - ok 06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok 06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok 06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok 06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok 06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:53:32.0737 4892 CmBatt - ok 06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:53:32.0752 4892 cmdide - ok 06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 06:53:32.0799 4892 CNG - ok 06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:53:32.0846 4892 Compbatt - ok 06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:53:32.0877 4892 CompositeBus - ok 06:53:32.0877 4892 COMSysApp - ok 06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:53:32.0893 4892 crcdisk - ok 06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:53:32.0955 4892 CryptSvc - ok 06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:53:33.0002 4892 DcomLaunch - ok 06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 06:53:33.0033 4892 defragsvc - ok 06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:53:33.0064 4892 DfsC - ok 06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 06:53:33.0111 4892 Dhcp - ok 06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 06:53:33.0142 4892 discache - ok 06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:53:33.0173 4892 Disk - ok 06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:53:33.0205 4892 Dnscache - ok 06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 06:53:33.0236 4892 dot3svc - ok 06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 06:53:33.0251 4892 DPS - ok 06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:53:33.0298 4892 drmkaud - ok 06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:53:33.0345 4892 DXGKrnl - ok 06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 06:53:33.0361 4892 EapHost - ok 06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:53:33.0470 4892 ebdrv - ok 06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 06:53:33.0517 4892 EFS - ok 06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:53:33.0595 4892 ehRecvr - ok 06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 06:53:33.0610 4892 ehSched - ok 06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:53:33.0641 4892 elxstor - ok 06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:53:33.0688 4892 ErrDev - ok 06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 06:53:33.0719 4892 EventSystem - ok 06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 06:53:33.0751 4892 exfat - ok 06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:53:33.0766 4892 fastfat - ok 06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 06:53:33.0829 4892 Fax - ok 06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:53:33.0844 4892 fdc - ok 06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 06:53:33.0891 4892 fdPHost - ok 06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 06:53:33.0907 4892 FDResPub - ok 06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:53:33.0922 4892 FileInfo - ok 06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:53:33.0938 4892 Filetrace - ok 06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:53:33.0969 4892 flpydisk - ok 06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:53:34.0000 4892 FltMgr - ok 06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 06:53:34.0078 4892 FontCache - ok 06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:53:34.0141 4892 FontCache3.0.0.0 - ok 06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:53:34.0172 4892 FsDepends - ok 06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:53:34.0203 4892 Fs_Rec - ok 06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:53:34.0250 4892 fvevol - ok 06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:53:34.0281 4892 gagp30kx - ok 06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 06:53:34.0328 4892 gpsvc - ok 06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe 06:53:34.0390 4892 Greg_Service - ok 06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:53:34.0406 4892 hcw85cir - ok 06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:53:34.0453 4892 HdAudAddService - ok 06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 06:53:34.0468 4892 HDAudBus - ok 06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:53:34.0468 4892 HidBatt - ok 06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:53:34.0499 4892 HidBth - ok 06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:53:34.0515 4892 HidIr - ok 06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 06:53:34.0531 4892 hidserv - ok 06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:53:34.0593 4892 HidUsb - ok 06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:53:34.0609 4892 hkmsvc - ok 06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:53:34.0640 4892 HomeGroupListener - ok 06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:53:34.0687 4892 HomeGroupProvider - ok 06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:53:34.0718 4892 HpSAMD - ok 06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:53:34.0765 4892 HTTP - ok 06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:53:34.0780 4892 hwpolicy - ok 06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 06:53:34.0827 4892 i8042prt - ok 06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:53:34.0858 4892 iaStor - ok 06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:53:34.0889 4892 iaStorV - ok 06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:53:34.0952 4892 idsvc - ok 06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:53:34.0983 4892 iirsp - ok 06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 06:53:35.0014 4892 IKEEXT - ok 06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 06:53:35.0108 4892 IntcAzAudAddService - ok 06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 06:53:35.0155 4892 intelide - ok 06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:53:35.0186 4892 intelppm - ok 06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:53:35.0217 4892 IPBusEnum - ok 06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:53:35.0248 4892 IpFilterDriver - ok 06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:53:35.0311 4892 iphlpsvc - ok 06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:53:35.0342 4892 IPMIDRV - ok 06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:53:35.0357 4892 IPNAT - ok 06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:53:35.0373 4892 IRENUM - ok 06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:53:35.0389 4892 isapnp - ok 06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:53:35.0420 4892 iScsiPrt - ok 06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:53:35.0451 4892 kbdclass - ok 06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 06:53:35.0482 4892 kbdhid - ok 06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 06:53:35.0513 4892 KeyIso - ok 06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 06:53:35.0560 4892 kl1 - ok 06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 06:53:35.0638 4892 KLIF - ok 06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 06:53:35.0685 4892 KLIM6 - ok 06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 06:53:35.0716 4892 klkbdflt - ok 06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 06:53:35.0732 4892 klmouflt - ok 06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 06:53:35.0747 4892 kltdi - ok 06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys 06:53:35.0763 4892 kneps - ok 06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:53:35.0794 4892 KSecDD - ok 06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:53:35.0810 4892 KSecPkg - ok 06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:53:35.0841 4892 ksthunk - ok 06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 06:53:35.0872 4892 KtmRm - ok 06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:53:35.0903 4892 LanmanServer - ok 06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:53:35.0935 4892 LanmanWorkstation - ok 06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:53:35.0950 4892 lltdio - ok 06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:53:35.0981 4892 lltdsvc - ok 06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:53:35.0997 4892 lmhosts - ok 06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:53:36.0028 4892 LSI_FC - ok 06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:53:36.0044 4892 LSI_SAS - ok 06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:53:36.0059 4892 LSI_SAS2 - ok 06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:53:36.0075 4892 LSI_SCSI - ok 06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 06:53:36.0091 4892 luafv - ok 06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:53:36.0122 4892 Mcx2Svc - ok 06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:53:36.0122 4892 megasas - ok 06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:53:36.0137 4892 MegaSR - ok 06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 06:53:36.0169 4892 MMCSS - ok 06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 06:53:36.0184 4892 Modem - ok 06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:53:36.0200 4892 monitor - ok 06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:53:36.0231 4892 mouclass - ok 06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:53:36.0231 4892 mouhid - ok 06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:53:36.0278 4892 mountmgr - ok 06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 06:53:36.0325 4892 mpio - ok 06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:53:36.0340 4892 mpsdrv - ok 06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:53:36.0371 4892 MpsSvc - ok 06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:53:36.0403 4892 MRxDAV - ok 06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:53:36.0418 4892 mrxsmb - ok 06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:53:36.0449 4892 mrxsmb10 - ok 06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:53:36.0465 4892 mrxsmb20 - ok 06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 06:53:36.0496 4892 msahci - ok 06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:53:36.0512 4892 msdsm - ok 06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 06:53:36.0527 4892 MSDTC - ok 06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:53:36.0543 4892 Msfs - ok 06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:53:36.0559 4892 mshidkmdf - ok 06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:53:36.0590 4892 msisadrv - ok 06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:53:36.0621 4892 MSiSCSI - ok 06:53:36.0621 4892 msiserver - ok 06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:53:36.0652 4892 MSKSSRV - ok 06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:53:36.0668 4892 MSPCLOCK - ok 06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:53:36.0683 4892 MSPQM - ok 06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:53:36.0715 4892 MsRPC - ok 06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:53:36.0730 4892 mssmbios - ok 06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:53:36.0746 4892 MSTEE - ok 06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:53:36.0761 4892 MTConfig - ok 06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 06:53:36.0777 4892 Mup - ok 06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 06:53:36.0808 4892 mwlPSDFilter - ok 06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 06:53:36.0808 4892 mwlPSDNServ - ok 06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 06:53:36.0824 4892 mwlPSDVDisk - ok 06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 06:53:36.0871 4892 MWLService - ok 06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 06:53:36.0902 4892 napagent - ok 06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:53:36.0949 4892 NativeWifiP - ok 06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 06:53:36.0995 4892 NDIS - ok 06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:53:37.0011 4892 NdisCap - ok 06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:53:37.0042 4892 NdisTapi - ok 06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:53:37.0073 4892 Ndisuio - ok 06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:53:37.0105 4892 NdisWan - ok 06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:53:37.0136 4892 NDProxy - ok 06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok 06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:53:37.0245 4892 NetBIOS - ok 06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:53:37.0292 4892 NetBT - ok 06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 06:53:37.0323 4892 Netlogon - ok 06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 06:53:37.0370 4892 Netman - ok 06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0401 4892 NetMsmqActivator - ok 06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0432 4892 NetPipeActivator - ok 06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 06:53:37.0463 4892 netprofm - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpActivator - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpPortSharing - ok 06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:53:37.0510 4892 nfrd960 - ok 06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:53:37.0541 4892 NlaSvc - ok 06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:53:37.0557 4892 Npfs - ok 06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 06:53:37.0557 4892 nsi - ok 06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:53:37.0573 4892 nsiproxy - ok 06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:53:37.0651 4892 Ntfs - ok 06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 06:53:37.0666 4892 Null - ok 06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:53:37.0697 4892 nvraid - ok 06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:53:37.0713 4892 nvstor - ok 06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:53:37.0729 4892 nv_agp - ok 06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:53:37.0760 4892 ohci1394 - ok 06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:53:37.0807 4892 ose - ok 06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 06:53:38.0009 4892 osppsvc - ok 06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0041 4892 p2pimsvc - ok 06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 06:53:38.0072 4892 p2psvc - ok 06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:53:38.0087 4892 Parport - ok 06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:53:38.0119 4892 partmgr - ok 06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 06:53:38.0134 4892 PcaSvc - ok 06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok 06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok 06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok 06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 06:53:38.0306 4892 pci - ok 06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 06:53:38.0321 4892 pciide - ok 06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:53:38.0353 4892 pcmcia - ok 06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 06:53:38.0353 4892 pcw - ok 06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:53:38.0384 4892 PEAUTH - ok 06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:53:38.0446 4892 PerfHost - ok 06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 06:53:38.0493 4892 pla - ok 06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:53:38.0555 4892 PlugPlay - ok 06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:53:38.0587 4892 PNRPAutoReg - ok 06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0602 4892 PNRPsvc - ok 06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:53:38.0633 4892 PolicyAgent - ok 06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 06:53:38.0680 4892 Power - ok 06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:53:38.0727 4892 PptpMiniport - ok 06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:53:38.0758 4892 Processor - ok 06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 06:53:38.0774 4892 ProfSvc - ok 06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 06:53:38.0789 4892 ProtectedStorage - ok 06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:53:38.0836 4892 Psched - ok 06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:53:38.0867 4892 ql2300 - ok 06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:53:38.0899 4892 ql40xx - ok 06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 06:53:38.0914 4892 QWAVE - ok 06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:53:38.0945 4892 QWAVEdrv - ok 06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:53:38.0945 4892 RasAcd - ok 06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:53:38.0977 4892 RasAgileVpn - ok 06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 06:53:39.0008 4892 RasAuto - ok 06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:53:39.0039 4892 Rasl2tp - ok 06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 06:53:39.0070 4892 RasMan - ok 06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:53:39.0086 4892 RasPppoe - ok 06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:53:39.0101 4892 RasSstp - ok 06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:53:39.0133 4892 rdbss - ok 06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:53:39.0148 4892 rdpbus - ok 06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:53:39.0179 4892 RDPCDD - ok 06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:53:39.0195 4892 RDPENCDD - ok 06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:53:39.0195 4892 RDPREFMP - ok 06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 06:53:39.0257 4892 RdpVideoMiniport - ok 06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:53:39.0289 4892 RDPWD - ok 06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:53:39.0320 4892 rdyboost - ok 06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:53:39.0351 4892 RemoteAccess - ok 06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:53:39.0367 4892 RemoteRegistry - ok 06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 06:53:39.0429 4892 RichVideo - ok 06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:53:39.0445 4892 RpcEptMapper - ok 06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 06:53:39.0460 4892 RpcLocator - ok 06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 06:53:39.0507 4892 RpcSs - ok 06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:53:39.0523 4892 rspndr - ok 06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 06:53:39.0554 4892 RTL8167 - ok 06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 06:53:39.0569 4892 SamSs - ok 06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:53:39.0601 4892 sbp2port - ok 06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:53:39.0632 4892 SCardSvr - ok 06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:53:39.0679 4892 scfilter - ok 06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 06:53:39.0710 4892 Schedule - ok 06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 06:53:39.0757 4892 SCPolicySvc - ok 06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:53:39.0772 4892 SDRSVC - ok 06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:53:39.0803 4892 secdrv - ok 06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 06:53:39.0835 4892 seclogon - ok 06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 06:53:39.0866 4892 SENS - ok 06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:53:39.0881 4892 SensrSvc - ok 06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:53:39.0913 4892 Serenum - ok 06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:53:39.0944 4892 Serial - ok 06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:53:39.0975 4892 sermouse - ok 06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 06:53:40.0006 4892 SessionEnv - ok 06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:53:40.0037 4892 sffdisk - ok 06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:53:40.0053 4892 sffp_mmc - ok 06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:53:40.0069 4892 sffp_sd - ok 06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:53:40.0084 4892 sfloppy - ok 06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:53:40.0115 4892 SharedAccess - ok 06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:53:40.0147 4892 ShellHWDetection - ok 06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:53:40.0162 4892 SiSRaid2 - ok 06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:53:40.0178 4892 SiSRaid4 - ok 06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:53:40.0240 4892 SkypeUpdate - ok 06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:53:40.0256 4892 Smb - ok 06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:53:40.0303 4892 SNMPTRAP - ok 06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 06:53:40.0318 4892 spldr - ok 06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 06:53:40.0349 4892 Spooler - ok 06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 06:53:40.0474 4892 sppsvc - ok 06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:53:40.0490 4892 sppuinotify - ok 06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 06:53:40.0521 4892 srv - ok 06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:53:40.0552 4892 srv2 - ok 06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:53:40.0568 4892 srvnet - ok 06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:53:40.0599 4892 SSDPSRV - ok 06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:53:40.0630 4892 SstpSvc - ok 06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:53:40.0646 4892 stexstor - ok 06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 06:53:40.0661 4892 StillCam - ok 06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 06:53:40.0708 4892 stisvc - ok 06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 06:53:40.0739 4892 swenum - ok 06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 06:53:40.0755 4892 swprv - ok 06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 06:53:40.0833 4892 SysMain - ok 06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:53:40.0864 4892 TabletInputService - ok 06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 06:53:40.0895 4892 TapiSrv - ok 06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 06:53:40.0911 4892 TBS - ok 06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:53:41.0005 4892 Tcpip - ok 06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:53:41.0051 4892 TCPIP6 - ok 06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:53:41.0098 4892 tcpipreg - ok 06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:53:41.0114 4892 TDPIPE - ok 06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:53:41.0145 4892 TDTCP - ok 06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:53:41.0161 4892 tdx - ok 06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 06:53:41.0192 4892 TermDD - ok 06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 06:53:41.0223 4892 TermService - ok 06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 06:53:41.0239 4892 Themes - ok 06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 06:53:41.0270 4892 THREADORDER - ok 06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 06:53:41.0285 4892 TrkWks - ok 06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:53:41.0317 4892 TrustedInstaller - ok 06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:53:41.0348 4892 tssecsrv - ok 06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:53:41.0363 4892 TsUsbFlt - ok 06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:53:41.0410 4892 tunnel - ok 06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:53:41.0426 4892 uagp35 - ok 06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:53:41.0457 4892 udfs - ok 06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:53:41.0473 4892 UI0Detect - ok 06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:53:41.0488 4892 uliagpkx - ok 06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 06:53:41.0519 4892 umbus - ok 06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:53:41.0551 4892 UmPass - ok 06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:53:41.0582 4892 Updater Service - ok 06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 06:53:41.0597 4892 upnphost - ok 06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 06:53:41.0629 4892 usbccgp - ok 06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:53:41.0644 4892 usbcir - ok 06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 06:53:41.0675 4892 usbehci - ok 06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:53:41.0691 4892 usbhub - ok 06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:53:41.0722 4892 usbohci - ok 06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:53:41.0738 4892 usbprint - ok 06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe 06:53:41.0816 4892 USBS3S4Detection - ok 06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:53:41.0816 4892 USBSTOR - ok 06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:53:41.0847 4892 usbuhci - ok 06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 06:53:41.0863 4892 UxSms - ok 06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 06:53:41.0878 4892 VaultSvc - ok 06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:53:41.0878 4892 vdrvroot - ok 06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 06:53:41.0925 4892 vds - ok 06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:53:41.0941 4892 vga - ok 06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 06:53:41.0956 4892 VgaSave - ok 06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 06:53:41.0987 4892 vhdmp - ok 06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 06:53:42.0003 4892 viaide - ok 06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:53:42.0019 4892 volmgr - ok 06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:53:42.0050 4892 volmgrx - ok 06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:53:42.0065 4892 volsnap - ok 06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:53:42.0081 4892 vsmraid - ok 06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 06:53:42.0143 4892 VSS - ok 06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 06:53:42.0159 4892 vwifibus - ok 06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 06:53:42.0190 4892 W32Time - ok 06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:53:42.0206 4892 WacomPen - ok 06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0221 4892 WANARP - ok 06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0237 4892 Wanarpv6 - ok 06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 06:53:42.0299 4892 wbengine - ok 06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:53:42.0315 4892 WbioSrvc - ok 06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:53:42.0346 4892 wcncsvc - ok 06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:53:42.0362 4892 WcsPlugInService - ok 06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:53:42.0377 4892 Wd - ok 06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:53:42.0409 4892 Wdf01000 - ok 06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:53:42.0424 4892 WdiServiceHost - ok 06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:53:42.0440 4892 WdiSystemHost - ok 06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 06:53:42.0471 4892 WebClient - ok 06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:53:42.0487 4892 Wecsvc - ok 06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:53:42.0487 4892 wercplsupport - ok 06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 06:53:42.0502 4892 WerSvc - ok 06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:53:42.0518 4892 WfpLwf - ok 06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:53:42.0533 4892 WIMMount - ok 06:53:42.0549 4892 WinDefend - ok 06:53:42.0549 4892 WinHttpAutoProxySvc - ok 06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:53:42.0596 4892 Winmgmt - ok 06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 06:53:42.0674 4892 WinRM - ok 06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 06:53:42.0721 4892 WinUsb - ok 06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 06:53:42.0736 4892 Wlansvc - ok 06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:53:42.0767 4892 WmiAcpi - ok 06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:53:42.0783 4892 wmiApSrv - ok 06:53:42.0799 4892 WMPNetworkSvc - ok 06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:53:42.0814 4892 WPCSvc - ok 06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:53:42.0845 4892 WPDBusEnum - ok 06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:53:42.0861 4892 ws2ifsl - ok 06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 06:53:42.0877 4892 wscsvc - ok 06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 06:53:42.0892 4892 WSDPrintDevice - ok 06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 06:53:42.0939 4892 WSDScan - ok 06:53:42.0939 4892 WSearch - ok 06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 06:53:43.0033 4892 wuauserv - ok 06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:53:43.0064 4892 WudfPf - ok 06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:53:43.0095 4892 WUDFRd - ok 06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:53:43.0111 4892 wudfsvc - ok 06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 06:53:43.0126 4892 WwanSvc - ok 06:53:43.0142 4892 ================ Scan global =============================== 06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 06:53:43.0220 4892 [Global] - ok 06:53:43.0220 4892 ================ Scan MBR ================================== 06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok 06:53:43.0438 4892 ================ Scan VBR ================================== 06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1 06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok 06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2 06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok 06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3 06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok 06:53:43.0469 4892 ============================================================ 06:53:43.0469 4892 Scan finished 06:53:43.0469 4892 ============================================================ 06:53:43.0485 3028 Detected object count: 0 06:53:43.0485 3028 Actual detected object count: 0 06:53:48.0680 1720 Deinitialize success |
|
03.05.2013, 06:13
| #4 |
| /// Malwareteam | Trojaner MitB PC3 Bitte poste die logfiles, wie gebeten, in code-tags.
__________________ Kein Asylrecht für Trojaner!  Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.05.2013, 06:21
| #5 |
| | Trojaner MitB PC3 #OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.05.2013 19:25:57 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,48% Memory free 7,86 Gb Paging File | 6,59 Gb Available in Paging File | 83,95% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 458,87 Gb Total Space | 397,96 Gb Free Space | 86,73% Space Free | Partition Type: NTFS Drive D: | 458,87 Gb Total Space | 458,73 Gb Free Space | 99,97% Space Free | Partition Type: NTFS Drive E: | 1,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Computer Name: *****-PC | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe PRC - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe PRC - [2010.02.05 12:33:46 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe PRC - [2010.02.01 20:05:02 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.12.25 03:45:16 | 000,401,192 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe PRC - [2009.12.25 03:44:48 | 000,201,512 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe PRC - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe ========== Modules (No Company Name) ========== MOD - [2010.05.25 21:10:34 | 005,475,403 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe MOD - [2010.05.18 18:01:28 | 002,415,104 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtCore4.dll MOD - [2010.03.26 04:29:36 | 000,563,744 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe MOD - [2010.03.26 04:29:36 | 000,154,144 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll MOD - [2010.02.18 12:03:36 | 009,515,520 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtGui4.dll MOD - [2010.02.18 11:25:22 | 001,148,416 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtNetwork4.dll MOD - [2010.02.18 11:21:10 | 000,398,336 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\QtXml4.dll MOD - [2009.06.22 20:42:42 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\libgcc_s_dw2-1.dll MOD - [2009.02.27 17:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll MOD - [2009.01.10 20:32:40 | 000,011,362 | ---- | M] () -- C:\Program Files (x86)\Vidalia Bundle\Vidalia\mingwm10.dll ========== Services (SafeList) ========== SRV:64bit: - [2010.02.25 12:07:54 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.11.24 20:44:47 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.01 20:04:40 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.15 23:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection) SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:64bit: - [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps) DRV:64bit: - [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,528 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt) DRV:64bit: - [2012.10.25 13:42:02 | 000,029,016 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt) DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.08.02 16:09:34 | 000,028,504 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:64bit: - [2012.06.19 18:28:12 | 000,458,584 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010.02.25 12:22:38 | 006,369,792 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010.02.25 11:12:10 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010.01.28 03:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.12.09 11:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2009.10.22 13:54:24 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\67900842.sys -- (67900842) DRV:64bit: - [2009.09.25 17:59:46 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\67900841.sys -- (67900841) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan) DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\*****\Desktop IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=f0eb25ee00000000000090fba6e0912b&tlver=1.4.19.19&affID=17160 IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ADFA_de IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\..\SearchScopes\{A1842A62-B6B6-40DE-BA4E-F5E75A3CB3D2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms} IE - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.04.25 05:05:37 | 000,000,000 | ---D | M] [2010.11.20 11:38:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions [2010.11.20 11:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru [2010.11.20 11:16:25 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2011.06.03 11:11:10 | 000,002,423 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: Google CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\gcswf32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.168\pdf.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\plugin/npVKPlugin.dll CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\plugin/npUrlAdvisor.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: Modul zur Link-Untersuchung = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.462_0\ CHR - Extension: Virtuelle Tastatur = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.374_0\ CHR - Extension: Anti-Banner = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.) O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe () O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3867470967-2630306741-3201711498-1001..\Run: [Vidalia] C:\Program Files (x86)\Vidalia Bundle\Vidalia\vidalia.exe () O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} https://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner) O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{04C1A2C1-E6AD-4F78-BD26-40662216F83A}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77E05783-9DA1-425A-BBC3-9A5C89C94808}: DhcpNameServer = 10.57.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.02 19:24:26 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.04.13 10:43:30 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Sonstiges Desktop 13.04.2013 [2013.04.05 19:56:49 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\130405_Streifentorte --Dateien [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | M] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:49 | 000,050,477 | ---- | M] () -- C:\Users\*****\Desktop\Defogger.exe [2013.05.02 19:24:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\*****\Desktop\OTL.exe [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:10:54 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.02 18:03:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.02 18:03:36 | 3163,901,952 | -HS- | M] () -- C:\hiberfil.sys [2013.05.02 08:05:50 | 000,000,473 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.05.02 07:56:29 | 001,642,148 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.02 07:56:29 | 000,707,300 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.02 07:56:29 | 000,660,918 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.02 07:56:29 | 000,152,892 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.02 07:56:29 | 000,125,108 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.25 05:05:36 | 000,620,128 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys [2013.04.25 05:05:36 | 000,178,448 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kneps.sys [2013.04.25 05:05:36 | 000,055,056 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\kltdi.sys [2013.04.25 05:05:35 | 000,090,208 | ---- | M] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys [2013.04.15 21:16:19 | 000,001,619 | ---- | M] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.11 19:49:20 | 000,425,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.04.05 19:56:49 | 000,025,614 | ---- | M] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [1 C:\Users\*****\Desktop\*.tmp files -> C:\Users\*****\Desktop\*.tmp -> ] [1 C:\*.tmp files -> C:\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.02 19:25:34 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable [2013.05.02 19:25:00 | 000,377,856 | ---- | C] () -- C:\Users\*****\Desktop\gmer_2.1.19163.exe [2013.05.02 19:24:48 | 000,050,477 | ---- | C] () -- C:\Users\*****\Desktop\Defogger.exe [2013.04.15 21:16:19 | 000,001,619 | ---- | C] () -- C:\Users\*****\Desktop\*****-PC - Verknüpfung.lnk [2013.04.05 19:56:49 | 000,025,614 | ---- | C] () -- C:\Users\*****\Documents\130405_Streifentorte -.htm [2013.04.04 19:42:18 | 000,002,348 | ---- | C] () -- C:\Users\*****\Desktop\Sicherer Zahlungsverkehr - Kopie.lnk [2011.10.28 15:32:22 | 000,017,408 | ---- | C] () -- C:\Users\*****\AppData\Local\WebpageIcons.db [2011.09.24 14:43:40 | 000,000,701 | ---- | C] () -- C:\Users\*****\***** - Verknüpfung.lnk [2011.06.26 13:20:36 | 001,619,106 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.06.26 13:20:33 | 000,000,096 | ---- | C] () -- C:\Users\*****\AppData\Local\fusioncache.dat [2011.06.03 11:11:14 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll [2010.11.20 12:47:07 | 000,007,599 | ---- | C] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg [2010.03.20 01:05:19 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.10.01 19:57:16 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\elsterformular [2011.08.13 18:58:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Lexware [2010.11.20 10:38:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\OEM [2012.01.18 10:02:52 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PC-FAX TX ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:93DE1838 < End of report > #OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 02.05.2013 19:25:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,48% Memory free
7,86 Gb Paging File | 6,59 Gb Available in Paging File | 83,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 397,96 Gb Free Space | 86,73% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 458,73 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 1,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F4F57F9-7FD4-4CAD-8FA7-F81416E2829F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BDDC837-8033-422C-9356-3B121B538B24}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3D5C0D21-4D32-40CC-8DEB-C687CF6A8054}" = rport=138 | protocol=17 | dir=out | app=system |
"{60A42A8F-12BA-41CE-AD32-407F3F582E70}" = rport=445 | protocol=6 | dir=out | app=system |
"{6AF65004-8410-415D-B07C-57DC38216ED0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{752E8C89-AF30-4A47-A58A-BDD0116842F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7A99DA37-7DE1-4DFE-8FF1-5535CE8FBF5D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{801830E7-CF17-4617-8A91-080FC838E5D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{8268BC26-7147-4143-97D4-901F865F31E9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{979265DD-CDDB-4334-88BB-C9D85B365224}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{A6EE15F0-77A7-4393-B4D2-5C17E55543E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A74A3B96-8200-4ACE-8925-16EC8E7C2F5B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA6D2802-FA2F-4A05-B353-327B58BDE921}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAFD1473-9416-49F6-B00B-66CADC61DCDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B868AC0B-8978-4499-92B1-22ECF820D52C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BD5D38FE-00BF-49A1-8B82-1F0E2B46EB17}" = lport=139 | protocol=6 | dir=in | app=system |
"{C83A174F-DB9B-4C8C-8D8D-F8EF1F5CC292}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE26026F-CC65-4564-92A1-6544BC8FA79A}" = rport=137 | protocol=17 | dir=out | app=system |
"{CFEA398D-7C50-4372-8C54-66E68C3F574C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E31E88D9-AC41-44B3-8377-EE08F563C101}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E63AEEF5-A6EA-4C8B-850A-404A5E0156D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E794A54D-8835-4D18-A2D6-561A85137CD0}" = lport=137 | protocol=17 | dir=in | app=system |
"{EFD42BC5-70C5-4FC4-B182-E61C0329DB36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F47E5B86-5DAD-4A97-9F87-F0B5E3BD0F53}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F5C2F59C-A310-4EBB-A231-2A8CB918E1A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{FDA911D9-954A-4091-AAB1-A15BDA881881}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04478DE2-CBF5-421B-A51C-C4B4B87A8E30}" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\microsoft\windows\temporary internet files\content.ie5\0pgkzj1a\pdfconvertersetup[1].exe |
"{09B2FA9F-5DD9-45F1-95C9-EDFE1CA0AAEB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dmp\clbrowserengine.exe |
"{0B24C085-9579-4707-9256-8F8154274A83}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1356AE55-FCE8-4D68-86D2-29542FD75393}" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\microsoft\windows\temporary internet files\content.ie5\0pgkzj1a\pdfconvertersetup[1].exe |
"{199C8F31-F1D0-4951-9B66-60447067A2FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1CBDD9ED-E3FE-4F2E-BB9B-A300800C8685}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20D25892-F7A1-4B8A-9420-92844DC6AC43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{243E7A49-134C-4EA2-8E26-6460D389FF3A}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovie.exe |
"{2DB1C8CC-80C9-4C2A-8660-198F93C3C6E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3766BFD3-2A64-4553-97CB-D8D64968B6EE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3C097A9A-DD15-496E-A387-B7F269DC397E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3D1A8F63-0F0C-4E3A-A106-21F8879BCC0C}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl06d\faxrx.exe |
"{4060A8C2-575A-4B1F-ABDB-FCC088DC25FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{42E19928-645A-468D-A448-A77CBC59EFB7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{42E24F7B-1199-4DF7-9C18-1E5C35645F7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{455C7A9D-7000-42A9-9953-65D4CD8B30D8}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dms\clmsservice.exe |
"{55BD081D-355D-492C-B0DC-6C762877421C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F95F47B-CD85-4079-9805-6D15C634D01C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{68D4E0C6-12F1-4B81-A81C-FC3D39F6C3D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6F19C68A-D6D4-4D6C-A4ED-6CAA48E6BC01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7178D0DA-48D2-4891-B1CA-FD3E6650640E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7B7D2D9F-29CE-44A6-AD72-C23C034422A3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7BEBB89E-726E-4078-99EF-2B35CD862766}" = protocol=6 | dir=out | app=system |
"{8018EA82-A59A-4984-8476-E41B417DFCA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{808A9708-CBA3-4DEB-88D6-F723B9435445}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\powercinema.exe |
"{80EF12AB-BFD3-4D78-8521-E3388BBB3143}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{983B90F8-A429-4D0D-9322-46FCC6A1BDA7}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9B4A2B6F-6327-4645-ADEB-0CDD04A356EE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9CAB341B-423F-4890-B7E9-5E230A1BFF89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D2A2592-614E-413D-9982-18916133F7EB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\pcmservice.exe |
"{9DF750DD-A4C5-4C69-9213-0FA389D5D6A1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BB9E525C-375D-40AF-8D4C-57235203B4B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD29C0FC-20B7-4D91-BF09-6729394FE22A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CE25067E-E3A4-4B8A-B4A7-4DA2B2EA9BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl06d\faxrx.exe |
"{CF8A612B-78FD-4425-BE1A-F44EB9F91E6F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovieservice.exe |
"{D5743764-3910-4D85-8C7B-FFB6166BAAB5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2A09D1B-CA91-45A9-98BD-3E8AE078B976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E736031E-393C-4A88-9CCE-BB586155112F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F31C4A63-8A24-4342-B9F9-EF4F343D492A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F76BE71D-9917-4CC4-9DFC-364385F5DA9D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{738E4E18-C4FB-8948-9779-A6857A677E51}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC}" = ATI Catalyst Install Manager
"{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON BX635FWD Series" = EPSON BX635FWD Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C91FFD-66F7-7599-27A4-2158E063DE8B}" = Catalyst Control Center Graphics Full New
"{0151E7E3-E236-F8FA-1B1E-4116E848AA80}" = Catalyst Control Center Graphics Full Existing
"{09A1B02F-7814-E662-098A-0AE641A5DFFD}" = Catalyst Control Center Localization All
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{176CFC97-0619-63F5-216F-DA91DF5C180C}" = CCC Help Thai
"{178EF55D-51F6-62EC-A25F-C7CB3FB375B8}" = CCC Help Dutch
"{1AB7AB77-6AF0-8349-CDAA-0BB7BD5AD57C}" = CCC Help Chinese Standard
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EAE344E-F3FB-967E-51B5-EF1697364D91}" = CCC Help Russian
"{32A0FE82-9DE1-4D5E-B860-8018E725AE37}" = Microsoft .NET Compact Framework 1.0 SP3
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3548CAD1-45FB-72E9-7C5B-3F50FB42E2D2}" = CCC Help Italian
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{427875CA-82DE-42B5-8B15-EA7DC60BB91A}" = QuickImmobilie 2012
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50A9A489-68FB-17EB-5EC7-44F55E5E3FCD}" = Catalyst Control Center Graphics Previews Vista
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58AE1219-4CF0-7920-A8D9-204AE4291B6B}" = CCC Help Finnish
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5F4D7F9D-E36B-4E3C-A11C-DB365E676232}" = CCC Help Polish
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{654304D2-7FDB-5A2C-84AD-8253AD4B47A1}" = ccc-core-static
"{67565ee8-222f-4073-933e-a2b9ab033e49}" = Nero 9 Essentials
"{6A4B388A-C460-9371-A401-272BED1BC785}" = CCC Help Danish
"{6BC06531-C06B-0637-6868-DFC30D297ECF}" = CCC Help Swedish
"{6DEF8F72-0510-2265-3C1B-3D72DBFF6CCA}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F446B99-7355-05E0-B9DA-580993D79E0C}" = CCC Help Turkish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.20
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C17B3F0-577B-538D-DB8C-40197D03FAD4}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B191AED2-AF18-3195-44AF-5D60A8F52DB7}" = CCC Help Chinese Traditional
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{B95EBC95-B7CF-D326-EB73-AA1E33D1A31E}" = CCC Help French
"{BAF19BB1-7716-4F37-5C47-E9DD9A70BC0F}" = Catalyst Control Center InstallProxy
"{BD243CE6-93CC-1284-4A90-90EA06B19FFB}" = CCC Help Greek
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE627CA2-AB0E-275B-FCEF-6FBDE4AB1124}" = CCC Help German
"{C24B5777-DA09-50F7-79EF-E26E53D1559A}" = CCC Help English
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C77E500C-FB0C-D423-991B-3FE5B24AAA80}" = CCC Help Norwegian
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}" = Brother MFL-Pro Suite MFC-9440CN
"{CABAE860-68A5-0ACE-46FE-DF8B40DAD5BD}" = CCC Help Hungarian
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D215ED58-928A-C704-C104-F3333A429336}" = Catalyst Control Center Core Implementation
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA3A9E2A-6D28-9D91-E65F-0C5978100D3F}" = Catalyst Control Center Graphics Light
"{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19CD3A3-21ED-90AA-E57B-1E54D44EF874}" = CCC Help Portuguese
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB08F5BF-8B35-CA7F-2C6C-4C7875EFF8C8}" = CCC Help Korean
"{FB9225A0-7458-4025-8EF7-9C5B4FBD50EE}" = QuickImmobilie 2011
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FEFB7AF2-FFD6-6ED1-7749-6F998A22A2B7}" = CCC Help Czech
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"EPSON Scanner" = EPSON Scan
"HaaliMkx" = Haali Media Splitter
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Synology Assistant" = Synology Assistant (remove only)
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:26 | Computer Name = *****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 02.05.2013 03:06:48 | Computer Name = *****-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 01.05.2013 10:45:45 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 01.05.2013 10:48:28 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 01.05.2013 10:48:28 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 01:14:13 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 01:15:13 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 04:53:07 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 04:54:07 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 12:03:46 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 12:04:46 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 12:43:48 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
< End of report >
#OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 02.05.2013 19:25:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,93 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 72,48% Memory free
7,86 Gb Paging File | 6,59 Gb Available in Paging File | 83,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 397,96 Gb Free Space | 86,73% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 458,73 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive E: | 1,84 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3867470967-2630306741-3201711498-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F4F57F9-7FD4-4CAD-8FA7-F81416E2829F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1BDDC837-8033-422C-9356-3B121B538B24}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3D5C0D21-4D32-40CC-8DEB-C687CF6A8054}" = rport=138 | protocol=17 | dir=out | app=system |
"{60A42A8F-12BA-41CE-AD32-407F3F582E70}" = rport=445 | protocol=6 | dir=out | app=system |
"{6AF65004-8410-415D-B07C-57DC38216ED0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{752E8C89-AF30-4A47-A58A-BDD0116842F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{7A99DA37-7DE1-4DFE-8FF1-5535CE8FBF5D}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{801830E7-CF17-4617-8A91-080FC838E5D4}" = lport=445 | protocol=6 | dir=in | app=system |
"{8268BC26-7147-4143-97D4-901F865F31E9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{979265DD-CDDB-4334-88BB-C9D85B365224}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{A6EE15F0-77A7-4393-B4D2-5C17E55543E0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A74A3B96-8200-4ACE-8925-16EC8E7C2F5B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AA6D2802-FA2F-4A05-B353-327B58BDE921}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AAFD1473-9416-49F6-B00B-66CADC61DCDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B868AC0B-8978-4499-92B1-22ECF820D52C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BD5D38FE-00BF-49A1-8B82-1F0E2B46EB17}" = lport=139 | protocol=6 | dir=in | app=system |
"{C83A174F-DB9B-4C8C-8D8D-F8EF1F5CC292}" = lport=138 | protocol=17 | dir=in | app=system |
"{CE26026F-CC65-4564-92A1-6544BC8FA79A}" = rport=137 | protocol=17 | dir=out | app=system |
"{CFEA398D-7C50-4372-8C54-66E68C3F574C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E31E88D9-AC41-44B3-8377-EE08F563C101}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E63AEEF5-A6EA-4C8B-850A-404A5E0156D2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E794A54D-8835-4D18-A2D6-561A85137CD0}" = lport=137 | protocol=17 | dir=in | app=system |
"{EFD42BC5-70C5-4FC4-B182-E61C0329DB36}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F47E5B86-5DAD-4A97-9F87-F0B5E3BD0F53}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F5C2F59C-A310-4EBB-A231-2A8CB918E1A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{FDA911D9-954A-4091-AAB1-A15BDA881881}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04478DE2-CBF5-421B-A51C-C4B4B87A8E30}" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\microsoft\windows\temporary internet files\content.ie5\0pgkzj1a\pdfconvertersetup[1].exe |
"{09B2FA9F-5DD9-45F1-95C9-EDFE1CA0AAEB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dmp\clbrowserengine.exe |
"{0B24C085-9579-4707-9256-8F8154274A83}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1356AE55-FCE8-4D68-86D2-29542FD75393}" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\microsoft\windows\temporary internet files\content.ie5\0pgkzj1a\pdfconvertersetup[1].exe |
"{199C8F31-F1D0-4951-9B66-60447067A2FC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1CBDD9ED-E3FE-4F2E-BB9B-A300800C8685}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{20D25892-F7A1-4B8A-9420-92844DC6AC43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{243E7A49-134C-4EA2-8E26-6460D389FF3A}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovie.exe |
"{2DB1C8CC-80C9-4C2A-8660-198F93C3C6E0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3766BFD3-2A64-4553-97CB-D8D64968B6EE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3C097A9A-DD15-496E-A387-B7F269DC397E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3D1A8F63-0F0C-4E3A-A106-21F8879BCC0C}" = protocol=17 | dir=in | app=c:\program files (x86)\brother\brmfl06d\faxrx.exe |
"{4060A8C2-575A-4B1F-ABDB-FCC088DC25FB}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{42E19928-645A-468D-A448-A77CBC59EFB7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{42E24F7B-1199-4DF7-9C18-1E5C35645F7F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{455C7A9D-7000-42A9-9953-65D4CD8B30D8}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dms\clmsservice.exe |
"{55BD081D-355D-492C-B0DC-6C762877421C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F95F47B-CD85-4079-9805-6D15C634D01C}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{68D4E0C6-12F1-4B81-A81C-FC3D39F6C3D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6F19C68A-D6D4-4D6C-A4ED-6CAA48E6BC01}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7178D0DA-48D2-4891-B1CA-FD3E6650640E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7B7D2D9F-29CE-44A6-AD72-C23C034422A3}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7BEBB89E-726E-4078-99EF-2B35CD862766}" = protocol=6 | dir=out | app=system |
"{8018EA82-A59A-4984-8476-E41B417DFCA4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{808A9708-CBA3-4DEB-88D6-F723B9435445}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\powercinema.exe |
"{80EF12AB-BFD3-4D78-8521-E3388BBB3143}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{983B90F8-A429-4D0D-9322-46FCC6A1BDA7}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9B4A2B6F-6327-4645-ADEB-0CDD04A356EE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9CAB341B-423F-4890-B7E9-5E230A1BFF89}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9D2A2592-614E-413D-9982-18916133F7EB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\pcmservice.exe |
"{9DF750DD-A4C5-4C69-9213-0FA389D5D6A1}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{BB9E525C-375D-40AF-8D4C-57235203B4B0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD29C0FC-20B7-4D91-BF09-6729394FE22A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CE25067E-E3A4-4B8A-B4A7-4DA2B2EA9BA4}" = protocol=6 | dir=in | app=c:\program files (x86)\brother\brmfl06d\faxrx.exe |
"{CF8A612B-78FD-4425-BE1A-F44EB9F91E6F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovieservice.exe |
"{D5743764-3910-4D85-8C7B-FFB6166BAAB5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E2A09D1B-CA91-45A9-98BD-3E8AE078B976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E736031E-393C-4A88-9CCE-BB586155112F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F31C4A63-8A24-4342-B9F9-EF4F343D492A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F76BE71D-9917-4CC4-9DFC-364385F5DA9D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{738E4E18-C4FB-8948-9779-A6857A677E51}" = ccc-utility64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A4404CD3-561D-6B14-ECDA-69AB1BC6A5BC}" = ATI Catalyst Install Manager
"{DDA8FE2D-EA67-194C-D6A5-F52BC4FDA20F}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON BX635FWD Series" = EPSON BX635FWD Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00C91FFD-66F7-7599-27A4-2158E063DE8B}" = Catalyst Control Center Graphics Full New
"{0151E7E3-E236-F8FA-1B1E-4116E848AA80}" = Catalyst Control Center Graphics Full Existing
"{09A1B02F-7814-E662-098A-0AE641A5DFFD}" = Catalyst Control Center Localization All
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{176CFC97-0619-63F5-216F-DA91DF5C180C}" = CCC Help Thai
"{178EF55D-51F6-62EC-A25F-C7CB3FB375B8}" = CCC Help Dutch
"{1AB7AB77-6AF0-8349-CDAA-0BB7BD5AD57C}" = CCC Help Chinese Standard
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EAE344E-F3FB-967E-51B5-EF1697364D91}" = CCC Help Russian
"{32A0FE82-9DE1-4D5E-B860-8018E725AE37}" = Microsoft .NET Compact Framework 1.0 SP3
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3548CAD1-45FB-72E9-7C5B-3F50FB42E2D2}" = CCC Help Italian
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{427875CA-82DE-42B5-8B15-EA7DC60BB91A}" = QuickImmobilie 2012
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{50A9A489-68FB-17EB-5EC7-44F55E5E3FCD}" = Catalyst Control Center Graphics Previews Vista
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58AE1219-4CF0-7920-A8D9-204AE4291B6B}" = CCC Help Finnish
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5F4D7F9D-E36B-4E3C-A11C-DB365E676232}" = CCC Help Polish
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{654304D2-7FDB-5A2C-84AD-8253AD4B47A1}" = ccc-core-static
"{67565ee8-222f-4073-933e-a2b9ab033e49}" = Nero 9 Essentials
"{6A4B388A-C460-9371-A401-272BED1BC785}" = CCC Help Danish
"{6BC06531-C06B-0637-6868-DFC30D297ECF}" = CCC Help Swedish
"{6DEF8F72-0510-2265-3C1B-3D72DBFF6CCA}" = CCC Help Spanish
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F446B99-7355-05E0-B9DA-580993D79E0C}" = CCC Help Turkish
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87BB78C4-F36D-4D93-A7C7-F80F18219848}" = AMD DnD V1.0.20
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows 7
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C17B3F0-577B-538D-DB8C-40197D03FAD4}" = CCC Help Japanese
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{B191AED2-AF18-3195-44AF-5D60A8F52DB7}" = CCC Help Chinese Traditional
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{B95EBC95-B7CF-D326-EB73-AA1E33D1A31E}" = CCC Help French
"{BAF19BB1-7716-4F37-5C47-E9DD9A70BC0F}" = Catalyst Control Center InstallProxy
"{BD243CE6-93CC-1284-4A90-90EA06B19FFB}" = CCC Help Greek
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BE627CA2-AB0E-275B-FCEF-6FBDE4AB1124}" = CCC Help German
"{C24B5777-DA09-50F7-79EF-E26E53D1559A}" = CCC Help English
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C77E500C-FB0C-D423-991B-3FE5B24AAA80}" = CCC Help Norwegian
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}" = Brother MFL-Pro Suite MFC-9440CN
"{CABAE860-68A5-0ACE-46FE-DF8B40DAD5BD}" = CCC Help Hungarian
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{D215ED58-928A-C704-C104-F3333A429336}" = Catalyst Control Center Core Implementation
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EA3A9E2A-6D28-9D91-E65F-0C5978100D3F}" = Catalyst Control Center Graphics Light
"{EE10D76C-39B7-40A8-A24C-1BEEACBED160}" = Catalyst Control Center - Branding
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F19CD3A3-21ED-90AA-E57B-1E54D44EF874}" = CCC Help Portuguese
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB08F5BF-8B35-CA7F-2C6C-4C7875EFF8C8}" = CCC Help Korean
"{FB9225A0-7458-4025-8EF7-9C5B4FBD50EE}" = QuickImmobilie 2011
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FEFB7AF2-FFD6-6ED1-7749-6F998A22A2B7}" = CCC Help Czech
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"EPSON Scanner" = EPSON Scan
"HaaliMkx" = Haali Media Splitter
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Synology Assistant" = Synology Assistant (remove only)
"WinLiveSuite_Wave3" = Windows Live Essentials
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 29.04.2013 18:31:22 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:26 | Computer Name = *****-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 02.05.2013 03:06:48 | Computer Name = *****-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 02.05.2013 03:06:55 | Computer Name = *****-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 01.05.2013 10:45:45 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 01.05.2013 10:48:28 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 01.05.2013 10:48:28 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 01:14:13 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 01:15:13 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 04:53:07 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 04:54:07 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 12:03:46 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TCP/IP Registry Compatibility" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1058
Error - 02.05.2013 12:04:46 | Computer Name = *****-PC | Source = DCOM | ID = 10016
Description =
Error - 02.05.2013 12:43:48 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =
< End of report >
GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - GMER - Rootkit Detector and Remover
Rootkit scan 2013-05-02 20:30:49
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.80.0 931,51GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\*****\AppData\Local\Temp\fwdirkod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75]
.text C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe[2844] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75]
.text ... * 2
.text C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe[3408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75]
.text C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe[3408] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Windows\System32\svchost.exe [4060:4232] 000007fef58b9688
---- EOF - GMER 2.1 ----
|
|
03.05.2013, 06:38
| #6 |
| /// Malwareteam | Trojaner MitB PC3 OK, danke! Das Log vom TDSS-Killer aber bitte auch noch - alles andere erschwert uns das Auswerten ungemein. 
__________________ --> Trojaner MitB PC3 |
|
03.05.2013, 07:51
| #7 |
| | Trojaner MitB PC3 #Guten Morgen, danke erst mal für die Hilfe. Anbei das Logfile des dritten (aber wichtigsten) Pcs. 06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 06:53:19.0820 3888 ============================================================ 06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820 06:53:19.0820 3888 SystemInfo: 06:53:19.0820 3888 06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0 06:53:19.0820 3888 Product type: Workstation 06:53:19.0820 3888 ComputerName: *****-PC 06:53:19.0820 3888 UserName: ***** 06:53:19.0820 3888 Windows directory: C:\Windows 06:53:19.0820 3888 System windows directory: C:\Windows 06:53:19.0820 3888 Running under WOW64 06:53:19.0820 3888 Processor architecture: Intel x64 06:53:19.0820 3888 Number of processors: 4 06:53:19.0820 3888 Page size: 0x1000 06:53:19.0820 3888 Boot type: Normal boot 06:53:19.0820 3888 ============================================================ 06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:53:20.0194 3888 ============================================================ 06:53:20.0194 3888 \Device\Harddisk0\DR0: 06:53:20.0194 3888 MBR partitions: 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0 06:53:20.0194 3888 ============================================================ 06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2 06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3 06:53:20.0256 3888 ============================================================ 06:53:20.0256 3888 Initialize success 06:53:20.0256 3888 ============================================================ 06:53:29.0523 4892 ============================================================ 06:53:29.0523 4892 Scan started 06:53:29.0523 4892 Mode: Manual; 06:53:29.0523 4892 ============================================================ 06:53:30.0069 4892 ================ Scan system memory ======================== 06:53:30.0069 4892 System memory - ok 06:53:30.0069 4892 ================ Scan services ============================= 06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:53:30.0209 4892 1394ohci - ok 06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys 06:53:30.0240 4892 67900841 - ok 06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys 06:53:30.0256 4892 67900842 - ok 06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:53:30.0287 4892 ACPI - ok 06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:53:30.0318 4892 AcpiPmi - ok 06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 06:53:30.0412 4892 AdobeARMservice - ok 06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:53:30.0459 4892 adp94xx - ok 06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:53:30.0474 4892 adpahci - ok 06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:53:30.0521 4892 adpu320 - ok 06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:53:30.0537 4892 AeLookupSvc - ok 06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 06:53:30.0599 4892 AFD - ok 06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 06:53:30.0646 4892 agp440 - ok 06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 06:53:30.0677 4892 ALG - ok 06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 06:53:30.0708 4892 aliide - ok 06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 06:53:30.0755 4892 AMD External Events Utility - ok 06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 06:53:30.0786 4892 amdide - ok 06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:53:30.0818 4892 AmdK8 - ok 06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys 06:53:31.0020 4892 amdkmdag - ok 06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 06:53:31.0052 4892 amdkmdap - ok 06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:53:31.0083 4892 AmdPPM - ok 06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:53:31.0130 4892 amdsata - ok 06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:53:31.0177 4892 amdsbs - ok 06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:53:31.0208 4892 amdxata - ok 06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 06:53:31.0239 4892 AppID - ok 06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:53:31.0270 4892 AppIDSvc - ok 06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 06:53:31.0333 4892 Appinfo - ok 06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 06:53:31.0364 4892 arc - ok 06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:53:31.0395 4892 arcsas - ok 06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 06:53:31.0504 4892 aspnet_state - ok 06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:53:31.0520 4892 AsyncMac - ok 06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 06:53:31.0567 4892 atapi - ok 06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 06:53:31.0613 4892 AtiHdmiService - ok 06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:53:31.0660 4892 AudioEndpointBuilder - ok 06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:53:31.0676 4892 AudioSrv - ok 06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe 06:53:31.0738 4892 AVP - ok 06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:53:31.0801 4892 AxInstSV - ok 06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:53:31.0847 4892 b06bdrv - ok 06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:53:31.0879 4892 b57nd60a - ok 06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 06:53:31.0925 4892 BDESVC - ok 06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 06:53:31.0972 4892 Beep - ok 06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 06:53:32.0035 4892 BFE - ok 06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 06:53:32.0081 4892 BITS - ok 06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:53:32.0097 4892 blbdrive - ok 06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:53:32.0159 4892 bowser - ok 06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:53:32.0191 4892 BrFiltLo - ok 06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:53:32.0206 4892 BrFiltUp - ok 06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 06:53:32.0237 4892 Browser - ok 06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:53:32.0269 4892 Brserid - ok 06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:53:32.0284 4892 BrSerWdm - ok 06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:53:32.0300 4892 BrUsbMdm - ok 06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:53:32.0315 4892 BrUsbSer - ok 06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:53:32.0347 4892 BTHMODEM - ok 06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 06:53:32.0393 4892 bthserv - ok 06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:53:32.0425 4892 cdfs - ok 06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:53:32.0456 4892 cdrom - ok 06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 06:53:32.0487 4892 CertPropSvc - ok 06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:53:32.0518 4892 circlass - ok 06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 06:53:32.0549 4892 CLFS - ok 06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok 06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok 06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok 06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok 06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:53:32.0737 4892 CmBatt - ok 06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:53:32.0752 4892 cmdide - ok 06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 06:53:32.0799 4892 CNG - ok 06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:53:32.0846 4892 Compbatt - ok 06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:53:32.0877 4892 CompositeBus - ok 06:53:32.0877 4892 COMSysApp - ok 06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:53:32.0893 4892 crcdisk - ok 06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:53:32.0955 4892 CryptSvc - ok 06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:53:33.0002 4892 DcomLaunch - ok 06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 06:53:33.0033 4892 defragsvc - ok 06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:53:33.0064 4892 DfsC - ok 06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 06:53:33.0111 4892 Dhcp - ok 06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 06:53:33.0142 4892 discache - ok 06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:53:33.0173 4892 Disk - ok 06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:53:33.0205 4892 Dnscache - ok 06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 06:53:33.0236 4892 dot3svc - ok 06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 06:53:33.0251 4892 DPS - ok 06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:53:33.0298 4892 drmkaud - ok 06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:53:33.0345 4892 DXGKrnl - ok 06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 06:53:33.0361 4892 EapHost - ok 06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:53:33.0470 4892 ebdrv - ok 06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 06:53:33.0517 4892 EFS - ok 06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:53:33.0595 4892 ehRecvr - ok 06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 06:53:33.0610 4892 ehSched - ok 06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:53:33.0641 4892 elxstor - ok 06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:53:33.0688 4892 ErrDev - ok 06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 06:53:33.0719 4892 EventSystem - ok 06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 06:53:33.0751 4892 exfat - ok 06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:53:33.0766 4892 fastfat - ok 06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 06:53:33.0829 4892 Fax - ok 06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:53:33.0844 4892 fdc - ok 06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 06:53:33.0891 4892 fdPHost - ok 06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 06:53:33.0907 4892 FDResPub - ok 06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:53:33.0922 4892 FileInfo - ok 06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:53:33.0938 4892 Filetrace - ok 06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:53:33.0969 4892 flpydisk - ok 06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:53:34.0000 4892 FltMgr - ok 06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 06:53:34.0078 4892 FontCache - ok 06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:53:34.0141 4892 FontCache3.0.0.0 - ok 06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:53:34.0172 4892 FsDepends - ok 06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:53:34.0203 4892 Fs_Rec - ok 06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:53:34.0250 4892 fvevol - ok 06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:53:34.0281 4892 gagp30kx - ok 06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 06:53:34.0328 4892 gpsvc - ok 06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe 06:53:34.0390 4892 Greg_Service - ok 06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:53:34.0406 4892 hcw85cir - ok 06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:53:34.0453 4892 HdAudAddService - ok 06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 06:53:34.0468 4892 HDAudBus - ok 06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:53:34.0468 4892 HidBatt - ok 06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:53:34.0499 4892 HidBth - ok 06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:53:34.0515 4892 HidIr - ok 06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 06:53:34.0531 4892 hidserv - ok 06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:53:34.0593 4892 HidUsb - ok 06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:53:34.0609 4892 hkmsvc - ok 06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:53:34.0640 4892 HomeGroupListener - ok 06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:53:34.0687 4892 HomeGroupProvider - ok 06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:53:34.0718 4892 HpSAMD - ok 06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:53:34.0765 4892 HTTP - ok 06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:53:34.0780 4892 hwpolicy - ok 06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 06:53:34.0827 4892 i8042prt - ok 06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:53:34.0858 4892 iaStor - ok 06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:53:34.0889 4892 iaStorV - ok 06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:53:34.0952 4892 idsvc - ok 06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:53:34.0983 4892 iirsp - ok 06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 06:53:35.0014 4892 IKEEXT - ok 06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 06:53:35.0108 4892 IntcAzAudAddService - ok 06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 06:53:35.0155 4892 intelide - ok 06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:53:35.0186 4892 intelppm - ok 06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:53:35.0217 4892 IPBusEnum - ok 06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:53:35.0248 4892 IpFilterDriver - ok 06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:53:35.0311 4892 iphlpsvc - ok 06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:53:35.0342 4892 IPMIDRV - ok 06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:53:35.0357 4892 IPNAT - ok 06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:53:35.0373 4892 IRENUM - ok 06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:53:35.0389 4892 isapnp - ok 06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:53:35.0420 4892 iScsiPrt - ok 06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:53:35.0451 4892 kbdclass - ok 06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 06:53:35.0482 4892 kbdhid - ok 06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 06:53:35.0513 4892 KeyIso - ok 06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 06:53:35.0560 4892 kl1 - ok 06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 06:53:35.0638 4892 KLIF - ok 06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 06:53:35.0685 4892 KLIM6 - ok 06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 06:53:35.0716 4892 klkbdflt - ok 06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 06:53:35.0732 4892 klmouflt - ok 06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 06:53:35.0747 4892 kltdi - ok 06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys 06:53:35.0763 4892 kneps - ok 06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:53:35.0794 4892 KSecDD - ok 06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:53:35.0810 4892 KSecPkg - ok 06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:53:35.0841 4892 ksthunk - ok 06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 06:53:35.0872 4892 KtmRm - ok 06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:53:35.0903 4892 LanmanServer - ok 06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:53:35.0935 4892 LanmanWorkstation - ok 06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:53:35.0950 4892 lltdio - ok 06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:53:35.0981 4892 lltdsvc - ok 06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:53:35.0997 4892 lmhosts - ok 06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:53:36.0028 4892 LSI_FC - ok 06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:53:36.0044 4892 LSI_SAS - ok 06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:53:36.0059 4892 LSI_SAS2 - ok 06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:53:36.0075 4892 LSI_SCSI - ok 06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 06:53:36.0091 4892 luafv - ok 06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:53:36.0122 4892 Mcx2Svc - ok 06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:53:36.0122 4892 megasas - ok 06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:53:36.0137 4892 MegaSR - ok 06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 06:53:36.0169 4892 MMCSS - ok 06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 06:53:36.0184 4892 Modem - ok 06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:53:36.0200 4892 monitor - ok 06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:53:36.0231 4892 mouclass - ok 06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:53:36.0231 4892 mouhid - ok 06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:53:36.0278 4892 mountmgr - ok 06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 06:53:36.0325 4892 mpio - ok 06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:53:36.0340 4892 mpsdrv - ok 06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:53:36.0371 4892 MpsSvc - ok 06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:53:36.0403 4892 MRxDAV - ok 06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:53:36.0418 4892 mrxsmb - ok 06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:53:36.0449 4892 mrxsmb10 - ok 06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:53:36.0465 4892 mrxsmb20 - ok 06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 06:53:36.0496 4892 msahci - ok 06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:53:36.0512 4892 msdsm - ok 06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 06:53:36.0527 4892 MSDTC - ok 06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:53:36.0543 4892 Msfs - ok 06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:53:36.0559 4892 mshidkmdf - ok 06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:53:36.0590 4892 msisadrv - ok 06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:53:36.0621 4892 MSiSCSI - ok 06:53:36.0621 4892 msiserver - ok 06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:53:36.0652 4892 MSKSSRV - ok 06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:53:36.0668 4892 MSPCLOCK - ok 06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:53:36.0683 4892 MSPQM - ok 06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:53:36.0715 4892 MsRPC - ok 06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:53:36.0730 4892 mssmbios - ok 06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:53:36.0746 4892 MSTEE - ok 06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:53:36.0761 4892 MTConfig - ok 06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 06:53:36.0777 4892 Mup - ok 06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 06:53:36.0808 4892 mwlPSDFilter - ok 06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 06:53:36.0808 4892 mwlPSDNServ - ok 06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 06:53:36.0824 4892 mwlPSDVDisk - ok 06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 06:53:36.0871 4892 MWLService - ok 06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 06:53:36.0902 4892 napagent - ok 06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:53:36.0949 4892 NativeWifiP - ok 06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 06:53:36.0995 4892 NDIS - ok 06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:53:37.0011 4892 NdisCap - ok 06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:53:37.0042 4892 NdisTapi - ok 06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:53:37.0073 4892 Ndisuio - ok 06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:53:37.0105 4892 NdisWan - ok 06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:53:37.0136 4892 NDProxy - ok 06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok 06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:53:37.0245 4892 NetBIOS - ok 06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:53:37.0292 4892 NetBT - ok 06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 06:53:37.0323 4892 Netlogon - ok 06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 06:53:37.0370 4892 Netman - ok 06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0401 4892 NetMsmqActivator - ok 06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0432 4892 NetPipeActivator - ok 06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 06:53:37.0463 4892 netprofm - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpActivator - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpPortSharing - ok 06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:53:37.0510 4892 nfrd960 - ok 06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:53:37.0541 4892 NlaSvc - ok 06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:53:37.0557 4892 Npfs - ok 06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 06:53:37.0557 4892 nsi - ok 06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:53:37.0573 4892 nsiproxy - ok 06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:53:37.0651 4892 Ntfs - ok 06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 06:53:37.0666 4892 Null - ok 06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:53:37.0697 4892 nvraid - ok 06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:53:37.0713 4892 nvstor - ok 06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:53:37.0729 4892 nv_agp - ok 06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:53:37.0760 4892 ohci1394 - ok 06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:53:37.0807 4892 ose - ok 06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 06:53:38.0009 4892 osppsvc - ok 06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0041 4892 p2pimsvc - ok 06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 06:53:38.0072 4892 p2psvc - ok 06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:53:38.0087 4892 Parport - ok 06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:53:38.0119 4892 partmgr - ok 06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 06:53:38.0134 4892 PcaSvc - ok 06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok 06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok 06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok 06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 06:53:38.0306 4892 pci - ok 06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 06:53:38.0321 4892 pciide - ok 06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:53:38.0353 4892 pcmcia - ok 06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 06:53:38.0353 4892 pcw - ok 06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:53:38.0384 4892 PEAUTH - ok 06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:53:38.0446 4892 PerfHost - ok 06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 06:53:38.0493 4892 pla - ok 06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:53:38.0555 4892 PlugPlay - ok 06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:53:38.0587 4892 PNRPAutoReg - ok 06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0602 4892 PNRPsvc - ok 06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:53:38.0633 4892 PolicyAgent - ok 06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 06:53:38.0680 4892 Power - ok 06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:53:38.0727 4892 PptpMiniport - ok 06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:53:38.0758 4892 Processor - ok 06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 06:53:38.0774 4892 ProfSvc - ok 06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 06:53:38.0789 4892 ProtectedStorage - ok 06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:53:38.0836 4892 Psched - ok 06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:53:38.0867 4892 ql2300 - ok 06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:53:38.0899 4892 ql40xx - ok 06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 06:53:38.0914 4892 QWAVE - ok 06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:53:38.0945 4892 QWAVEdrv - ok 06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:53:38.0945 4892 RasAcd - ok 06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:53:38.0977 4892 RasAgileVpn - ok 06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 06:53:39.0008 4892 RasAuto - ok 06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:53:39.0039 4892 Rasl2tp - ok 06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 06:53:39.0070 4892 RasMan - ok 06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:53:39.0086 4892 RasPppoe - ok 06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:53:39.0101 4892 RasSstp - ok 06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:53:39.0133 4892 rdbss - ok 06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:53:39.0148 4892 rdpbus - ok 06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:53:39.0179 4892 RDPCDD - ok 06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:53:39.0195 4892 RDPENCDD - ok 06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:53:39.0195 4892 RDPREFMP - ok 06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 06:53:39.0257 4892 RdpVideoMiniport - ok 06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:53:39.0289 4892 RDPWD - ok 06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:53:39.0320 4892 rdyboost - ok 06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:53:39.0351 4892 RemoteAccess - ok 06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:53:39.0367 4892 RemoteRegistry - ok 06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 06:53:39.0429 4892 RichVideo - ok 06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:53:39.0445 4892 RpcEptMapper - ok 06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 06:53:39.0460 4892 RpcLocator - ok 06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 06:53:39.0507 4892 RpcSs - ok 06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:53:39.0523 4892 rspndr - ok 06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 06:53:39.0554 4892 RTL8167 - ok 06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 06:53:39.0569 4892 SamSs - ok 06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:53:39.0601 4892 sbp2port - ok 06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:53:39.0632 4892 SCardSvr - ok 06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:53:39.0679 4892 scfilter - ok 06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 06:53:39.0710 4892 Schedule - ok 06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 06:53:39.0757 4892 SCPolicySvc - ok 06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:53:39.0772 4892 SDRSVC - ok 06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:53:39.0803 4892 secdrv - ok 06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 06:53:39.0835 4892 seclogon - ok 06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 06:53:39.0866 4892 SENS - ok 06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:53:39.0881 4892 SensrSvc - ok 06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:53:39.0913 4892 Serenum - ok 06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:53:39.0944 4892 Serial - ok 06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:53:39.0975 4892 sermouse - ok 06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 06:53:40.0006 4892 SessionEnv - ok 06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:53:40.0037 4892 sffdisk - ok 06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:53:40.0053 4892 sffp_mmc - ok 06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:53:40.0069 4892 sffp_sd - ok 06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:53:40.0084 4892 sfloppy - ok 06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:53:40.0115 4892 SharedAccess - ok 06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:53:40.0147 4892 ShellHWDetection - ok 06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:53:40.0162 4892 SiSRaid2 - ok 06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:53:40.0178 4892 SiSRaid4 - ok 06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:53:40.0240 4892 SkypeUpdate - ok 06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:53:40.0256 4892 Smb - ok 06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:53:40.0303 4892 SNMPTRAP - ok 06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 06:53:40.0318 4892 spldr - ok 06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 06:53:40.0349 4892 Spooler - ok 06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 06:53:40.0474 4892 sppsvc - ok 06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:53:40.0490 4892 sppuinotify - ok 06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 06:53:40.0521 4892 srv - ok 06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:53:40.0552 4892 srv2 - ok 06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:53:40.0568 4892 srvnet - ok 06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:53:40.0599 4892 SSDPSRV - ok 06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:53:40.0630 4892 SstpSvc - ok 06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:53:40.0646 4892 stexstor - ok 06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 06:53:40.0661 4892 StillCam - ok 06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 06:53:40.0708 4892 stisvc - ok 06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 06:53:40.0739 4892 swenum - ok 06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 06:53:40.0755 4892 swprv - ok 06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 06:53:40.0833 4892 SysMain - ok 06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:53:40.0864 4892 TabletInputService - ok 06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 06:53:40.0895 4892 TapiSrv - ok 06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 06:53:40.0911 4892 TBS - ok 06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:53:41.0005 4892 Tcpip - ok 06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:53:41.0051 4892 TCPIP6 - ok 06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:53:41.0098 4892 tcpipreg - ok 06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:53:41.0114 4892 TDPIPE - ok 06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:53:41.0145 4892 TDTCP - ok 06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:53:41.0161 4892 tdx - ok 06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 06:53:41.0192 4892 TermDD - ok 06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 06:53:41.0223 4892 TermService - ok 06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 06:53:41.0239 4892 Themes - ok 06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 06:53:41.0270 4892 THREADORDER - ok 06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 06:53:41.0285 4892 TrkWks - ok 06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:53:41.0317 4892 TrustedInstaller - ok 06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:53:41.0348 4892 tssecsrv - ok 06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:53:41.0363 4892 TsUsbFlt - ok 06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:53:41.0410 4892 tunnel - ok 06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:53:41.0426 4892 uagp35 - ok 06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:53:41.0457 4892 udfs - ok 06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:53:41.0473 4892 UI0Detect - ok 06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:53:41.0488 4892 uliagpkx - ok 06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 06:53:41.0519 4892 umbus - ok 06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:53:41.0551 4892 UmPass - ok 06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:53:41.0582 4892 Updater Service - ok 06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 06:53:41.0597 4892 upnphost - ok 06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 06:53:41.0629 4892 usbccgp - ok 06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:53:41.0644 4892 usbcir - ok 06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 06:53:41.0675 4892 usbehci - ok 06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:53:41.0691 4892 usbhub - ok 06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:53:41.0722 4892 usbohci - ok 06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:53:41.0738 4892 usbprint - ok 06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe 06:53:41.0816 4892 USBS3S4Detection - ok 06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:53:41.0816 4892 USBSTOR - ok 06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:53:41.0847 4892 usbuhci - ok 06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 06:53:41.0863 4892 UxSms - ok 06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 06:53:41.0878 4892 VaultSvc - ok 06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:53:41.0878 4892 vdrvroot - ok 06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 06:53:41.0925 4892 vds - ok 06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:53:41.0941 4892 vga - ok 06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 06:53:41.0956 4892 VgaSave - ok 06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 06:53:41.0987 4892 vhdmp - ok 06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 06:53:42.0003 4892 viaide - ok 06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:53:42.0019 4892 volmgr - ok 06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:53:42.0050 4892 volmgrx - ok 06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:53:42.0065 4892 volsnap - ok 06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:53:42.0081 4892 vsmraid - ok 06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 06:53:42.0143 4892 VSS - ok 06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 06:53:42.0159 4892 vwifibus - ok 06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 06:53:42.0190 4892 W32Time - ok 06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:53:42.0206 4892 WacomPen - ok 06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0221 4892 WANARP - ok 06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0237 4892 Wanarpv6 - ok 06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 06:53:42.0299 4892 wbengine - ok 06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:53:42.0315 4892 WbioSrvc - ok 06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:53:42.0346 4892 wcncsvc - ok 06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:53:42.0362 4892 WcsPlugInService - ok 06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:53:42.0377 4892 Wd - ok 06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:53:42.0409 4892 Wdf01000 - ok 06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:53:42.0424 4892 WdiServiceHost - ok 06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:53:42.0440 4892 WdiSystemHost - ok 06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 06:53:42.0471 4892 WebClient - ok 06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:53:42.0487 4892 Wecsvc - ok 06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:53:42.0487 4892 wercplsupport - ok 06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 06:53:42.0502 4892 WerSvc - ok 06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:53:42.0518 4892 WfpLwf - ok 06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:53:42.0533 4892 WIMMount - ok 06:53:42.0549 4892 WinDefend - ok 06:53:42.0549 4892 WinHttpAutoProxySvc - ok 06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:53:42.0596 4892 Winmgmt - ok 06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 06:53:42.0674 4892 WinRM - ok 06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 06:53:42.0721 4892 WinUsb - ok 06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 06:53:42.0736 4892 Wlansvc - ok 06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:53:42.0767 4892 WmiAcpi - ok 06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:53:42.0783 4892 wmiApSrv - ok 06:53:42.0799 4892 WMPNetworkSvc - ok 06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:53:42.0814 4892 WPCSvc - ok 06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:53:42.0845 4892 WPDBusEnum - ok 06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:53:42.0861 4892 ws2ifsl - ok 06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 06:53:42.0877 4892 wscsvc - ok 06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 06:53:42.0892 4892 WSDPrintDevice - ok 06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 06:53:42.0939 4892 WSDScan - ok 06:53:42.0939 4892 WSearch - ok 06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 06:53:43.0033 4892 wuauserv - ok 06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:53:43.0064 4892 WudfPf - ok 06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:53:43.0095 4892 WUDFRd - ok 06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:53:43.0111 4892 wudfsvc - ok 06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 06:53:43.0126 4892 WwanSvc - ok 06:53:43.0142 4892 ================ Scan global =============================== 06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 06:53:43.0220 4892 [Global] - ok 06:53:43.0220 4892 ================ Scan MBR ================================== 06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok 06:53:43.0438 4892 ================ Scan VBR ================================== 06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1 06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok 06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2 06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok 06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3 06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok 06:53:43.0469 4892 ============================================================ 06:53:43.0469 4892 Scan finished 06:53:43.0469 4892 ============================================================ 06:53:43.0485 3028 Detected object count: 0 06:53:43.0485 3028 Actual detected object count: 0 06:53:48.0680 1720 Deinitialize success |
|
03.05.2013, 08:01
| #8 |
| /// Malwareteam | Trojaner MitB PC3 ...in code-tags...
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.05.2013, 09:06
| #9 |
| | Trojaner MitB PC3 # 06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 06:53:19.0820 3888 ============================================================ 06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820 06:53:19.0820 3888 SystemInfo: 06:53:19.0820 3888 06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0 06:53:19.0820 3888 Product type: Workstation 06:53:19.0820 3888 ComputerName: *****-PC 06:53:19.0820 3888 UserName: ***** 06:53:19.0820 3888 Windows directory: C:\Windows 06:53:19.0820 3888 System windows directory: C:\Windows 06:53:19.0820 3888 Running under WOW64 06:53:19.0820 3888 Processor architecture: Intel x64 06:53:19.0820 3888 Number of processors: 4 06:53:19.0820 3888 Page size: 0x1000 06:53:19.0820 3888 Boot type: Normal boot 06:53:19.0820 3888 ============================================================ 06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:53:20.0194 3888 ============================================================ 06:53:20.0194 3888 \Device\Harddisk0\DR0: 06:53:20.0194 3888 MBR partitions: 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0 06:53:20.0194 3888 ============================================================ 06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2 06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3 06:53:20.0256 3888 ============================================================ 06:53:20.0256 3888 Initialize success 06:53:20.0256 3888 ============================================================ 06:53:29.0523 4892 ============================================================ 06:53:29.0523 4892 Scan started 06:53:29.0523 4892 Mode: Manual; 06:53:29.0523 4892 ============================================================ 06:53:30.0069 4892 ================ Scan system memory ======================== 06:53:30.0069 4892 System memory - ok 06:53:30.0069 4892 ================ Scan services ============================= 06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:53:30.0209 4892 1394ohci - ok 06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys 06:53:30.0240 4892 67900841 - ok 06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys 06:53:30.0256 4892 67900842 - ok 06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:53:30.0287 4892 ACPI - ok 06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:53:30.0318 4892 AcpiPmi - ok 06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 06:53:30.0412 4892 AdobeARMservice - ok 06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:53:30.0459 4892 adp94xx - ok 06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:53:30.0474 4892 adpahci - ok 06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:53:30.0521 4892 adpu320 - ok 06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:53:30.0537 4892 AeLookupSvc - ok 06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 06:53:30.0599 4892 AFD - ok 06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 06:53:30.0646 4892 agp440 - ok 06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 06:53:30.0677 4892 ALG - ok 06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 06:53:30.0708 4892 aliide - ok 06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 06:53:30.0755 4892 AMD External Events Utility - ok 06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 06:53:30.0786 4892 amdide - ok 06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:53:30.0818 4892 AmdK8 - ok 06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys 06:53:31.0020 4892 amdkmdag - ok 06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 06:53:31.0052 4892 amdkmdap - ok 06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:53:31.0083 4892 AmdPPM - ok 06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:53:31.0130 4892 amdsata - ok 06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:53:31.0177 4892 amdsbs - ok 06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:53:31.0208 4892 amdxata - ok 06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 06:53:31.0239 4892 AppID - ok 06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:53:31.0270 4892 AppIDSvc - ok 06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 06:53:31.0333 4892 Appinfo - ok 06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 06:53:31.0364 4892 arc - ok 06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:53:31.0395 4892 arcsas - ok 06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 06:53:31.0504 4892 aspnet_state - ok 06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:53:31.0520 4892 AsyncMac - ok 06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 06:53:31.0567 4892 atapi - ok 06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 06:53:31.0613 4892 AtiHdmiService - ok 06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:53:31.0660 4892 AudioEndpointBuilder - ok 06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:53:31.0676 4892 AudioSrv - ok 06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe 06:53:31.0738 4892 AVP - ok 06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:53:31.0801 4892 AxInstSV - ok 06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:53:31.0847 4892 b06bdrv - ok 06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:53:31.0879 4892 b57nd60a - ok 06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 06:53:31.0925 4892 BDESVC - ok 06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 06:53:31.0972 4892 Beep - ok 06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 06:53:32.0035 4892 BFE - ok 06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 06:53:32.0081 4892 BITS - ok 06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:53:32.0097 4892 blbdrive - ok 06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:53:32.0159 4892 bowser - ok 06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:53:32.0191 4892 BrFiltLo - ok 06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:53:32.0206 4892 BrFiltUp - ok 06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 06:53:32.0237 4892 Browser - ok 06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:53:32.0269 4892 Brserid - ok 06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:53:32.0284 4892 BrSerWdm - ok 06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:53:32.0300 4892 BrUsbMdm - ok 06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:53:32.0315 4892 BrUsbSer - ok 06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:53:32.0347 4892 BTHMODEM - ok 06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 06:53:32.0393 4892 bthserv - ok 06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:53:32.0425 4892 cdfs - ok 06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:53:32.0456 4892 cdrom - ok 06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 06:53:32.0487 4892 CertPropSvc - ok 06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:53:32.0518 4892 circlass - ok 06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 06:53:32.0549 4892 CLFS - ok 06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok 06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok 06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok 06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok 06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:53:32.0737 4892 CmBatt - ok 06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:53:32.0752 4892 cmdide - ok 06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 06:53:32.0799 4892 CNG - ok 06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:53:32.0846 4892 Compbatt - ok 06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:53:32.0877 4892 CompositeBus - ok 06:53:32.0877 4892 COMSysApp - ok 06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:53:32.0893 4892 crcdisk - ok 06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:53:32.0955 4892 CryptSvc - ok 06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:53:33.0002 4892 DcomLaunch - ok 06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 06:53:33.0033 4892 defragsvc - ok 06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:53:33.0064 4892 DfsC - ok 06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 06:53:33.0111 4892 Dhcp - ok 06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 06:53:33.0142 4892 discache - ok 06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:53:33.0173 4892 Disk - ok 06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:53:33.0205 4892 Dnscache - ok 06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 06:53:33.0236 4892 dot3svc - ok 06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 06:53:33.0251 4892 DPS - ok 06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:53:33.0298 4892 drmkaud - ok 06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:53:33.0345 4892 DXGKrnl - ok 06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 06:53:33.0361 4892 EapHost - ok 06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:53:33.0470 4892 ebdrv - ok 06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 06:53:33.0517 4892 EFS - ok 06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:53:33.0595 4892 ehRecvr - ok 06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 06:53:33.0610 4892 ehSched - ok 06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:53:33.0641 4892 elxstor - ok 06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:53:33.0688 4892 ErrDev - ok 06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 06:53:33.0719 4892 EventSystem - ok 06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 06:53:33.0751 4892 exfat - ok 06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:53:33.0766 4892 fastfat - ok 06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 06:53:33.0829 4892 Fax - ok 06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:53:33.0844 4892 fdc - ok 06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 06:53:33.0891 4892 fdPHost - ok 06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 06:53:33.0907 4892 FDResPub - ok 06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:53:33.0922 4892 FileInfo - ok 06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:53:33.0938 4892 Filetrace - ok 06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:53:33.0969 4892 flpydisk - ok 06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:53:34.0000 4892 FltMgr - ok 06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 06:53:34.0078 4892 FontCache - ok 06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:53:34.0141 4892 FontCache3.0.0.0 - ok 06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:53:34.0172 4892 FsDepends - ok 06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:53:34.0203 4892 Fs_Rec - ok 06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:53:34.0250 4892 fvevol - ok 06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:53:34.0281 4892 gagp30kx - ok 06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 06:53:34.0328 4892 gpsvc - ok 06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe 06:53:34.0390 4892 Greg_Service - ok 06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:53:34.0406 4892 hcw85cir - ok 06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:53:34.0453 4892 HdAudAddService - ok 06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 06:53:34.0468 4892 HDAudBus - ok 06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:53:34.0468 4892 HidBatt - ok 06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:53:34.0499 4892 HidBth - ok 06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:53:34.0515 4892 HidIr - ok 06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 06:53:34.0531 4892 hidserv - ok 06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:53:34.0593 4892 HidUsb - ok 06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:53:34.0609 4892 hkmsvc - ok 06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:53:34.0640 4892 HomeGroupListener - ok 06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:53:34.0687 4892 HomeGroupProvider - ok 06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:53:34.0718 4892 HpSAMD - ok 06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:53:34.0765 4892 HTTP - ok 06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:53:34.0780 4892 hwpolicy - ok 06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 06:53:34.0827 4892 i8042prt - ok 06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:53:34.0858 4892 iaStor - ok 06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:53:34.0889 4892 iaStorV - ok 06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:53:34.0952 4892 idsvc - ok 06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:53:34.0983 4892 iirsp - ok 06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 06:53:35.0014 4892 IKEEXT - ok 06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 06:53:35.0108 4892 IntcAzAudAddService - ok 06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 06:53:35.0155 4892 intelide - ok 06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:53:35.0186 4892 intelppm - ok 06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:53:35.0217 4892 IPBusEnum - ok 06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:53:35.0248 4892 IpFilterDriver - ok 06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:53:35.0311 4892 iphlpsvc - ok 06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:53:35.0342 4892 IPMIDRV - ok 06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:53:35.0357 4892 IPNAT - ok 06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:53:35.0373 4892 IRENUM - ok 06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:53:35.0389 4892 isapnp - ok 06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:53:35.0420 4892 iScsiPrt - ok 06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:53:35.0451 4892 kbdclass - ok 06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 06:53:35.0482 4892 kbdhid - ok 06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 06:53:35.0513 4892 KeyIso - ok 06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 06:53:35.0560 4892 kl1 - ok 06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 06:53:35.0638 4892 KLIF - ok 06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 06:53:35.0685 4892 KLIM6 - ok 06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 06:53:35.0716 4892 klkbdflt - ok 06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 06:53:35.0732 4892 klmouflt - ok 06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 06:53:35.0747 4892 kltdi - ok 06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys 06:53:35.0763 4892 kneps - ok 06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:53:35.0794 4892 KSecDD - ok 06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:53:35.0810 4892 KSecPkg - ok 06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:53:35.0841 4892 ksthunk - ok 06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 06:53:35.0872 4892 KtmRm - ok 06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:53:35.0903 4892 LanmanServer - ok 06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:53:35.0935 4892 LanmanWorkstation - ok 06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:53:35.0950 4892 lltdio - ok 06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:53:35.0981 4892 lltdsvc - ok 06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:53:35.0997 4892 lmhosts - ok 06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:53:36.0028 4892 LSI_FC - ok 06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:53:36.0044 4892 LSI_SAS - ok 06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:53:36.0059 4892 LSI_SAS2 - ok 06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:53:36.0075 4892 LSI_SCSI - ok 06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 06:53:36.0091 4892 luafv - ok 06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:53:36.0122 4892 Mcx2Svc - ok 06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:53:36.0122 4892 megasas - ok 06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:53:36.0137 4892 MegaSR - ok 06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 06:53:36.0169 4892 MMCSS - ok 06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 06:53:36.0184 4892 Modem - ok 06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:53:36.0200 4892 monitor - ok 06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:53:36.0231 4892 mouclass - ok 06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:53:36.0231 4892 mouhid - ok 06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:53:36.0278 4892 mountmgr - ok 06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 06:53:36.0325 4892 mpio - ok 06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:53:36.0340 4892 mpsdrv - ok 06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:53:36.0371 4892 MpsSvc - ok 06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:53:36.0403 4892 MRxDAV - ok 06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:53:36.0418 4892 mrxsmb - ok 06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:53:36.0449 4892 mrxsmb10 - ok 06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:53:36.0465 4892 mrxsmb20 - ok 06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 06:53:36.0496 4892 msahci - ok 06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:53:36.0512 4892 msdsm - ok 06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 06:53:36.0527 4892 MSDTC - ok 06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:53:36.0543 4892 Msfs - ok 06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:53:36.0559 4892 mshidkmdf - ok 06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:53:36.0590 4892 msisadrv - ok 06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:53:36.0621 4892 MSiSCSI - ok 06:53:36.0621 4892 msiserver - ok 06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:53:36.0652 4892 MSKSSRV - ok 06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:53:36.0668 4892 MSPCLOCK - ok 06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:53:36.0683 4892 MSPQM - ok 06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:53:36.0715 4892 MsRPC - ok 06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:53:36.0730 4892 mssmbios - ok 06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:53:36.0746 4892 MSTEE - ok 06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:53:36.0761 4892 MTConfig - ok 06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 06:53:36.0777 4892 Mup - ok 06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 06:53:36.0808 4892 mwlPSDFilter - ok 06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 06:53:36.0808 4892 mwlPSDNServ - ok 06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 06:53:36.0824 4892 mwlPSDVDisk - ok 06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 06:53:36.0871 4892 MWLService - ok 06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 06:53:36.0902 4892 napagent - ok 06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:53:36.0949 4892 NativeWifiP - ok 06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 06:53:36.0995 4892 NDIS - ok 06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:53:37.0011 4892 NdisCap - ok 06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:53:37.0042 4892 NdisTapi - ok 06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:53:37.0073 4892 Ndisuio - ok 06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:53:37.0105 4892 NdisWan - ok 06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:53:37.0136 4892 NDProxy - ok 06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok 06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:53:37.0245 4892 NetBIOS - ok 06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:53:37.0292 4892 NetBT - ok 06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 06:53:37.0323 4892 Netlogon - ok 06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 06:53:37.0370 4892 Netman - ok 06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0401 4892 NetMsmqActivator - ok 06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0432 4892 NetPipeActivator - ok 06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 06:53:37.0463 4892 netprofm - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpActivator - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpPortSharing - ok 06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:53:37.0510 4892 nfrd960 - ok 06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:53:37.0541 4892 NlaSvc - ok 06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:53:37.0557 4892 Npfs - ok 06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 06:53:37.0557 4892 nsi - ok 06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:53:37.0573 4892 nsiproxy - ok 06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:53:37.0651 4892 Ntfs - ok 06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 06:53:37.0666 4892 Null - ok 06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:53:37.0697 4892 nvraid - ok 06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:53:37.0713 4892 nvstor - ok 06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:53:37.0729 4892 nv_agp - ok 06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:53:37.0760 4892 ohci1394 - ok 06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:53:37.0807 4892 ose - ok 06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 06:53:38.0009 4892 osppsvc - ok 06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0041 4892 p2pimsvc - ok 06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 06:53:38.0072 4892 p2psvc - ok 06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:53:38.0087 4892 Parport - ok 06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:53:38.0119 4892 partmgr - ok 06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 06:53:38.0134 4892 PcaSvc - ok 06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok 06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok 06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok 06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 06:53:38.0306 4892 pci - ok 06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 06:53:38.0321 4892 pciide - ok 06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:53:38.0353 4892 pcmcia - ok 06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 06:53:38.0353 4892 pcw - ok 06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:53:38.0384 4892 PEAUTH - ok 06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:53:38.0446 4892 PerfHost - ok 06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 06:53:38.0493 4892 pla - ok 06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:53:38.0555 4892 PlugPlay - ok 06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:53:38.0587 4892 PNRPAutoReg - ok 06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0602 4892 PNRPsvc - ok 06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:53:38.0633 4892 PolicyAgent - ok 06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 06:53:38.0680 4892 Power - ok 06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:53:38.0727 4892 PptpMiniport - ok 06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:53:38.0758 4892 Processor - ok 06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 06:53:38.0774 4892 ProfSvc - ok 06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 06:53:38.0789 4892 ProtectedStorage - ok 06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:53:38.0836 4892 Psched - ok 06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:53:38.0867 4892 ql2300 - ok 06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:53:38.0899 4892 ql40xx - ok 06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 06:53:38.0914 4892 QWAVE - ok 06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:53:38.0945 4892 QWAVEdrv - ok 06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:53:38.0945 4892 RasAcd - ok 06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:53:38.0977 4892 RasAgileVpn - ok 06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 06:53:39.0008 4892 RasAuto - ok 06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:53:39.0039 4892 Rasl2tp - ok 06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 06:53:39.0070 4892 RasMan - ok 06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:53:39.0086 4892 RasPppoe - ok 06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:53:39.0101 4892 RasSstp - ok 06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:53:39.0133 4892 rdbss - ok 06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:53:39.0148 4892 rdpbus - ok 06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:53:39.0179 4892 RDPCDD - ok 06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:53:39.0195 4892 RDPENCDD - ok 06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:53:39.0195 4892 RDPREFMP - ok 06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 06:53:39.0257 4892 RdpVideoMiniport - ok 06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:53:39.0289 4892 RDPWD - ok 06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:53:39.0320 4892 rdyboost - ok 06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:53:39.0351 4892 RemoteAccess - ok 06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:53:39.0367 4892 RemoteRegistry - ok 06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 06:53:39.0429 4892 RichVideo - ok 06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:53:39.0445 4892 RpcEptMapper - ok 06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 06:53:39.0460 4892 RpcLocator - ok 06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 06:53:39.0507 4892 RpcSs - ok 06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:53:39.0523 4892 rspndr - ok 06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 06:53:39.0554 4892 RTL8167 - ok 06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 06:53:39.0569 4892 SamSs - ok 06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:53:39.0601 4892 sbp2port - ok 06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:53:39.0632 4892 SCardSvr - ok 06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:53:39.0679 4892 scfilter - ok 06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 06:53:39.0710 4892 Schedule - ok 06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 06:53:39.0757 4892 SCPolicySvc - ok 06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:53:39.0772 4892 SDRSVC - ok 06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:53:39.0803 4892 secdrv - ok 06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 06:53:39.0835 4892 seclogon - ok 06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 06:53:39.0866 4892 SENS - ok 06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:53:39.0881 4892 SensrSvc - ok 06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:53:39.0913 4892 Serenum - ok 06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:53:39.0944 4892 Serial - ok 06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:53:39.0975 4892 sermouse - ok 06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 06:53:40.0006 4892 SessionEnv - ok 06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:53:40.0037 4892 sffdisk - ok 06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:53:40.0053 4892 sffp_mmc - ok 06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:53:40.0069 4892 sffp_sd - ok 06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:53:40.0084 4892 sfloppy - ok 06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:53:40.0115 4892 SharedAccess - ok 06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:53:40.0147 4892 ShellHWDetection - ok 06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:53:40.0162 4892 SiSRaid2 - ok 06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:53:40.0178 4892 SiSRaid4 - ok 06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:53:40.0240 4892 SkypeUpdate - ok 06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:53:40.0256 4892 Smb - ok 06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:53:40.0303 4892 SNMPTRAP - ok 06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 06:53:40.0318 4892 spldr - ok 06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 06:53:40.0349 4892 Spooler - ok 06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 06:53:40.0474 4892 sppsvc - ok 06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:53:40.0490 4892 sppuinotify - ok 06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 06:53:40.0521 4892 srv - ok 06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:53:40.0552 4892 srv2 - ok 06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:53:40.0568 4892 srvnet - ok 06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:53:40.0599 4892 SSDPSRV - ok 06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:53:40.0630 4892 SstpSvc - ok 06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:53:40.0646 4892 stexstor - ok 06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 06:53:40.0661 4892 StillCam - ok 06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 06:53:40.0708 4892 stisvc - ok 06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 06:53:40.0739 4892 swenum - ok 06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 06:53:40.0755 4892 swprv - ok 06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 06:53:40.0833 4892 SysMain - ok 06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:53:40.0864 4892 TabletInputService - ok 06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 06:53:40.0895 4892 TapiSrv - ok 06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 06:53:40.0911 4892 TBS - ok 06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:53:41.0005 4892 Tcpip - ok 06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:53:41.0051 4892 TCPIP6 - ok 06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:53:41.0098 4892 tcpipreg - ok 06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:53:41.0114 4892 TDPIPE - ok 06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:53:41.0145 4892 TDTCP - ok 06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:53:41.0161 4892 tdx - ok 06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 06:53:41.0192 4892 TermDD - ok 06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 06:53:41.0223 4892 TermService - ok 06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 06:53:41.0239 4892 Themes - ok 06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 06:53:41.0270 4892 THREADORDER - ok 06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 06:53:41.0285 4892 TrkWks - ok 06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:53:41.0317 4892 TrustedInstaller - ok 06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:53:41.0348 4892 tssecsrv - ok 06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:53:41.0363 4892 TsUsbFlt - ok 06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:53:41.0410 4892 tunnel - ok 06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:53:41.0426 4892 uagp35 - ok 06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:53:41.0457 4892 udfs - ok 06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:53:41.0473 4892 UI0Detect - ok 06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:53:41.0488 4892 uliagpkx - ok 06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 06:53:41.0519 4892 umbus - ok 06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:53:41.0551 4892 UmPass - ok 06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:53:41.0582 4892 Updater Service - ok 06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 06:53:41.0597 4892 upnphost - ok 06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 06:53:41.0629 4892 usbccgp - ok 06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:53:41.0644 4892 usbcir - ok 06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 06:53:41.0675 4892 usbehci - ok 06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:53:41.0691 4892 usbhub - ok 06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:53:41.0722 4892 usbohci - ok 06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:53:41.0738 4892 usbprint - ok 06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe 06:53:41.0816 4892 USBS3S4Detection - ok 06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:53:41.0816 4892 USBSTOR - ok 06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:53:41.0847 4892 usbuhci - ok 06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 06:53:41.0863 4892 UxSms - ok 06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 06:53:41.0878 4892 VaultSvc - ok 06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:53:41.0878 4892 vdrvroot - ok 06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 06:53:41.0925 4892 vds - ok 06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:53:41.0941 4892 vga - ok 06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 06:53:41.0956 4892 VgaSave - ok 06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 06:53:41.0987 4892 vhdmp - ok 06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 06:53:42.0003 4892 viaide - ok 06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:53:42.0019 4892 volmgr - ok 06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:53:42.0050 4892 volmgrx - ok 06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:53:42.0065 4892 volsnap - ok 06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:53:42.0081 4892 vsmraid - ok 06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 06:53:42.0143 4892 VSS - ok 06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 06:53:42.0159 4892 vwifibus - ok 06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 06:53:42.0190 4892 W32Time - ok 06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:53:42.0206 4892 WacomPen - ok 06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0221 4892 WANARP - ok 06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0237 4892 Wanarpv6 - ok 06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 06:53:42.0299 4892 wbengine - ok 06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:53:42.0315 4892 WbioSrvc - ok 06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:53:42.0346 4892 wcncsvc - ok 06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:53:42.0362 4892 WcsPlugInService - ok 06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:53:42.0377 4892 Wd - ok 06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:53:42.0409 4892 Wdf01000 - ok 06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:53:42.0424 4892 WdiServiceHost - ok 06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:53:42.0440 4892 WdiSystemHost - ok 06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 06:53:42.0471 4892 WebClient - ok 06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:53:42.0487 4892 Wecsvc - ok 06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:53:42.0487 4892 wercplsupport - ok 06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 06:53:42.0502 4892 WerSvc - ok 06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:53:42.0518 4892 WfpLwf - ok 06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:53:42.0533 4892 WIMMount - ok 06:53:42.0549 4892 WinDefend - ok 06:53:42.0549 4892 WinHttpAutoProxySvc - ok 06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:53:42.0596 4892 Winmgmt - ok 06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 06:53:42.0674 4892 WinRM - ok 06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 06:53:42.0721 4892 WinUsb - ok 06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 06:53:42.0736 4892 Wlansvc - ok 06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:53:42.0767 4892 WmiAcpi - ok 06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:53:42.0783 4892 wmiApSrv - ok 06:53:42.0799 4892 WMPNetworkSvc - ok 06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:53:42.0814 4892 WPCSvc - ok 06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:53:42.0845 4892 WPDBusEnum - ok 06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:53:42.0861 4892 ws2ifsl - ok 06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 06:53:42.0877 4892 wscsvc - ok 06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 06:53:42.0892 4892 WSDPrintDevice - ok 06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 06:53:42.0939 4892 WSDScan - ok 06:53:42.0939 4892 WSearch - ok 06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 06:53:43.0033 4892 wuauserv - ok 06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:53:43.0064 4892 WudfPf - ok 06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:53:43.0095 4892 WUDFRd - ok 06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:53:43.0111 4892 wudfsvc - ok 06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 06:53:43.0126 4892 WwanSvc - ok 06:53:43.0142 4892 ================ Scan global =============================== 06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 06:53:43.0220 4892 [Global] - ok 06:53:43.0220 4892 ================ Scan MBR ================================== 06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok 06:53:43.0438 4892 ================ Scan VBR ================================== 06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1 06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok 06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2 06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok 06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3 06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok 06:53:43.0469 4892 ============================================================ 06:53:43.0469 4892 Scan finished 06:53:43.0469 4892 ============================================================ 06:53:43.0485 3028 Detected object count: 0 06:53:43.0485 3028 Actual detected object count: 0 06:53:48.0680 1720 Deinitialize success # 06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 06:53:19.0820 3888 ============================================================ 06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820 06:53:19.0820 3888 SystemInfo: 06:53:19.0820 3888 06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0 06:53:19.0820 3888 Product type: Workstation 06:53:19.0820 3888 ComputerName: *****-PC 06:53:19.0820 3888 UserName: ***** 06:53:19.0820 3888 Windows directory: C:\Windows 06:53:19.0820 3888 System windows directory: C:\Windows 06:53:19.0820 3888 Running under WOW64 06:53:19.0820 3888 Processor architecture: Intel x64 06:53:19.0820 3888 Number of processors: 4 06:53:19.0820 3888 Page size: 0x1000 06:53:19.0820 3888 Boot type: Normal boot 06:53:19.0820 3888 ============================================================ 06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:53:20.0194 3888 ============================================================ 06:53:20.0194 3888 \Device\Harddisk0\DR0: 06:53:20.0194 3888 MBR partitions: 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0 06:53:20.0194 3888 ============================================================ 06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2 06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3 06:53:20.0256 3888 ============================================================ 06:53:20.0256 3888 Initialize success 06:53:20.0256 3888 ============================================================ 06:53:29.0523 4892 ============================================================ 06:53:29.0523 4892 Scan started 06:53:29.0523 4892 Mode: Manual; 06:53:29.0523 4892 ============================================================ 06:53:30.0069 4892 ================ Scan system memory ======================== 06:53:30.0069 4892 System memory - ok 06:53:30.0069 4892 ================ Scan services ============================= 06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:53:30.0209 4892 1394ohci - ok 06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys 06:53:30.0240 4892 67900841 - ok 06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys 06:53:30.0256 4892 67900842 - ok 06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:53:30.0287 4892 ACPI - ok 06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:53:30.0318 4892 AcpiPmi - ok 06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 06:53:30.0412 4892 AdobeARMservice - ok 06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:53:30.0459 4892 adp94xx - ok 06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:53:30.0474 4892 adpahci - ok 06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:53:30.0521 4892 adpu320 - ok 06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:53:30.0537 4892 AeLookupSvc - ok 06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 06:53:30.0599 4892 AFD - ok 06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 06:53:30.0646 4892 agp440 - ok 06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 06:53:30.0677 4892 ALG - ok 06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 06:53:30.0708 4892 aliide - ok 06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 06:53:30.0755 4892 AMD External Events Utility - ok 06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 06:53:30.0786 4892 amdide - ok 06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:53:30.0818 4892 AmdK8 - ok 06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys 06:53:31.0020 4892 amdkmdag - ok 06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 06:53:31.0052 4892 amdkmdap - ok 06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:53:31.0083 4892 AmdPPM - ok 06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:53:31.0130 4892 amdsata - ok 06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:53:31.0177 4892 amdsbs - ok 06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:53:31.0208 4892 amdxata - ok 06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 06:53:31.0239 4892 AppID - ok 06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:53:31.0270 4892 AppIDSvc - ok 06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 06:53:31.0333 4892 Appinfo - ok 06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 06:53:31.0364 4892 arc - ok 06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:53:31.0395 4892 arcsas - ok 06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 06:53:31.0504 4892 aspnet_state - ok 06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:53:31.0520 4892 AsyncMac - ok 06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 06:53:31.0567 4892 atapi - ok 06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 06:53:31.0613 4892 AtiHdmiService - ok 06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:53:31.0660 4892 AudioEndpointBuilder - ok 06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:53:31.0676 4892 AudioSrv - ok 06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe 06:53:31.0738 4892 AVP - ok 06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:53:31.0801 4892 AxInstSV - ok 06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:53:31.0847 4892 b06bdrv - ok 06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:53:31.0879 4892 b57nd60a - ok 06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 06:53:31.0925 4892 BDESVC - ok 06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 06:53:31.0972 4892 Beep - ok 06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 06:53:32.0035 4892 BFE - ok 06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 06:53:32.0081 4892 BITS - ok 06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:53:32.0097 4892 blbdrive - ok 06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:53:32.0159 4892 bowser - ok 06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:53:32.0191 4892 BrFiltLo - ok 06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:53:32.0206 4892 BrFiltUp - ok 06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 06:53:32.0237 4892 Browser - ok 06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:53:32.0269 4892 Brserid - ok 06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:53:32.0284 4892 BrSerWdm - ok 06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:53:32.0300 4892 BrUsbMdm - ok 06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:53:32.0315 4892 BrUsbSer - ok 06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:53:32.0347 4892 BTHMODEM - ok 06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 06:53:32.0393 4892 bthserv - ok 06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:53:32.0425 4892 cdfs - ok 06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:53:32.0456 4892 cdrom - ok 06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 06:53:32.0487 4892 CertPropSvc - ok 06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:53:32.0518 4892 circlass - ok 06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 06:53:32.0549 4892 CLFS - ok 06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok 06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok 06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok 06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok 06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:53:32.0737 4892 CmBatt - ok 06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:53:32.0752 4892 cmdide - ok 06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 06:53:32.0799 4892 CNG - ok 06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:53:32.0846 4892 Compbatt - ok 06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:53:32.0877 4892 CompositeBus - ok 06:53:32.0877 4892 COMSysApp - ok 06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:53:32.0893 4892 crcdisk - ok 06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:53:32.0955 4892 CryptSvc - ok 06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:53:33.0002 4892 DcomLaunch - ok 06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 06:53:33.0033 4892 defragsvc - ok 06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:53:33.0064 4892 DfsC - ok 06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 06:53:33.0111 4892 Dhcp - ok 06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 06:53:33.0142 4892 discache - ok 06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:53:33.0173 4892 Disk - ok 06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:53:33.0205 4892 Dnscache - ok 06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 06:53:33.0236 4892 dot3svc - ok 06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 06:53:33.0251 4892 DPS - ok 06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:53:33.0298 4892 drmkaud - ok 06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:53:33.0345 4892 DXGKrnl - ok 06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 06:53:33.0361 4892 EapHost - ok 06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:53:33.0470 4892 ebdrv - ok 06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 06:53:33.0517 4892 EFS - ok 06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:53:33.0595 4892 ehRecvr - ok 06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 06:53:33.0610 4892 ehSched - ok 06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:53:33.0641 4892 elxstor - ok 06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:53:33.0688 4892 ErrDev - ok 06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 06:53:33.0719 4892 EventSystem - ok 06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 06:53:33.0751 4892 exfat - ok 06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:53:33.0766 4892 fastfat - ok 06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 06:53:33.0829 4892 Fax - ok 06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:53:33.0844 4892 fdc - ok 06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 06:53:33.0891 4892 fdPHost - ok 06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 06:53:33.0907 4892 FDResPub - ok 06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:53:33.0922 4892 FileInfo - ok 06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:53:33.0938 4892 Filetrace - ok 06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:53:33.0969 4892 flpydisk - ok 06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:53:34.0000 4892 FltMgr - ok 06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 06:53:34.0078 4892 FontCache - ok 06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:53:34.0141 4892 FontCache3.0.0.0 - ok 06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:53:34.0172 4892 FsDepends - ok 06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:53:34.0203 4892 Fs_Rec - ok 06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:53:34.0250 4892 fvevol - ok 06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:53:34.0281 4892 gagp30kx - ok 06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 06:53:34.0328 4892 gpsvc - ok 06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe 06:53:34.0390 4892 Greg_Service - ok 06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:53:34.0406 4892 hcw85cir - ok 06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:53:34.0453 4892 HdAudAddService - ok 06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 06:53:34.0468 4892 HDAudBus - ok 06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:53:34.0468 4892 HidBatt - ok 06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:53:34.0499 4892 HidBth - ok 06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:53:34.0515 4892 HidIr - ok 06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 06:53:34.0531 4892 hidserv - ok 06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:53:34.0593 4892 HidUsb - ok 06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:53:34.0609 4892 hkmsvc - ok 06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:53:34.0640 4892 HomeGroupListener - ok 06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:53:34.0687 4892 HomeGroupProvider - ok 06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:53:34.0718 4892 HpSAMD - ok 06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:53:34.0765 4892 HTTP - ok 06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:53:34.0780 4892 hwpolicy - ok 06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 06:53:34.0827 4892 i8042prt - ok 06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:53:34.0858 4892 iaStor - ok 06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:53:34.0889 4892 iaStorV - ok 06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:53:34.0952 4892 idsvc - ok 06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:53:34.0983 4892 iirsp - ok 06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 06:53:35.0014 4892 IKEEXT - ok 06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 06:53:35.0108 4892 IntcAzAudAddService - ok 06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 06:53:35.0155 4892 intelide - ok 06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:53:35.0186 4892 intelppm - ok 06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:53:35.0217 4892 IPBusEnum - ok 06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:53:35.0248 4892 IpFilterDriver - ok 06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:53:35.0311 4892 iphlpsvc - ok 06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:53:35.0342 4892 IPMIDRV - ok 06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:53:35.0357 4892 IPNAT - ok 06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:53:35.0373 4892 IRENUM - ok 06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:53:35.0389 4892 isapnp - ok 06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:53:35.0420 4892 iScsiPrt - ok 06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:53:35.0451 4892 kbdclass - ok 06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 06:53:35.0482 4892 kbdhid - ok 06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 06:53:35.0513 4892 KeyIso - ok 06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 06:53:35.0560 4892 kl1 - ok 06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 06:53:35.0638 4892 KLIF - ok 06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 06:53:35.0685 4892 KLIM6 - ok 06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 06:53:35.0716 4892 klkbdflt - ok 06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 06:53:35.0732 4892 klmouflt - ok 06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 06:53:35.0747 4892 kltdi - ok 06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys 06:53:35.0763 4892 kneps - ok 06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:53:35.0794 4892 KSecDD - ok 06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:53:35.0810 4892 KSecPkg - ok 06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:53:35.0841 4892 ksthunk - ok 06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 06:53:35.0872 4892 KtmRm - ok 06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:53:35.0903 4892 LanmanServer - ok 06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:53:35.0935 4892 LanmanWorkstation - ok 06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:53:35.0950 4892 lltdio - ok 06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:53:35.0981 4892 lltdsvc - ok 06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:53:35.0997 4892 lmhosts - ok 06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:53:36.0028 4892 LSI_FC - ok 06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:53:36.0044 4892 LSI_SAS - ok 06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:53:36.0059 4892 LSI_SAS2 - ok 06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:53:36.0075 4892 LSI_SCSI - ok 06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 06:53:36.0091 4892 luafv - ok 06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:53:36.0122 4892 Mcx2Svc - ok 06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:53:36.0122 4892 megasas - ok 06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:53:36.0137 4892 MegaSR - ok 06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 06:53:36.0169 4892 MMCSS - ok 06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 06:53:36.0184 4892 Modem - ok 06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:53:36.0200 4892 monitor - ok 06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:53:36.0231 4892 mouclass - ok 06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:53:36.0231 4892 mouhid - ok 06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:53:36.0278 4892 mountmgr - ok 06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 06:53:36.0325 4892 mpio - ok 06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:53:36.0340 4892 mpsdrv - ok 06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:53:36.0371 4892 MpsSvc - ok 06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:53:36.0403 4892 MRxDAV - ok 06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:53:36.0418 4892 mrxsmb - ok 06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:53:36.0449 4892 mrxsmb10 - ok 06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:53:36.0465 4892 mrxsmb20 - ok 06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 06:53:36.0496 4892 msahci - ok 06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:53:36.0512 4892 msdsm - ok 06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 06:53:36.0527 4892 MSDTC - ok 06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:53:36.0543 4892 Msfs - ok 06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:53:36.0559 4892 mshidkmdf - ok 06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:53:36.0590 4892 msisadrv - ok 06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:53:36.0621 4892 MSiSCSI - ok 06:53:36.0621 4892 msiserver - ok 06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:53:36.0652 4892 MSKSSRV - ok 06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:53:36.0668 4892 MSPCLOCK - ok 06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:53:36.0683 4892 MSPQM - ok 06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:53:36.0715 4892 MsRPC - ok 06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:53:36.0730 4892 mssmbios - ok 06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:53:36.0746 4892 MSTEE - ok 06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:53:36.0761 4892 MTConfig - ok 06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 06:53:36.0777 4892 Mup - ok 06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 06:53:36.0808 4892 mwlPSDFilter - ok 06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 06:53:36.0808 4892 mwlPSDNServ - ok 06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 06:53:36.0824 4892 mwlPSDVDisk - ok 06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 06:53:36.0871 4892 MWLService - ok 06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 06:53:36.0902 4892 napagent - ok 06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:53:36.0949 4892 NativeWifiP - ok 06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 06:53:36.0995 4892 NDIS - ok 06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:53:37.0011 4892 NdisCap - ok 06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:53:37.0042 4892 NdisTapi - ok 06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:53:37.0073 4892 Ndisuio - ok 06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:53:37.0105 4892 NdisWan - ok 06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:53:37.0136 4892 NDProxy - ok 06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok 06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:53:37.0245 4892 NetBIOS - ok 06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:53:37.0292 4892 NetBT - ok 06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 06:53:37.0323 4892 Netlogon - ok 06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 06:53:37.0370 4892 Netman - ok 06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0401 4892 NetMsmqActivator - ok 06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0432 4892 NetPipeActivator - ok 06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 06:53:37.0463 4892 netprofm - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpActivator - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpPortSharing - ok 06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:53:37.0510 4892 nfrd960 - ok 06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:53:37.0541 4892 NlaSvc - ok 06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:53:37.0557 4892 Npfs - ok 06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 06:53:37.0557 4892 nsi - ok 06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:53:37.0573 4892 nsiproxy - ok 06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:53:37.0651 4892 Ntfs - ok 06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 06:53:37.0666 4892 Null - ok 06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:53:37.0697 4892 nvraid - ok 06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:53:37.0713 4892 nvstor - ok 06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:53:37.0729 4892 nv_agp - ok 06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:53:37.0760 4892 ohci1394 - ok 06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:53:37.0807 4892 ose - ok 06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 06:53:38.0009 4892 osppsvc - ok 06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0041 4892 p2pimsvc - ok 06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 06:53:38.0072 4892 p2psvc - ok 06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:53:38.0087 4892 Parport - ok 06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:53:38.0119 4892 partmgr - ok 06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 06:53:38.0134 4892 PcaSvc - ok 06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok 06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok 06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok 06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 06:53:38.0306 4892 pci - ok 06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 06:53:38.0321 4892 pciide - ok 06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:53:38.0353 4892 pcmcia - ok 06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 06:53:38.0353 4892 pcw - ok 06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:53:38.0384 4892 PEAUTH - ok 06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:53:38.0446 4892 PerfHost - ok 06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 06:53:38.0493 4892 pla - ok 06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:53:38.0555 4892 PlugPlay - ok 06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:53:38.0587 4892 PNRPAutoReg - ok 06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0602 4892 PNRPsvc - ok 06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:53:38.0633 4892 PolicyAgent - ok 06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 06:53:38.0680 4892 Power - ok 06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:53:38.0727 4892 PptpMiniport - ok 06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:53:38.0758 4892 Processor - ok 06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 06:53:38.0774 4892 ProfSvc - ok 06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 06:53:38.0789 4892 ProtectedStorage - ok 06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:53:38.0836 4892 Psched - ok 06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:53:38.0867 4892 ql2300 - ok 06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:53:38.0899 4892 ql40xx - ok 06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 06:53:38.0914 4892 QWAVE - ok 06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:53:38.0945 4892 QWAVEdrv - ok 06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:53:38.0945 4892 RasAcd - ok 06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:53:38.0977 4892 RasAgileVpn - ok 06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 06:53:39.0008 4892 RasAuto - ok 06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:53:39.0039 4892 Rasl2tp - ok 06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 06:53:39.0070 4892 RasMan - ok 06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:53:39.0086 4892 RasPppoe - ok 06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:53:39.0101 4892 RasSstp - ok 06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:53:39.0133 4892 rdbss - ok 06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:53:39.0148 4892 rdpbus - ok 06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:53:39.0179 4892 RDPCDD - ok 06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:53:39.0195 4892 RDPENCDD - ok 06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:53:39.0195 4892 RDPREFMP - ok 06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 06:53:39.0257 4892 RdpVideoMiniport - ok 06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:53:39.0289 4892 RDPWD - ok 06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:53:39.0320 4892 rdyboost - ok 06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:53:39.0351 4892 RemoteAccess - ok 06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:53:39.0367 4892 RemoteRegistry - ok 06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 06:53:39.0429 4892 RichVideo - ok 06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:53:39.0445 4892 RpcEptMapper - ok 06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 06:53:39.0460 4892 RpcLocator - ok 06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 06:53:39.0507 4892 RpcSs - ok 06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:53:39.0523 4892 rspndr - ok 06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 06:53:39.0554 4892 RTL8167 - ok 06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 06:53:39.0569 4892 SamSs - ok 06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:53:39.0601 4892 sbp2port - ok 06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:53:39.0632 4892 SCardSvr - ok 06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:53:39.0679 4892 scfilter - ok 06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 06:53:39.0710 4892 Schedule - ok 06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 06:53:39.0757 4892 SCPolicySvc - ok 06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:53:39.0772 4892 SDRSVC - ok 06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:53:39.0803 4892 secdrv - ok 06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 06:53:39.0835 4892 seclogon - ok 06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 06:53:39.0866 4892 SENS - ok 06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:53:39.0881 4892 SensrSvc - ok 06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:53:39.0913 4892 Serenum - ok 06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:53:39.0944 4892 Serial - ok 06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:53:39.0975 4892 sermouse - ok 06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 06:53:40.0006 4892 SessionEnv - ok 06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:53:40.0037 4892 sffdisk - ok 06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:53:40.0053 4892 sffp_mmc - ok 06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:53:40.0069 4892 sffp_sd - ok 06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:53:40.0084 4892 sfloppy - ok 06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:53:40.0115 4892 SharedAccess - ok 06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:53:40.0147 4892 ShellHWDetection - ok 06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:53:40.0162 4892 SiSRaid2 - ok 06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:53:40.0178 4892 SiSRaid4 - ok 06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:53:40.0240 4892 SkypeUpdate - ok 06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:53:40.0256 4892 Smb - ok 06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:53:40.0303 4892 SNMPTRAP - ok 06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 06:53:40.0318 4892 spldr - ok 06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 06:53:40.0349 4892 Spooler - ok 06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 06:53:40.0474 4892 sppsvc - ok 06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:53:40.0490 4892 sppuinotify - ok 06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 06:53:40.0521 4892 srv - ok 06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:53:40.0552 4892 srv2 - ok 06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:53:40.0568 4892 srvnet - ok 06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:53:40.0599 4892 SSDPSRV - ok 06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:53:40.0630 4892 SstpSvc - ok 06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:53:40.0646 4892 stexstor - ok 06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 06:53:40.0661 4892 StillCam - ok 06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 06:53:40.0708 4892 stisvc - ok 06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 06:53:40.0739 4892 swenum - ok 06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 06:53:40.0755 4892 swprv - ok 06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 06:53:40.0833 4892 SysMain - ok 06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:53:40.0864 4892 TabletInputService - ok 06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 06:53:40.0895 4892 TapiSrv - ok 06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 06:53:40.0911 4892 TBS - ok 06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:53:41.0005 4892 Tcpip - ok 06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:53:41.0051 4892 TCPIP6 - ok 06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:53:41.0098 4892 tcpipreg - ok 06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:53:41.0114 4892 TDPIPE - ok 06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:53:41.0145 4892 TDTCP - ok 06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:53:41.0161 4892 tdx - ok 06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 06:53:41.0192 4892 TermDD - ok 06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 06:53:41.0223 4892 TermService - ok 06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 06:53:41.0239 4892 Themes - ok 06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 06:53:41.0270 4892 THREADORDER - ok 06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 06:53:41.0285 4892 TrkWks - ok 06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:53:41.0317 4892 TrustedInstaller - ok 06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:53:41.0348 4892 tssecsrv - ok 06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:53:41.0363 4892 TsUsbFlt - ok 06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:53:41.0410 4892 tunnel - ok 06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:53:41.0426 4892 uagp35 - ok 06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:53:41.0457 4892 udfs - ok 06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:53:41.0473 4892 UI0Detect - ok 06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:53:41.0488 4892 uliagpkx - ok 06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 06:53:41.0519 4892 umbus - ok 06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:53:41.0551 4892 UmPass - ok 06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:53:41.0582 4892 Updater Service - ok 06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 06:53:41.0597 4892 upnphost - ok 06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 06:53:41.0629 4892 usbccgp - ok 06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:53:41.0644 4892 usbcir - ok 06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 06:53:41.0675 4892 usbehci - ok 06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:53:41.0691 4892 usbhub - ok 06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:53:41.0722 4892 usbohci - ok 06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:53:41.0738 4892 usbprint - ok 06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe 06:53:41.0816 4892 USBS3S4Detection - ok 06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:53:41.0816 4892 USBSTOR - ok 06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:53:41.0847 4892 usbuhci - ok 06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 06:53:41.0863 4892 UxSms - ok 06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 06:53:41.0878 4892 VaultSvc - ok 06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:53:41.0878 4892 vdrvroot - ok 06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 06:53:41.0925 4892 vds - ok 06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:53:41.0941 4892 vga - ok 06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 06:53:41.0956 4892 VgaSave - ok 06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 06:53:41.0987 4892 vhdmp - ok 06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 06:53:42.0003 4892 viaide - ok 06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:53:42.0019 4892 volmgr - ok 06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:53:42.0050 4892 volmgrx - ok 06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:53:42.0065 4892 volsnap - ok 06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:53:42.0081 4892 vsmraid - ok 06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 06:53:42.0143 4892 VSS - ok 06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 06:53:42.0159 4892 vwifibus - ok 06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 06:53:42.0190 4892 W32Time - ok 06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:53:42.0206 4892 WacomPen - ok 06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0221 4892 WANARP - ok 06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0237 4892 Wanarpv6 - ok 06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 06:53:42.0299 4892 wbengine - ok 06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:53:42.0315 4892 WbioSrvc - ok 06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:53:42.0346 4892 wcncsvc - ok 06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:53:42.0362 4892 WcsPlugInService - ok 06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:53:42.0377 4892 Wd - ok 06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:53:42.0409 4892 Wdf01000 - ok 06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:53:42.0424 4892 WdiServiceHost - ok 06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:53:42.0440 4892 WdiSystemHost - ok 06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 06:53:42.0471 4892 WebClient - ok 06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:53:42.0487 4892 Wecsvc - ok 06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:53:42.0487 4892 wercplsupport - ok 06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 06:53:42.0502 4892 WerSvc - ok 06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:53:42.0518 4892 WfpLwf - ok 06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:53:42.0533 4892 WIMMount - ok 06:53:42.0549 4892 WinDefend - ok 06:53:42.0549 4892 WinHttpAutoProxySvc - ok 06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:53:42.0596 4892 Winmgmt - ok 06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 06:53:42.0674 4892 WinRM - ok 06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 06:53:42.0721 4892 WinUsb - ok 06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 06:53:42.0736 4892 Wlansvc - ok 06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:53:42.0767 4892 WmiAcpi - ok 06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:53:42.0783 4892 wmiApSrv - ok 06:53:42.0799 4892 WMPNetworkSvc - ok 06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:53:42.0814 4892 WPCSvc - ok 06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:53:42.0845 4892 WPDBusEnum - ok 06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:53:42.0861 4892 ws2ifsl - ok 06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 06:53:42.0877 4892 wscsvc - ok 06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 06:53:42.0892 4892 WSDPrintDevice - ok 06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 06:53:42.0939 4892 WSDScan - ok 06:53:42.0939 4892 WSearch - ok 06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 06:53:43.0033 4892 wuauserv - ok 06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:53:43.0064 4892 WudfPf - ok 06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:53:43.0095 4892 WUDFRd - ok 06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:53:43.0111 4892 wudfsvc - ok 06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 06:53:43.0126 4892 WwanSvc - ok 06:53:43.0142 4892 ================ Scan global =============================== 06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 06:53:43.0220 4892 [Global] - ok 06:53:43.0220 4892 ================ Scan MBR ================================== 06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok 06:53:43.0438 4892 ================ Scan VBR ================================== 06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1 06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok 06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2 06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok 06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3 06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok 06:53:43.0469 4892 ============================================================ 06:53:43.0469 4892 Scan finished 06:53:43.0469 4892 ============================================================ 06:53:43.0485 3028 Detected object count: 0 06:53:43.0485 3028 Actual detected object count: 0 06:53:48.0680 1720 Deinitialize success |
|
03.05.2013, 09:11
| #10 |
| | Trojaner MitB PC3 # TDDS Log-File 06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 06:53:19.0820 3888 ============================================================ 06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820 06:53:19.0820 3888 SystemInfo: 06:53:19.0820 3888 06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0 06:53:19.0820 3888 Product type: Workstation 06:53:19.0820 3888 ComputerName: *****-PC 06:53:19.0820 3888 UserName: ***** 06:53:19.0820 3888 Windows directory: C:\Windows 06:53:19.0820 3888 System windows directory: C:\Windows 06:53:19.0820 3888 Running under WOW64 06:53:19.0820 3888 Processor architecture: Intel x64 06:53:19.0820 3888 Number of processors: 4 06:53:19.0820 3888 Page size: 0x1000 06:53:19.0820 3888 Boot type: Normal boot 06:53:19.0820 3888 ============================================================ 06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 06:53:20.0194 3888 ============================================================ 06:53:20.0194 3888 \Device\Harddisk0\DR0: 06:53:20.0194 3888 MBR partitions: 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000 06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0 06:53:20.0194 3888 ============================================================ 06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2 06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3 06:53:20.0256 3888 ============================================================ 06:53:20.0256 3888 Initialize success 06:53:20.0256 3888 ============================================================ 06:53:29.0523 4892 ============================================================ 06:53:29.0523 4892 Scan started 06:53:29.0523 4892 Mode: Manual; 06:53:29.0523 4892 ============================================================ 06:53:30.0069 4892 ================ Scan system memory ======================== 06:53:30.0069 4892 System memory - ok 06:53:30.0069 4892 ================ Scan services ============================= 06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 06:53:30.0209 4892 1394ohci - ok 06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys 06:53:30.0240 4892 67900841 - ok 06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys 06:53:30.0256 4892 67900842 - ok 06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 06:53:30.0287 4892 ACPI - ok 06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 06:53:30.0318 4892 AcpiPmi - ok 06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 06:53:30.0412 4892 AdobeARMservice - ok 06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 06:53:30.0459 4892 adp94xx - ok 06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 06:53:30.0474 4892 adpahci - ok 06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 06:53:30.0521 4892 adpu320 - ok 06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 06:53:30.0537 4892 AeLookupSvc - ok 06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 06:53:30.0599 4892 AFD - ok 06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 06:53:30.0646 4892 agp440 - ok 06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 06:53:30.0677 4892 ALG - ok 06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 06:53:30.0708 4892 aliide - ok 06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 06:53:30.0755 4892 AMD External Events Utility - ok 06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 06:53:30.0786 4892 amdide - ok 06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 06:53:30.0818 4892 AmdK8 - ok 06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys 06:53:31.0020 4892 amdkmdag - ok 06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 06:53:31.0052 4892 amdkmdap - ok 06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 06:53:31.0083 4892 AmdPPM - ok 06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 06:53:31.0130 4892 amdsata - ok 06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 06:53:31.0177 4892 amdsbs - ok 06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 06:53:31.0208 4892 amdxata - ok 06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 06:53:31.0239 4892 AppID - ok 06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 06:53:31.0270 4892 AppIDSvc - ok 06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll 06:53:31.0333 4892 Appinfo - ok 06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 06:53:31.0364 4892 arc - ok 06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 06:53:31.0395 4892 arcsas - ok 06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 06:53:31.0504 4892 aspnet_state - ok 06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 06:53:31.0520 4892 AsyncMac - ok 06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 06:53:31.0567 4892 atapi - ok 06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 06:53:31.0613 4892 AtiHdmiService - ok 06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 06:53:31.0660 4892 AudioEndpointBuilder - ok 06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 06:53:31.0676 4892 AudioSrv - ok 06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe 06:53:31.0738 4892 AVP - ok 06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 06:53:31.0801 4892 AxInstSV - ok 06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 06:53:31.0847 4892 b06bdrv - ok 06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 06:53:31.0879 4892 b57nd60a - ok 06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 06:53:31.0925 4892 BDESVC - ok 06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 06:53:31.0972 4892 Beep - ok 06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 06:53:32.0035 4892 BFE - ok 06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 06:53:32.0081 4892 BITS - ok 06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 06:53:32.0097 4892 blbdrive - ok 06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 06:53:32.0159 4892 bowser - ok 06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 06:53:32.0191 4892 BrFiltLo - ok 06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 06:53:32.0206 4892 BrFiltUp - ok 06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 06:53:32.0237 4892 Browser - ok 06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 06:53:32.0269 4892 Brserid - ok 06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 06:53:32.0284 4892 BrSerWdm - ok 06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 06:53:32.0300 4892 BrUsbMdm - ok 06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 06:53:32.0315 4892 BrUsbSer - ok 06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 06:53:32.0347 4892 BTHMODEM - ok 06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 06:53:32.0393 4892 bthserv - ok 06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 06:53:32.0425 4892 cdfs - ok 06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 06:53:32.0456 4892 cdrom - ok 06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 06:53:32.0487 4892 CertPropSvc - ok 06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 06:53:32.0518 4892 circlass - ok 06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 06:53:32.0549 4892 CLFS - ok 06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok 06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok 06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok 06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok 06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 06:53:32.0737 4892 CmBatt - ok 06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 06:53:32.0752 4892 cmdide - ok 06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 06:53:32.0799 4892 CNG - ok 06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 06:53:32.0846 4892 Compbatt - ok 06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 06:53:32.0877 4892 CompositeBus - ok 06:53:32.0877 4892 COMSysApp - ok 06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 06:53:32.0893 4892 crcdisk - ok 06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll 06:53:32.0955 4892 CryptSvc - ok 06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 06:53:33.0002 4892 DcomLaunch - ok 06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 06:53:33.0033 4892 defragsvc - ok 06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 06:53:33.0064 4892 DfsC - ok 06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 06:53:33.0111 4892 Dhcp - ok 06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 06:53:33.0142 4892 discache - ok 06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 06:53:33.0173 4892 Disk - ok 06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 06:53:33.0205 4892 Dnscache - ok 06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 06:53:33.0236 4892 dot3svc - ok 06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 06:53:33.0251 4892 DPS - ok 06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 06:53:33.0298 4892 drmkaud - ok 06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 06:53:33.0345 4892 DXGKrnl - ok 06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 06:53:33.0361 4892 EapHost - ok 06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 06:53:33.0470 4892 ebdrv - ok 06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 06:53:33.0517 4892 EFS - ok 06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 06:53:33.0595 4892 ehRecvr - ok 06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 06:53:33.0610 4892 ehSched - ok 06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 06:53:33.0641 4892 elxstor - ok 06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 06:53:33.0688 4892 ErrDev - ok 06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 06:53:33.0719 4892 EventSystem - ok 06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 06:53:33.0751 4892 exfat - ok 06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 06:53:33.0766 4892 fastfat - ok 06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 06:53:33.0829 4892 Fax - ok 06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 06:53:33.0844 4892 fdc - ok 06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 06:53:33.0891 4892 fdPHost - ok 06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 06:53:33.0907 4892 FDResPub - ok 06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 06:53:33.0922 4892 FileInfo - ok 06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 06:53:33.0938 4892 Filetrace - ok 06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 06:53:33.0969 4892 flpydisk - ok 06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 06:53:34.0000 4892 FltMgr - ok 06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 06:53:34.0078 4892 FontCache - ok 06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 06:53:34.0141 4892 FontCache3.0.0.0 - ok 06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 06:53:34.0172 4892 FsDepends - ok 06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 06:53:34.0203 4892 Fs_Rec - ok 06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 06:53:34.0250 4892 fvevol - ok 06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 06:53:34.0281 4892 gagp30kx - ok 06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 06:53:34.0328 4892 gpsvc - ok 06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe 06:53:34.0390 4892 Greg_Service - ok 06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 06:53:34.0406 4892 hcw85cir - ok 06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 06:53:34.0453 4892 HdAudAddService - ok 06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 06:53:34.0468 4892 HDAudBus - ok 06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 06:53:34.0468 4892 HidBatt - ok 06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 06:53:34.0499 4892 HidBth - ok 06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 06:53:34.0515 4892 HidIr - ok 06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 06:53:34.0531 4892 hidserv - ok 06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys 06:53:34.0593 4892 HidUsb - ok 06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 06:53:34.0609 4892 hkmsvc - ok 06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 06:53:34.0640 4892 HomeGroupListener - ok 06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 06:53:34.0687 4892 HomeGroupProvider - ok 06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 06:53:34.0718 4892 HpSAMD - ok 06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 06:53:34.0765 4892 HTTP - ok 06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 06:53:34.0780 4892 hwpolicy - ok 06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 06:53:34.0827 4892 i8042prt - ok 06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 06:53:34.0858 4892 iaStor - ok 06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 06:53:34.0889 4892 iaStorV - ok 06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 06:53:34.0952 4892 idsvc - ok 06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 06:53:34.0983 4892 iirsp - ok 06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 06:53:35.0014 4892 IKEEXT - ok 06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 06:53:35.0108 4892 IntcAzAudAddService - ok 06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 06:53:35.0155 4892 intelide - ok 06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 06:53:35.0186 4892 intelppm - ok 06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 06:53:35.0217 4892 IPBusEnum - ok 06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 06:53:35.0248 4892 IpFilterDriver - ok 06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 06:53:35.0311 4892 iphlpsvc - ok 06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 06:53:35.0342 4892 IPMIDRV - ok 06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 06:53:35.0357 4892 IPNAT - ok 06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 06:53:35.0373 4892 IRENUM - ok 06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 06:53:35.0389 4892 isapnp - ok 06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 06:53:35.0420 4892 iScsiPrt - ok 06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 06:53:35.0451 4892 kbdclass - ok 06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 06:53:35.0482 4892 kbdhid - ok 06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 06:53:35.0513 4892 KeyIso - ok 06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 06:53:35.0560 4892 kl1 - ok 06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys 06:53:35.0638 4892 KLIF - ok 06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 06:53:35.0685 4892 KLIM6 - ok 06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 06:53:35.0716 4892 klkbdflt - ok 06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 06:53:35.0732 4892 klmouflt - ok 06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 06:53:35.0747 4892 kltdi - ok 06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys 06:53:35.0763 4892 kneps - ok 06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 06:53:35.0794 4892 KSecDD - ok 06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 06:53:35.0810 4892 KSecPkg - ok 06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 06:53:35.0841 4892 ksthunk - ok 06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 06:53:35.0872 4892 KtmRm - ok 06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 06:53:35.0903 4892 LanmanServer - ok 06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 06:53:35.0935 4892 LanmanWorkstation - ok 06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 06:53:35.0950 4892 lltdio - ok 06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 06:53:35.0981 4892 lltdsvc - ok 06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 06:53:35.0997 4892 lmhosts - ok 06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 06:53:36.0028 4892 LSI_FC - ok 06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 06:53:36.0044 4892 LSI_SAS - ok 06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 06:53:36.0059 4892 LSI_SAS2 - ok 06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 06:53:36.0075 4892 LSI_SCSI - ok 06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 06:53:36.0091 4892 luafv - ok 06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 06:53:36.0122 4892 Mcx2Svc - ok 06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 06:53:36.0122 4892 megasas - ok 06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 06:53:36.0137 4892 MegaSR - ok 06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 06:53:36.0169 4892 MMCSS - ok 06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 06:53:36.0184 4892 Modem - ok 06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 06:53:36.0200 4892 monitor - ok 06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 06:53:36.0231 4892 mouclass - ok 06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 06:53:36.0231 4892 mouhid - ok 06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 06:53:36.0278 4892 mountmgr - ok 06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 06:53:36.0325 4892 mpio - ok 06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 06:53:36.0340 4892 mpsdrv - ok 06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 06:53:36.0371 4892 MpsSvc - ok 06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 06:53:36.0403 4892 MRxDAV - ok 06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 06:53:36.0418 4892 mrxsmb - ok 06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 06:53:36.0449 4892 mrxsmb10 - ok 06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 06:53:36.0465 4892 mrxsmb20 - ok 06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 06:53:36.0496 4892 msahci - ok 06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 06:53:36.0512 4892 msdsm - ok 06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 06:53:36.0527 4892 MSDTC - ok 06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 06:53:36.0543 4892 Msfs - ok 06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 06:53:36.0559 4892 mshidkmdf - ok 06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 06:53:36.0590 4892 msisadrv - ok 06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 06:53:36.0621 4892 MSiSCSI - ok 06:53:36.0621 4892 msiserver - ok 06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 06:53:36.0652 4892 MSKSSRV - ok 06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 06:53:36.0668 4892 MSPCLOCK - ok 06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 06:53:36.0683 4892 MSPQM - ok 06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 06:53:36.0715 4892 MsRPC - ok 06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 06:53:36.0730 4892 mssmbios - ok 06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 06:53:36.0746 4892 MSTEE - ok 06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 06:53:36.0761 4892 MTConfig - ok 06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 06:53:36.0777 4892 Mup - ok 06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys 06:53:36.0808 4892 mwlPSDFilter - ok 06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys 06:53:36.0808 4892 mwlPSDNServ - ok 06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys 06:53:36.0824 4892 mwlPSDVDisk - ok 06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe 06:53:36.0871 4892 MWLService - ok 06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 06:53:36.0902 4892 napagent - ok 06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 06:53:36.0949 4892 NativeWifiP - ok 06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 06:53:36.0995 4892 NDIS - ok 06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 06:53:37.0011 4892 NdisCap - ok 06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 06:53:37.0042 4892 NdisTapi - ok 06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 06:53:37.0073 4892 Ndisuio - ok 06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 06:53:37.0105 4892 NdisWan - ok 06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 06:53:37.0136 4892 NDProxy - ok 06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok 06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 06:53:37.0245 4892 NetBIOS - ok 06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 06:53:37.0292 4892 NetBT - ok 06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 06:53:37.0323 4892 Netlogon - ok 06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 06:53:37.0370 4892 Netman - ok 06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0401 4892 NetMsmqActivator - ok 06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0432 4892 NetPipeActivator - ok 06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 06:53:37.0463 4892 netprofm - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpActivator - ok 06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 06:53:37.0479 4892 NetTcpPortSharing - ok 06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 06:53:37.0510 4892 nfrd960 - ok 06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 06:53:37.0541 4892 NlaSvc - ok 06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 06:53:37.0557 4892 Npfs - ok 06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 06:53:37.0557 4892 nsi - ok 06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 06:53:37.0573 4892 nsiproxy - ok 06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 06:53:37.0651 4892 Ntfs - ok 06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 06:53:37.0666 4892 Null - ok 06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 06:53:37.0697 4892 nvraid - ok 06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 06:53:37.0713 4892 nvstor - ok 06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 06:53:37.0729 4892 nv_agp - ok 06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 06:53:37.0760 4892 ohci1394 - ok 06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 06:53:37.0807 4892 ose - ok 06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 06:53:38.0009 4892 osppsvc - ok 06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0041 4892 p2pimsvc - ok 06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 06:53:38.0072 4892 p2psvc - ok 06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 06:53:38.0087 4892 Parport - ok 06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 06:53:38.0119 4892 partmgr - ok 06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 06:53:38.0134 4892 PcaSvc - ok 06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok 06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok 06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok 06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 06:53:38.0306 4892 pci - ok 06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 06:53:38.0321 4892 pciide - ok 06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 06:53:38.0353 4892 pcmcia - ok 06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 06:53:38.0353 4892 pcw - ok 06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 06:53:38.0384 4892 PEAUTH - ok 06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 06:53:38.0446 4892 PerfHost - ok 06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 06:53:38.0493 4892 pla - ok 06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 06:53:38.0555 4892 PlugPlay - ok 06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 06:53:38.0587 4892 PNRPAutoReg - ok 06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 06:53:38.0602 4892 PNRPsvc - ok 06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 06:53:38.0633 4892 PolicyAgent - ok 06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 06:53:38.0680 4892 Power - ok 06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 06:53:38.0727 4892 PptpMiniport - ok 06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 06:53:38.0758 4892 Processor - ok 06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 06:53:38.0774 4892 ProfSvc - ok 06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 06:53:38.0789 4892 ProtectedStorage - ok 06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 06:53:38.0836 4892 Psched - ok 06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 06:53:38.0867 4892 ql2300 - ok 06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 06:53:38.0899 4892 ql40xx - ok 06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 06:53:38.0914 4892 QWAVE - ok 06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 06:53:38.0945 4892 QWAVEdrv - ok 06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 06:53:38.0945 4892 RasAcd - ok 06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 06:53:38.0977 4892 RasAgileVpn - ok 06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 06:53:39.0008 4892 RasAuto - ok 06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 06:53:39.0039 4892 Rasl2tp - ok 06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 06:53:39.0070 4892 RasMan - ok 06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 06:53:39.0086 4892 RasPppoe - ok 06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 06:53:39.0101 4892 RasSstp - ok 06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 06:53:39.0133 4892 rdbss - ok 06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 06:53:39.0148 4892 rdpbus - ok 06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 06:53:39.0179 4892 RDPCDD - ok 06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 06:53:39.0195 4892 RDPENCDD - ok 06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 06:53:39.0195 4892 RDPREFMP - ok 06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 06:53:39.0257 4892 RdpVideoMiniport - ok 06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 06:53:39.0289 4892 RDPWD - ok 06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 06:53:39.0320 4892 rdyboost - ok 06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 06:53:39.0351 4892 RemoteAccess - ok 06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 06:53:39.0367 4892 RemoteRegistry - ok 06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe 06:53:39.0429 4892 RichVideo - ok 06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 06:53:39.0445 4892 RpcEptMapper - ok 06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 06:53:39.0460 4892 RpcLocator - ok 06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 06:53:39.0507 4892 RpcSs - ok 06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 06:53:39.0523 4892 rspndr - ok 06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 06:53:39.0554 4892 RTL8167 - ok 06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 06:53:39.0569 4892 SamSs - ok 06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 06:53:39.0601 4892 sbp2port - ok 06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 06:53:39.0632 4892 SCardSvr - ok 06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 06:53:39.0679 4892 scfilter - ok 06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 06:53:39.0710 4892 Schedule - ok 06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 06:53:39.0757 4892 SCPolicySvc - ok 06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 06:53:39.0772 4892 SDRSVC - ok 06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 06:53:39.0803 4892 secdrv - ok 06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 06:53:39.0835 4892 seclogon - ok 06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 06:53:39.0866 4892 SENS - ok 06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 06:53:39.0881 4892 SensrSvc - ok 06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 06:53:39.0913 4892 Serenum - ok 06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 06:53:39.0944 4892 Serial - ok 06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 06:53:39.0975 4892 sermouse - ok 06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 06:53:40.0006 4892 SessionEnv - ok 06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 06:53:40.0037 4892 sffdisk - ok 06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 06:53:40.0053 4892 sffp_mmc - ok 06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 06:53:40.0069 4892 sffp_sd - ok 06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 06:53:40.0084 4892 sfloppy - ok 06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 06:53:40.0115 4892 SharedAccess - ok 06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 06:53:40.0147 4892 ShellHWDetection - ok 06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 06:53:40.0162 4892 SiSRaid2 - ok 06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 06:53:40.0178 4892 SiSRaid4 - ok 06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 06:53:40.0240 4892 SkypeUpdate - ok 06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 06:53:40.0256 4892 Smb - ok 06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 06:53:40.0303 4892 SNMPTRAP - ok 06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 06:53:40.0318 4892 spldr - ok 06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 06:53:40.0349 4892 Spooler - ok 06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 06:53:40.0474 4892 sppsvc - ok 06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 06:53:40.0490 4892 sppuinotify - ok 06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 06:53:40.0521 4892 srv - ok 06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 06:53:40.0552 4892 srv2 - ok 06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 06:53:40.0568 4892 srvnet - ok 06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 06:53:40.0599 4892 SSDPSRV - ok 06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 06:53:40.0630 4892 SstpSvc - ok 06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 06:53:40.0646 4892 stexstor - ok 06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 06:53:40.0661 4892 StillCam - ok 06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 06:53:40.0708 4892 stisvc - ok 06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 06:53:40.0739 4892 swenum - ok 06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 06:53:40.0755 4892 swprv - ok 06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 06:53:40.0833 4892 SysMain - ok 06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 06:53:40.0864 4892 TabletInputService - ok 06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 06:53:40.0895 4892 TapiSrv - ok 06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 06:53:40.0911 4892 TBS - ok 06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 06:53:41.0005 4892 Tcpip - ok 06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 06:53:41.0051 4892 TCPIP6 - ok 06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 06:53:41.0098 4892 tcpipreg - ok 06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 06:53:41.0114 4892 TDPIPE - ok 06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 06:53:41.0145 4892 TDTCP - ok 06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 06:53:41.0161 4892 tdx - ok 06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 06:53:41.0192 4892 TermDD - ok 06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 06:53:41.0223 4892 TermService - ok 06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 06:53:41.0239 4892 Themes - ok 06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 06:53:41.0270 4892 THREADORDER - ok 06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 06:53:41.0285 4892 TrkWks - ok 06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 06:53:41.0317 4892 TrustedInstaller - ok 06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 06:53:41.0348 4892 tssecsrv - ok 06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 06:53:41.0363 4892 TsUsbFlt - ok 06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 06:53:41.0410 4892 tunnel - ok 06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 06:53:41.0426 4892 uagp35 - ok 06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 06:53:41.0457 4892 udfs - ok 06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 06:53:41.0473 4892 UI0Detect - ok 06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 06:53:41.0488 4892 uliagpkx - ok 06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 06:53:41.0519 4892 umbus - ok 06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 06:53:41.0551 4892 UmPass - ok 06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe 06:53:41.0582 4892 Updater Service - ok 06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 06:53:41.0597 4892 upnphost - ok 06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys 06:53:41.0629 4892 usbccgp - ok 06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 06:53:41.0644 4892 usbcir - ok 06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 06:53:41.0675 4892 usbehci - ok 06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 06:53:41.0691 4892 usbhub - ok 06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys 06:53:41.0722 4892 usbohci - ok 06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 06:53:41.0738 4892 usbprint - ok 06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe 06:53:41.0816 4892 USBS3S4Detection - ok 06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 06:53:41.0816 4892 USBSTOR - ok 06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 06:53:41.0847 4892 usbuhci - ok 06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 06:53:41.0863 4892 UxSms - ok 06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 06:53:41.0878 4892 VaultSvc - ok 06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 06:53:41.0878 4892 vdrvroot - ok 06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 06:53:41.0925 4892 vds - ok 06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 06:53:41.0941 4892 vga - ok 06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 06:53:41.0956 4892 VgaSave - ok 06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 06:53:41.0987 4892 vhdmp - ok 06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 06:53:42.0003 4892 viaide - ok 06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 06:53:42.0019 4892 volmgr - ok 06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 06:53:42.0050 4892 volmgrx - ok 06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 06:53:42.0065 4892 volsnap - ok 06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 06:53:42.0081 4892 vsmraid - ok 06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 06:53:42.0143 4892 VSS - ok 06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 06:53:42.0159 4892 vwifibus - ok 06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 06:53:42.0190 4892 W32Time - ok 06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 06:53:42.0206 4892 WacomPen - ok 06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0221 4892 WANARP - ok 06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 06:53:42.0237 4892 Wanarpv6 - ok 06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 06:53:42.0299 4892 wbengine - ok 06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 06:53:42.0315 4892 WbioSrvc - ok 06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 06:53:42.0346 4892 wcncsvc - ok 06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 06:53:42.0362 4892 WcsPlugInService - ok 06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 06:53:42.0377 4892 Wd - ok 06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 06:53:42.0409 4892 Wdf01000 - ok 06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 06:53:42.0424 4892 WdiServiceHost - ok 06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 06:53:42.0440 4892 WdiSystemHost - ok 06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 06:53:42.0471 4892 WebClient - ok 06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 06:53:42.0487 4892 Wecsvc - ok 06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 06:53:42.0487 4892 wercplsupport - ok 06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 06:53:42.0502 4892 WerSvc - ok 06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 06:53:42.0518 4892 WfpLwf - ok 06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 06:53:42.0533 4892 WIMMount - ok 06:53:42.0549 4892 WinDefend - ok 06:53:42.0549 4892 WinHttpAutoProxySvc - ok 06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 06:53:42.0596 4892 Winmgmt - ok 06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 06:53:42.0674 4892 WinRM - ok 06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 06:53:42.0721 4892 WinUsb - ok 06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 06:53:42.0736 4892 Wlansvc - ok 06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 06:53:42.0767 4892 WmiAcpi - ok 06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 06:53:42.0783 4892 wmiApSrv - ok 06:53:42.0799 4892 WMPNetworkSvc - ok 06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 06:53:42.0814 4892 WPCSvc - ok 06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 06:53:42.0845 4892 WPDBusEnum - ok 06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 06:53:42.0861 4892 ws2ifsl - ok 06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 06:53:42.0877 4892 wscsvc - ok 06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys 06:53:42.0892 4892 WSDPrintDevice - ok 06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 06:53:42.0939 4892 WSDScan - ok 06:53:42.0939 4892 WSearch - ok 06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 06:53:43.0033 4892 wuauserv - ok 06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 06:53:43.0064 4892 WudfPf - ok 06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 06:53:43.0095 4892 WUDFRd - ok 06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 06:53:43.0111 4892 wudfsvc - ok 06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 06:53:43.0126 4892 WwanSvc - ok 06:53:43.0142 4892 ================ Scan global =============================== 06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 06:53:43.0220 4892 [Global] - ok 06:53:43.0220 4892 ================ Scan MBR ================================== 06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok 06:53:43.0438 4892 ================ Scan VBR ================================== 06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1 06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok 06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2 06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok 06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3 06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok 06:53:43.0469 4892 ============================================================ 06:53:43.0469 4892 Scan finished 06:53:43.0469 4892 ============================================================ 06:53:43.0485 3028 Detected object count: 0 06:53:43.0485 3028 Actual detected object count: 0 06:53:48.0680 1720 Deinitialize success |
|
03.05.2013, 09:23
| #11 |
| /// Malwareteam | Trojaner MitB PC3 versuchs mal mit [CODE][/CODE]
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.05.2013, 09:49
| #12 |
| | Trojaner MitB PC3 /CODE Test So nochmal für Vollhonks: Was muss ich tippen, damit das so aussieht? "" hatte ich schon versucht. Heute morgen hat "#" gereicht. :-S Geändert von daalbock (03.05.2013 um 10:09 Uhr) |
|
03.05.2013, 16:09
| #13 |
| /// Malwareteam | Trojaner MitB PC3 [CODE] Hier steht dein Log... [/CODE] Und das sieht dann so aus: Code:
ATTFilter
Hier steht dein Log...
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
03.05.2013, 17:29
| #14 |
| | Trojaner MitB PC3 # TDDS Log-File Code:
ATTFilter 06:53:19.0679 3888 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
06:53:19.0820 3888 ============================================================
06:53:19.0820 3888 Current date / time: 2013/05/03 06:53:19.0820
06:53:19.0820 3888 SystemInfo:
06:53:19.0820 3888
06:53:19.0820 3888 OS Version: 6.1.7601 ServicePack: 1.0
06:53:19.0820 3888 Product type: Workstation
06:53:19.0820 3888 ComputerName: *****-PC
06:53:19.0820 3888 UserName: *****
06:53:19.0820 3888 Windows directory: C:\Windows
06:53:19.0820 3888 System windows directory: C:\Windows
06:53:19.0820 3888 Running under WOW64
06:53:19.0820 3888 Processor architecture: Intel x64
06:53:19.0820 3888 Number of processors: 4
06:53:19.0820 3888 Page size: 0x1000
06:53:19.0820 3888 Boot type: Normal boot
06:53:19.0820 3888 ============================================================
06:53:20.0178 3888 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:53:20.0194 3888 ============================================================
06:53:20.0194 3888 \Device\Harddisk0\DR0:
06:53:20.0194 3888 MBR partitions:
06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BD000
06:53:20.0194 3888 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B147800, BlocksNum 0x395BEDB0
06:53:20.0194 3888 ============================================================
06:53:20.0210 3888 C: <-> \Device\Harddisk0\DR0\Partition2
06:53:20.0256 3888 D: <-> \Device\Harddisk0\DR0\Partition3
06:53:20.0256 3888 ============================================================
06:53:20.0256 3888 Initialize success
06:53:20.0256 3888 ============================================================
06:53:29.0523 4892 ============================================================
06:53:29.0523 4892 Scan started
06:53:29.0523 4892 Mode: Manual;
06:53:29.0523 4892 ============================================================
06:53:30.0069 4892 ================ Scan system memory ========================
06:53:30.0069 4892 System memory - ok
06:53:30.0069 4892 ================ Scan services =============================
06:53:30.0209 4892 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:53:30.0209 4892 1394ohci - ok
06:53:30.0240 4892 [ 6C5461EEB3FFA1B1DCF9A07F8C3B3AFE ] 67900841 C:\Windows\system32\DRIVERS\67900841.sys
06:53:30.0240 4892 67900841 - ok
06:53:30.0256 4892 [ 3EC7DFDA521B4FB22CE9F76DF15DB099 ] 67900842 C:\Windows\system32\DRIVERS\67900842.sys
06:53:30.0256 4892 67900842 - ok
06:53:30.0287 4892 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:53:30.0287 4892 ACPI - ok
06:53:30.0318 4892 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:53:30.0318 4892 AcpiPmi - ok
06:53:30.0412 4892 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:53:30.0412 4892 AdobeARMservice - ok
06:53:30.0443 4892 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
06:53:30.0459 4892 adp94xx - ok
06:53:30.0474 4892 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
06:53:30.0474 4892 adpahci - ok
06:53:30.0521 4892 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
06:53:30.0521 4892 adpu320 - ok
06:53:30.0537 4892 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:53:30.0537 4892 AeLookupSvc - ok
06:53:30.0599 4892 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:53:30.0599 4892 AFD - ok
06:53:30.0646 4892 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:53:30.0646 4892 agp440 - ok
06:53:30.0677 4892 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:53:30.0677 4892 ALG - ok
06:53:30.0708 4892 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:53:30.0708 4892 aliide - ok
06:53:30.0755 4892 [ 6A17A31AF7D85435566970BC97F8385E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:53:30.0755 4892 AMD External Events Utility - ok
06:53:30.0786 4892 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:53:30.0786 4892 amdide - ok
06:53:30.0818 4892 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
06:53:30.0818 4892 AmdK8 - ok
06:53:30.0927 4892 [ 4B24B270904A9C11E6433F89C06C07D9 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
06:53:31.0020 4892 amdkmdag - ok
06:53:31.0052 4892 [ DF0236C8EB72CF2698C9E74702D3E127 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
06:53:31.0052 4892 amdkmdap - ok
06:53:31.0083 4892 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:53:31.0083 4892 AmdPPM - ok
06:53:31.0130 4892 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:53:31.0130 4892 amdsata - ok
06:53:31.0177 4892 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
06:53:31.0177 4892 amdsbs - ok
06:53:31.0208 4892 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:53:31.0208 4892 amdxata - ok
06:53:31.0239 4892 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:53:31.0239 4892 AppID - ok
06:53:31.0270 4892 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:53:31.0270 4892 AppIDSvc - ok
06:53:31.0333 4892 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:53:31.0333 4892 Appinfo - ok
06:53:31.0364 4892 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
06:53:31.0364 4892 arc - ok
06:53:31.0395 4892 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
06:53:31.0395 4892 arcsas - ok
06:53:31.0504 4892 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:53:31.0504 4892 aspnet_state - ok
06:53:31.0520 4892 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:53:31.0520 4892 AsyncMac - ok
06:53:31.0567 4892 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:53:31.0567 4892 atapi - ok
06:53:31.0613 4892 [ 77C149E6D702737B2E372DEE166FAEF8 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
06:53:31.0613 4892 AtiHdmiService - ok
06:53:31.0660 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:53:31.0660 4892 AudioEndpointBuilder - ok
06:53:31.0676 4892 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:53:31.0676 4892 AudioSrv - ok
06:53:31.0723 4892 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
06:53:31.0738 4892 AVP - ok
06:53:31.0785 4892 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:53:31.0801 4892 AxInstSV - ok
06:53:31.0832 4892 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
06:53:31.0847 4892 b06bdrv - ok
06:53:31.0879 4892 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:53:31.0879 4892 b57nd60a - ok
06:53:31.0910 4892 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:53:31.0925 4892 BDESVC - ok
06:53:31.0972 4892 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:53:31.0972 4892 Beep - ok
06:53:32.0019 4892 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:53:32.0035 4892 BFE - ok
06:53:32.0066 4892 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:53:32.0081 4892 BITS - ok
06:53:32.0097 4892 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
06:53:32.0097 4892 blbdrive - ok
06:53:32.0159 4892 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:53:32.0159 4892 bowser - ok
06:53:32.0191 4892 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
06:53:32.0191 4892 BrFiltLo - ok
06:53:32.0206 4892 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
06:53:32.0206 4892 BrFiltUp - ok
06:53:32.0237 4892 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:53:32.0237 4892 Browser - ok
06:53:32.0269 4892 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:53:32.0269 4892 Brserid - ok
06:53:32.0284 4892 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:53:32.0284 4892 BrSerWdm - ok
06:53:32.0300 4892 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:53:32.0300 4892 BrUsbMdm - ok
06:53:32.0315 4892 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:53:32.0315 4892 BrUsbSer - ok
06:53:32.0347 4892 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
06:53:32.0347 4892 BTHMODEM - ok
06:53:32.0393 4892 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:53:32.0393 4892 bthserv - ok
06:53:32.0409 4892 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:53:32.0425 4892 cdfs - ok
06:53:32.0456 4892 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:53:32.0456 4892 cdrom - ok
06:53:32.0487 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:53:32.0487 4892 CertPropSvc - ok
06:53:32.0518 4892 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
06:53:32.0518 4892 circlass - ok
06:53:32.0549 4892 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:53:32.0549 4892 CLFS - ok
06:53:32.0596 4892 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:53:32.0596 4892 clr_optimization_v2.0.50727_32 - ok
06:53:32.0627 4892 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:53:32.0643 4892 clr_optimization_v2.0.50727_64 - ok
06:53:32.0690 4892 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:53:32.0690 4892 clr_optimization_v4.0.30319_32 - ok
06:53:32.0705 4892 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:53:32.0705 4892 clr_optimization_v4.0.30319_64 - ok
06:53:32.0737 4892 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
06:53:32.0737 4892 CmBatt - ok
06:53:32.0752 4892 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:53:32.0752 4892 cmdide - ok
06:53:32.0799 4892 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
06:53:32.0799 4892 CNG - ok
06:53:32.0846 4892 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
06:53:32.0846 4892 Compbatt - ok
06:53:32.0861 4892 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:53:32.0877 4892 CompositeBus - ok
06:53:32.0877 4892 COMSysApp - ok
06:53:32.0893 4892 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
06:53:32.0893 4892 crcdisk - ok
06:53:32.0955 4892 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:53:32.0955 4892 CryptSvc - ok
06:53:33.0002 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:53:33.0002 4892 DcomLaunch - ok
06:53:33.0033 4892 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:53:33.0033 4892 defragsvc - ok
06:53:33.0064 4892 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:53:33.0064 4892 DfsC - ok
06:53:33.0111 4892 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:53:33.0111 4892 Dhcp - ok
06:53:33.0142 4892 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:53:33.0142 4892 discache - ok
06:53:33.0173 4892 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
06:53:33.0173 4892 Disk - ok
06:53:33.0205 4892 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:53:33.0205 4892 Dnscache - ok
06:53:33.0236 4892 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:53:33.0236 4892 dot3svc - ok
06:53:33.0251 4892 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:53:33.0251 4892 DPS - ok
06:53:33.0283 4892 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:53:33.0298 4892 drmkaud - ok
06:53:33.0329 4892 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:53:33.0345 4892 DXGKrnl - ok
06:53:33.0361 4892 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:53:33.0361 4892 EapHost - ok
06:53:33.0439 4892 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
06:53:33.0470 4892 ebdrv - ok
06:53:33.0517 4892 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:53:33.0517 4892 EFS - ok
06:53:33.0579 4892 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:53:33.0595 4892 ehRecvr - ok
06:53:33.0610 4892 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:53:33.0610 4892 ehSched - ok
06:53:33.0641 4892 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
06:53:33.0641 4892 elxstor - ok
06:53:33.0673 4892 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:53:33.0688 4892 ErrDev - ok
06:53:33.0719 4892 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:53:33.0719 4892 EventSystem - ok
06:53:33.0751 4892 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:53:33.0751 4892 exfat - ok
06:53:33.0766 4892 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:53:33.0766 4892 fastfat - ok
06:53:33.0813 4892 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:53:33.0829 4892 Fax - ok
06:53:33.0844 4892 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
06:53:33.0844 4892 fdc - ok
06:53:33.0891 4892 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:53:33.0891 4892 fdPHost - ok
06:53:33.0907 4892 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:53:33.0907 4892 FDResPub - ok
06:53:33.0922 4892 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:53:33.0922 4892 FileInfo - ok
06:53:33.0938 4892 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:53:33.0938 4892 Filetrace - ok
06:53:33.0969 4892 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
06:53:33.0969 4892 flpydisk - ok
06:53:34.0000 4892 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:53:34.0000 4892 FltMgr - ok
06:53:34.0063 4892 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
06:53:34.0078 4892 FontCache - ok
06:53:34.0141 4892 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:53:34.0141 4892 FontCache3.0.0.0 - ok
06:53:34.0156 4892 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:53:34.0172 4892 FsDepends - ok
06:53:34.0203 4892 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
06:53:34.0203 4892 Fs_Rec - ok
06:53:34.0250 4892 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
06:53:34.0250 4892 fvevol - ok
06:53:34.0281 4892 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
06:53:34.0281 4892 gagp30kx - ok
06:53:34.0328 4892 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
06:53:34.0328 4892 gpsvc - ok
06:53:34.0390 4892 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
06:53:34.0390 4892 Greg_Service - ok
06:53:34.0406 4892 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
06:53:34.0406 4892 hcw85cir - ok
06:53:34.0437 4892 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
06:53:34.0453 4892 HdAudAddService - ok
06:53:34.0468 4892 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
06:53:34.0468 4892 HDAudBus - ok
06:53:34.0468 4892 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
06:53:34.0468 4892 HidBatt - ok
06:53:34.0499 4892 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
06:53:34.0499 4892 HidBth - ok
06:53:34.0515 4892 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
06:53:34.0515 4892 HidIr - ok
06:53:34.0531 4892 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
06:53:34.0531 4892 hidserv - ok
06:53:34.0577 4892 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
06:53:34.0593 4892 HidUsb - ok
06:53:34.0609 4892 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
06:53:34.0609 4892 hkmsvc - ok
06:53:34.0640 4892 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
06:53:34.0640 4892 HomeGroupListener - ok
06:53:34.0687 4892 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
06:53:34.0687 4892 HomeGroupProvider - ok
06:53:34.0718 4892 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
06:53:34.0718 4892 HpSAMD - ok
06:53:34.0765 4892 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
06:53:34.0765 4892 HTTP - ok
06:53:34.0780 4892 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
06:53:34.0780 4892 hwpolicy - ok
06:53:34.0827 4892 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
06:53:34.0827 4892 i8042prt - ok
06:53:34.0858 4892 [ BF5442DC14608D18949DC83DE37E667A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
06:53:34.0858 4892 iaStor - ok
06:53:34.0889 4892 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
06:53:34.0889 4892 iaStorV - ok
06:53:34.0952 4892 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:53:34.0952 4892 idsvc - ok
06:53:34.0983 4892 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
06:53:34.0983 4892 iirsp - ok
06:53:35.0014 4892 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
06:53:35.0014 4892 IKEEXT - ok
06:53:35.0092 4892 [ 6FECEB88CBB6E761E9194F5711F02102 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
06:53:35.0108 4892 IntcAzAudAddService - ok
06:53:35.0155 4892 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
06:53:35.0155 4892 intelide - ok
06:53:35.0186 4892 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
06:53:35.0186 4892 intelppm - ok
06:53:35.0217 4892 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
06:53:35.0217 4892 IPBusEnum - ok
06:53:35.0248 4892 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
06:53:35.0248 4892 IpFilterDriver - ok
06:53:35.0311 4892 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
06:53:35.0311 4892 iphlpsvc - ok
06:53:35.0342 4892 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
06:53:35.0342 4892 IPMIDRV - ok
06:53:35.0342 4892 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
06:53:35.0357 4892 IPNAT - ok
06:53:35.0373 4892 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
06:53:35.0373 4892 IRENUM - ok
06:53:35.0389 4892 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
06:53:35.0389 4892 isapnp - ok
06:53:35.0404 4892 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
06:53:35.0420 4892 iScsiPrt - ok
06:53:35.0435 4892 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
06:53:35.0451 4892 kbdclass - ok
06:53:35.0482 4892 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
06:53:35.0482 4892 kbdhid - ok
06:53:35.0513 4892 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
06:53:35.0513 4892 KeyIso - ok
06:53:35.0560 4892 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
06:53:35.0560 4892 kl1 - ok
06:53:35.0638 4892 [ 2CBD248370721DCAD632DB70D09C5A6D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
06:53:35.0638 4892 KLIF - ok
06:53:35.0685 4892 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
06:53:35.0685 4892 KLIM6 - ok
06:53:35.0716 4892 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
06:53:35.0716 4892 klkbdflt - ok
06:53:35.0732 4892 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
06:53:35.0732 4892 klmouflt - ok
06:53:35.0747 4892 [ 982974975E679276F0FA39EFA331A268 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
06:53:35.0747 4892 kltdi - ok
06:53:35.0763 4892 [ 1FCB657B581CC4DF17FD6571F93602DE ] kneps C:\Windows\system32\DRIVERS\kneps.sys
06:53:35.0763 4892 kneps - ok
06:53:35.0779 4892 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
06:53:35.0794 4892 KSecDD - ok
06:53:35.0810 4892 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
06:53:35.0810 4892 KSecPkg - ok
06:53:35.0841 4892 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
06:53:35.0841 4892 ksthunk - ok
06:53:35.0857 4892 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
06:53:35.0872 4892 KtmRm - ok
06:53:35.0903 4892 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
06:53:35.0903 4892 LanmanServer - ok
06:53:35.0935 4892 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
06:53:35.0935 4892 LanmanWorkstation - ok
06:53:35.0950 4892 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
06:53:35.0950 4892 lltdio - ok
06:53:35.0966 4892 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
06:53:35.0981 4892 lltdsvc - ok
06:53:35.0997 4892 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
06:53:35.0997 4892 lmhosts - ok
06:53:36.0028 4892 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
06:53:36.0028 4892 LSI_FC - ok
06:53:36.0044 4892 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
06:53:36.0044 4892 LSI_SAS - ok
06:53:36.0059 4892 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
06:53:36.0059 4892 LSI_SAS2 - ok
06:53:36.0059 4892 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
06:53:36.0075 4892 LSI_SCSI - ok
06:53:36.0075 4892 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
06:53:36.0091 4892 luafv - ok
06:53:36.0106 4892 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
06:53:36.0122 4892 Mcx2Svc - ok
06:53:36.0122 4892 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
06:53:36.0122 4892 megasas - ok
06:53:36.0137 4892 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
06:53:36.0137 4892 MegaSR - ok
06:53:36.0169 4892 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
06:53:36.0169 4892 MMCSS - ok
06:53:36.0184 4892 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
06:53:36.0184 4892 Modem - ok
06:53:36.0200 4892 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
06:53:36.0200 4892 monitor - ok
06:53:36.0231 4892 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
06:53:36.0231 4892 mouclass - ok
06:53:36.0231 4892 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
06:53:36.0231 4892 mouhid - ok
06:53:36.0278 4892 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
06:53:36.0278 4892 mountmgr - ok
06:53:36.0309 4892 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
06:53:36.0325 4892 mpio - ok
06:53:36.0340 4892 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
06:53:36.0340 4892 mpsdrv - ok
06:53:36.0371 4892 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
06:53:36.0371 4892 MpsSvc - ok
06:53:36.0403 4892 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
06:53:36.0403 4892 MRxDAV - ok
06:53:36.0418 4892 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
06:53:36.0418 4892 mrxsmb - ok
06:53:36.0449 4892 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
06:53:36.0449 4892 mrxsmb10 - ok
06:53:36.0465 4892 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
06:53:36.0465 4892 mrxsmb20 - ok
06:53:36.0496 4892 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
06:53:36.0496 4892 msahci - ok
06:53:36.0512 4892 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
06:53:36.0512 4892 msdsm - ok
06:53:36.0527 4892 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
06:53:36.0527 4892 MSDTC - ok
06:53:36.0543 4892 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
06:53:36.0543 4892 Msfs - ok
06:53:36.0559 4892 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
06:53:36.0559 4892 mshidkmdf - ok
06:53:36.0590 4892 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
06:53:36.0590 4892 msisadrv - ok
06:53:36.0621 4892 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
06:53:36.0621 4892 MSiSCSI - ok
06:53:36.0621 4892 msiserver - ok
06:53:36.0652 4892 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
06:53:36.0652 4892 MSKSSRV - ok
06:53:36.0668 4892 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
06:53:36.0668 4892 MSPCLOCK - ok
06:53:36.0668 4892 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
06:53:36.0683 4892 MSPQM - ok
06:53:36.0715 4892 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
06:53:36.0715 4892 MsRPC - ok
06:53:36.0715 4892 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
06:53:36.0730 4892 mssmbios - ok
06:53:36.0730 4892 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
06:53:36.0746 4892 MSTEE - ok
06:53:36.0761 4892 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
06:53:36.0761 4892 MTConfig - ok
06:53:36.0777 4892 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
06:53:36.0777 4892 Mup - ok
06:53:36.0808 4892 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
06:53:36.0808 4892 mwlPSDFilter - ok
06:53:36.0808 4892 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
06:53:36.0808 4892 mwlPSDNServ - ok
06:53:36.0824 4892 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
06:53:36.0824 4892 mwlPSDVDisk - ok
06:53:36.0871 4892 [ 22A4905C958BEB68D78385B633C1351B ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
06:53:36.0871 4892 MWLService - ok
06:53:36.0902 4892 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
06:53:36.0902 4892 napagent - ok
06:53:36.0949 4892 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
06:53:36.0949 4892 NativeWifiP - ok
06:53:36.0995 4892 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
06:53:36.0995 4892 NDIS - ok
06:53:37.0011 4892 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
06:53:37.0011 4892 NdisCap - ok
06:53:37.0042 4892 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
06:53:37.0042 4892 NdisTapi - ok
06:53:37.0073 4892 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
06:53:37.0073 4892 Ndisuio - ok
06:53:37.0105 4892 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
06:53:37.0105 4892 NdisWan - ok
06:53:37.0136 4892 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
06:53:37.0136 4892 NDProxy - ok
06:53:37.0198 4892 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
06:53:37.0214 4892 Nero BackItUp Scheduler 4.0 - ok
06:53:37.0245 4892 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
06:53:37.0245 4892 NetBIOS - ok
06:53:37.0292 4892 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
06:53:37.0292 4892 NetBT - ok
06:53:37.0323 4892 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
06:53:37.0323 4892 Netlogon - ok
06:53:37.0370 4892 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
06:53:37.0370 4892 Netman - ok
06:53:37.0401 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:53:37.0401 4892 NetMsmqActivator - ok
06:53:37.0432 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:53:37.0432 4892 NetPipeActivator - ok
06:53:37.0448 4892 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
06:53:37.0463 4892 netprofm - ok
06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:53:37.0479 4892 NetTcpActivator - ok
06:53:37.0479 4892 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:53:37.0479 4892 NetTcpPortSharing - ok
06:53:37.0510 4892 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
06:53:37.0510 4892 nfrd960 - ok
06:53:37.0541 4892 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
06:53:37.0541 4892 NlaSvc - ok
06:53:37.0557 4892 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
06:53:37.0557 4892 Npfs - ok
06:53:37.0557 4892 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
06:53:37.0557 4892 nsi - ok
06:53:37.0573 4892 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
06:53:37.0573 4892 nsiproxy - ok
06:53:37.0635 4892 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
06:53:37.0651 4892 Ntfs - ok
06:53:37.0666 4892 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
06:53:37.0666 4892 Null - ok
06:53:37.0697 4892 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
06:53:37.0697 4892 nvraid - ok
06:53:37.0713 4892 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
06:53:37.0713 4892 nvstor - ok
06:53:37.0713 4892 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
06:53:37.0729 4892 nv_agp - ok
06:53:37.0760 4892 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
06:53:37.0760 4892 ohci1394 - ok
06:53:37.0807 4892 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:53:37.0807 4892 ose - ok
06:53:37.0947 4892 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
06:53:38.0009 4892 osppsvc - ok
06:53:38.0041 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
06:53:38.0041 4892 p2pimsvc - ok
06:53:38.0056 4892 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
06:53:38.0072 4892 p2psvc - ok
06:53:38.0087 4892 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
06:53:38.0087 4892 Parport - ok
06:53:38.0119 4892 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
06:53:38.0119 4892 partmgr - ok
06:53:38.0134 4892 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
06:53:38.0134 4892 PcaSvc - ok
06:53:38.0228 4892 PCDSRVC{6368CD8C-97FEC9AE-06020200}_0 - ok
06:53:38.0259 4892 PCDSRVC{7368CD8C-0AE89CD6-06020200}_0 - ok
06:53:38.0275 4892 PCDSRVC{9368CD8C-134AAD10-06020200}_0 - ok
06:53:38.0290 4892 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
06:53:38.0306 4892 pci - ok
06:53:38.0321 4892 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
06:53:38.0321 4892 pciide - ok
06:53:38.0353 4892 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
06:53:38.0353 4892 pcmcia - ok
06:53:38.0353 4892 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
06:53:38.0353 4892 pcw - ok
06:53:38.0368 4892 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
06:53:38.0384 4892 PEAUTH - ok
06:53:38.0446 4892 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
06:53:38.0446 4892 PerfHost - ok
06:53:38.0493 4892 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
06:53:38.0493 4892 pla - ok
06:53:38.0555 4892 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
06:53:38.0555 4892 PlugPlay - ok
06:53:38.0587 4892 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
06:53:38.0587 4892 PNRPAutoReg - ok
06:53:38.0602 4892 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
06:53:38.0602 4892 PNRPsvc - ok
06:53:38.0633 4892 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
06:53:38.0633 4892 PolicyAgent - ok
06:53:38.0680 4892 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
06:53:38.0680 4892 Power - ok
06:53:38.0727 4892 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
06:53:38.0727 4892 PptpMiniport - ok
06:53:38.0758 4892 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
06:53:38.0758 4892 Processor - ok
06:53:38.0774 4892 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
06:53:38.0774 4892 ProfSvc - ok
06:53:38.0789 4892 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
06:53:38.0789 4892 ProtectedStorage - ok
06:53:38.0836 4892 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
06:53:38.0836 4892 Psched - ok
06:53:38.0867 4892 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
06:53:38.0867 4892 ql2300 - ok
06:53:38.0899 4892 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
06:53:38.0899 4892 ql40xx - ok
06:53:38.0914 4892 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
06:53:38.0914 4892 QWAVE - ok
06:53:38.0945 4892 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
06:53:38.0945 4892 QWAVEdrv - ok
06:53:38.0945 4892 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
06:53:38.0945 4892 RasAcd - ok
06:53:38.0977 4892 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
06:53:38.0977 4892 RasAgileVpn - ok
06:53:38.0992 4892 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
06:53:39.0008 4892 RasAuto - ok
06:53:39.0039 4892 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
06:53:39.0039 4892 Rasl2tp - ok
06:53:39.0070 4892 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
06:53:39.0070 4892 RasMan - ok
06:53:39.0086 4892 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
06:53:39.0086 4892 RasPppoe - ok
06:53:39.0101 4892 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
06:53:39.0101 4892 RasSstp - ok
06:53:39.0133 4892 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
06:53:39.0133 4892 rdbss - ok
06:53:39.0148 4892 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
06:53:39.0148 4892 rdpbus - ok
06:53:39.0179 4892 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
06:53:39.0179 4892 RDPCDD - ok
06:53:39.0195 4892 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
06:53:39.0195 4892 RDPENCDD - ok
06:53:39.0195 4892 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
06:53:39.0195 4892 RDPREFMP - ok
06:53:39.0257 4892 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
06:53:39.0257 4892 RdpVideoMiniport - ok
06:53:39.0289 4892 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
06:53:39.0289 4892 RDPWD - ok
06:53:39.0320 4892 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
06:53:39.0320 4892 rdyboost - ok
06:53:39.0351 4892 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
06:53:39.0351 4892 RemoteAccess - ok
06:53:39.0367 4892 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
06:53:39.0367 4892 RemoteRegistry - ok
06:53:39.0413 4892 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
06:53:39.0429 4892 RichVideo - ok
06:53:39.0445 4892 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
06:53:39.0445 4892 RpcEptMapper - ok
06:53:39.0460 4892 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
06:53:39.0460 4892 RpcLocator - ok
06:53:39.0507 4892 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
06:53:39.0507 4892 RpcSs - ok
06:53:39.0523 4892 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
06:53:39.0523 4892 rspndr - ok
06:53:39.0554 4892 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
06:53:39.0554 4892 RTL8167 - ok
06:53:39.0569 4892 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
06:53:39.0569 4892 SamSs - ok
06:53:39.0601 4892 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
06:53:39.0601 4892 sbp2port - ok
06:53:39.0632 4892 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
06:53:39.0632 4892 SCardSvr - ok
06:53:39.0679 4892 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
06:53:39.0679 4892 scfilter - ok
06:53:39.0710 4892 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
06:53:39.0710 4892 Schedule - ok
06:53:39.0741 4892 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
06:53:39.0757 4892 SCPolicySvc - ok
06:53:39.0772 4892 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
06:53:39.0772 4892 SDRSVC - ok
06:53:39.0803 4892 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
06:53:39.0803 4892 secdrv - ok
06:53:39.0835 4892 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
06:53:39.0835 4892 seclogon - ok
06:53:39.0866 4892 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
06:53:39.0866 4892 SENS - ok
06:53:39.0881 4892 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
06:53:39.0881 4892 SensrSvc - ok
06:53:39.0913 4892 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
06:53:39.0913 4892 Serenum - ok
06:53:39.0944 4892 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
06:53:39.0944 4892 Serial - ok
06:53:39.0975 4892 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
06:53:39.0975 4892 sermouse - ok
06:53:40.0006 4892 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
06:53:40.0006 4892 SessionEnv - ok
06:53:40.0022 4892 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
06:53:40.0037 4892 sffdisk - ok
06:53:40.0053 4892 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
06:53:40.0053 4892 sffp_mmc - ok
06:53:40.0069 4892 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
06:53:40.0069 4892 sffp_sd - ok
06:53:40.0084 4892 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
06:53:40.0084 4892 sfloppy - ok
06:53:40.0115 4892 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
06:53:40.0115 4892 SharedAccess - ok
06:53:40.0147 4892 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
06:53:40.0147 4892 ShellHWDetection - ok
06:53:40.0162 4892 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
06:53:40.0162 4892 SiSRaid2 - ok
06:53:40.0178 4892 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
06:53:40.0178 4892 SiSRaid4 - ok
06:53:40.0240 4892 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
06:53:40.0240 4892 SkypeUpdate - ok
06:53:40.0256 4892 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
06:53:40.0256 4892 Smb - ok
06:53:40.0303 4892 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
06:53:40.0303 4892 SNMPTRAP - ok
06:53:40.0318 4892 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
06:53:40.0318 4892 spldr - ok
06:53:40.0349 4892 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
06:53:40.0349 4892 Spooler - ok
06:53:40.0427 4892 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
06:53:40.0474 4892 sppsvc - ok
06:53:40.0490 4892 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
06:53:40.0490 4892 sppuinotify - ok
06:53:40.0521 4892 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
06:53:40.0521 4892 srv - ok
06:53:40.0552 4892 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
06:53:40.0552 4892 srv2 - ok
06:53:40.0568 4892 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
06:53:40.0568 4892 srvnet - ok
06:53:40.0599 4892 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
06:53:40.0599 4892 SSDPSRV - ok
06:53:40.0615 4892 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
06:53:40.0630 4892 SstpSvc - ok
06:53:40.0646 4892 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
06:53:40.0646 4892 stexstor - ok
06:53:40.0661 4892 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
06:53:40.0661 4892 StillCam - ok
06:53:40.0708 4892 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
06:53:40.0708 4892 stisvc - ok
06:53:40.0739 4892 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
06:53:40.0739 4892 swenum - ok
06:53:40.0755 4892 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
06:53:40.0755 4892 swprv - ok
06:53:40.0802 4892 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
06:53:40.0833 4892 SysMain - ok
06:53:40.0864 4892 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
06:53:40.0864 4892 TabletInputService - ok
06:53:40.0895 4892 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
06:53:40.0895 4892 TapiSrv - ok
06:53:40.0911 4892 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
06:53:40.0911 4892 TBS - ok
06:53:40.0989 4892 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
06:53:41.0005 4892 Tcpip - ok
06:53:41.0051 4892 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
06:53:41.0051 4892 TCPIP6 - ok
06:53:41.0098 4892 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
06:53:41.0098 4892 tcpipreg - ok
06:53:41.0114 4892 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
06:53:41.0114 4892 TDPIPE - ok
06:53:41.0145 4892 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
06:53:41.0145 4892 TDTCP - ok
06:53:41.0161 4892 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
06:53:41.0161 4892 tdx - ok
06:53:41.0176 4892 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
06:53:41.0192 4892 TermDD - ok
06:53:41.0223 4892 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
06:53:41.0223 4892 TermService - ok
06:53:41.0239 4892 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
06:53:41.0239 4892 Themes - ok
06:53:41.0270 4892 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
06:53:41.0270 4892 THREADORDER - ok
06:53:41.0285 4892 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
06:53:41.0285 4892 TrkWks - ok
06:53:41.0317 4892 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
06:53:41.0317 4892 TrustedInstaller - ok
06:53:41.0348 4892 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
06:53:41.0348 4892 tssecsrv - ok
06:53:41.0363 4892 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
06:53:41.0363 4892 TsUsbFlt - ok
06:53:41.0410 4892 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
06:53:41.0410 4892 tunnel - ok
06:53:41.0426 4892 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
06:53:41.0426 4892 uagp35 - ok
06:53:41.0457 4892 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
06:53:41.0457 4892 udfs - ok
06:53:41.0473 4892 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
06:53:41.0473 4892 UI0Detect - ok
06:53:41.0488 4892 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
06:53:41.0488 4892 uliagpkx - ok
06:53:41.0519 4892 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
06:53:41.0519 4892 umbus - ok
06:53:41.0551 4892 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
06:53:41.0551 4892 UmPass - ok
06:53:41.0582 4892 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
06:53:41.0582 4892 Updater Service - ok
06:53:41.0597 4892 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
06:53:41.0597 4892 upnphost - ok
06:53:41.0613 4892 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
06:53:41.0629 4892 usbccgp - ok
06:53:41.0644 4892 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
06:53:41.0644 4892 usbcir - ok
06:53:41.0675 4892 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
06:53:41.0675 4892 usbehci - ok
06:53:41.0691 4892 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
06:53:41.0691 4892 usbhub - ok
06:53:41.0722 4892 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
06:53:41.0722 4892 usbohci - ok
06:53:41.0738 4892 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
06:53:41.0738 4892 usbprint - ok
06:53:41.0816 4892 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
06:53:41.0816 4892 USBS3S4Detection - ok
06:53:41.0816 4892 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
06:53:41.0816 4892 USBSTOR - ok
06:53:41.0831 4892 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
06:53:41.0847 4892 usbuhci - ok
06:53:41.0863 4892 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
06:53:41.0863 4892 UxSms - ok
06:53:41.0878 4892 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
06:53:41.0878 4892 VaultSvc - ok
06:53:41.0878 4892 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
06:53:41.0878 4892 vdrvroot - ok
06:53:41.0925 4892 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
06:53:41.0925 4892 vds - ok
06:53:41.0941 4892 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
06:53:41.0941 4892 vga - ok
06:53:41.0956 4892 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
06:53:41.0956 4892 VgaSave - ok
06:53:41.0972 4892 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
06:53:41.0987 4892 vhdmp - ok
06:53:42.0003 4892 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
06:53:42.0003 4892 viaide - ok
06:53:42.0019 4892 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
06:53:42.0019 4892 volmgr - ok
06:53:42.0050 4892 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
06:53:42.0050 4892 volmgrx - ok
06:53:42.0065 4892 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
06:53:42.0065 4892 volsnap - ok
06:53:42.0081 4892 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
06:53:42.0081 4892 vsmraid - ok
06:53:42.0128 4892 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
06:53:42.0143 4892 VSS - ok
06:53:42.0159 4892 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
06:53:42.0159 4892 vwifibus - ok
06:53:42.0190 4892 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
06:53:42.0190 4892 W32Time - ok
06:53:42.0206 4892 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
06:53:42.0206 4892 WacomPen - ok
06:53:42.0221 4892 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
06:53:42.0221 4892 WANARP - ok
06:53:42.0237 4892 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
06:53:42.0237 4892 Wanarpv6 - ok
06:53:42.0268 4892 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
06:53:42.0299 4892 wbengine - ok
06:53:42.0315 4892 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
06:53:42.0315 4892 WbioSrvc - ok
06:53:42.0346 4892 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
06:53:42.0346 4892 wcncsvc - ok
06:53:42.0362 4892 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
06:53:42.0362 4892 WcsPlugInService - ok
06:53:42.0377 4892 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
06:53:42.0377 4892 Wd - ok
06:53:42.0409 4892 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
06:53:42.0409 4892 Wdf01000 - ok
06:53:42.0424 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
06:53:42.0424 4892 WdiServiceHost - ok
06:53:42.0440 4892 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
06:53:42.0440 4892 WdiSystemHost - ok
06:53:42.0471 4892 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
06:53:42.0471 4892 WebClient - ok
06:53:42.0471 4892 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
06:53:42.0487 4892 Wecsvc - ok
06:53:42.0487 4892 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
06:53:42.0487 4892 wercplsupport - ok
06:53:42.0502 4892 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
06:53:42.0502 4892 WerSvc - ok
06:53:42.0518 4892 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
06:53:42.0518 4892 WfpLwf - ok
06:53:42.0533 4892 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
06:53:42.0533 4892 WIMMount - ok
06:53:42.0549 4892 WinDefend - ok
06:53:42.0549 4892 WinHttpAutoProxySvc - ok
06:53:42.0596 4892 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
06:53:42.0596 4892 Winmgmt - ok
06:53:42.0643 4892 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
06:53:42.0674 4892 WinRM - ok
06:53:42.0705 4892 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
06:53:42.0721 4892 WinUsb - ok
06:53:42.0736 4892 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
06:53:42.0736 4892 Wlansvc - ok
06:53:42.0767 4892 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
06:53:42.0767 4892 WmiAcpi - ok
06:53:42.0783 4892 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
06:53:42.0783 4892 wmiApSrv - ok
06:53:42.0799 4892 WMPNetworkSvc - ok
06:53:42.0814 4892 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
06:53:42.0814 4892 WPCSvc - ok
06:53:42.0845 4892 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
06:53:42.0845 4892 WPDBusEnum - ok
06:53:42.0861 4892 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
06:53:42.0861 4892 ws2ifsl - ok
06:53:42.0861 4892 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
06:53:42.0877 4892 wscsvc - ok
06:53:42.0892 4892 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
06:53:42.0892 4892 WSDPrintDevice - ok
06:53:42.0939 4892 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
06:53:42.0939 4892 WSDScan - ok
06:53:42.0939 4892 WSearch - ok
06:53:42.0986 4892 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
06:53:43.0033 4892 wuauserv - ok
06:53:43.0064 4892 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
06:53:43.0064 4892 WudfPf - ok
06:53:43.0095 4892 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
06:53:43.0095 4892 WUDFRd - ok
06:53:43.0111 4892 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
06:53:43.0111 4892 wudfsvc - ok
06:53:43.0126 4892 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
06:53:43.0126 4892 WwanSvc - ok
06:53:43.0142 4892 ================ Scan global ===============================
06:53:43.0157 4892 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
06:53:43.0173 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
06:53:43.0189 4892 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
06:53:43.0204 4892 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
06:53:43.0220 4892 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
06:53:43.0220 4892 [Global] - ok
06:53:43.0220 4892 ================ Scan MBR ==================================
06:53:43.0235 4892 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:53:43.0438 4892 \Device\Harddisk0\DR0 - ok
06:53:43.0438 4892 ================ Scan VBR ==================================
06:53:43.0438 4892 [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1
06:53:43.0438 4892 \Device\Harddisk0\DR0\Partition1 - ok
06:53:43.0454 4892 [ 93A065B17F3FCBC77761D9F5F2F0A9CB ] \Device\Harddisk0\DR0\Partition2
06:53:43.0454 4892 \Device\Harddisk0\DR0\Partition2 - ok
06:53:43.0469 4892 [ A52FE98259DC4DDEC30E3ACB49E9084E ] \Device\Harddisk0\DR0\Partition3
06:53:43.0469 4892 \Device\Harddisk0\DR0\Partition3 - ok
06:53:43.0469 4892 ============================================================
06:53:43.0469 4892 Scan finished
06:53:43.0469 4892 ============================================================
06:53:43.0485 3028 Detected object count: 0
06:53:43.0485 3028 Actual detected object count: 0
06:53:48.0680 1720 Deinitialize success
Danke für die Hilfe! |
|
04.05.2013, 11:10
| #15 |
| /// Malwareteam | Trojaner MitB PC3 Kann nix erkennen... Sieht ganz gut aus - kontrollieren wir alles nochmal!  Schritt 1: MBAM vollständig Downloade Dir bitte Malwarebytes
Schritt 2: ESET ESET Online Scanner
__________________ Kein Asylrecht für Trojaner! Proud Member of UNITE Hinweis: Ich bin nur werktags erreichbar! Anfragen über PM werden ignoriert! Du bist zufrieden mit uns? Dann unterstütze das Trojaner-Board! |
|
| Themen zu Trojaner MitB PC3 |
| adobe, antivirus, bho, browser, download, ebanking, error, excel, explorer, firefox, format, home, internet security 2013, kaspersky, kaspersky internet security 2013, object, plug-in, programme, realtek, registry, scan, security, senden, svchost.exe, symantec, tastatur, temp, trojaner, windows |
Linear-Darstellung
