| |
| |||||||
Log-Analyse und Auswertung: BKA - Paysafe Virus, Windows 7 gesperrtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.05.2013, 15:15
| #1 |
 |  BKA - Paysafe Virus, Windows 7 gesperrt Hallo, Bei meinem Rechner hat sich heute ein Virus eingeschlichen. Es kam eine Paysave aufforderung von 100€. Nun lässt sich Windows 7 nicht mehr Hochfahren. Bevor ich euch gefunden habe, habe ich eine Systemwiederherstellung durchgeführt. Win 7 fährt wieder danach hoch, aber bin mir sicher, dass der Rechner noch infiziert ist. Habe mir auf meinem Laptop folgende Programme runtergeladen (Frst64, OTL, Defogger und GMER) und habe sie dann via USB-Stick auf Descktop gezogen. Folgende Logfiles sind schon vorhanden und durchgefürt: -FRST.txt -defogger_disable.log -OTL.txt -EXTRAS.txt -Gmer.txt Ich hoffe sehr ihr könnt mir helfen meinen Rechner zu befreien. Ich bedanke mich im Voraaus für eure Mühe und Hilfsberetschaft. LG Houshmand |
|
16.05.2013, 15:19
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | BKA - Paysafe Virus, Windows 7 gesperrt Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
16.05.2013, 15:44
| #3 |
| | BKA - Paysafe Virus, Windows 7 gesperrt Hallo,
__________________vielen Dank für die schnelle Rückmeldung. Malwarebytes ist fündig geworden. Bei allen anderen kann ich nicht erkennen ob eine Infizierung vorliegt. Ich kenne mich leider damit nicht aus. Wenn du es für richtig hälst, schicke ich sie dir. Aber erstmal logfile von Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.16.06 Windows 7 Service Pack 1 x64 FAT32 Internet Explorer 10.0.9200.16540 Ramin :: RAMIN-PC [Administrator] Schutz: Aktiviert 16.05.2013 20:25:33 MBAM-log-2013-05-16 (20-33-16).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 227558 Laufzeit: 6 Minute(n), 53 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\Ramin\AppData\Local\Temp\L3dOkBHE.exe.part (Trojan.FakeAlert) -> Keine Aktion durchgeführt. (Ende) Houshmand |
|
16.05.2013, 16:01
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrt Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.05.2013, 18:07
| #5 |
| | BKA - Paysafe Virus, Windows 7 gesperrtCode:
ATTFilter OTL logfile created on: 16.05.2013 22:58:34 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ramin\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,98 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,69% Memory free 15,96 Gb Paging File | 13,42 Gb Available in Paging File | 84,06% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 918,71 Gb Total Space | 839,06 Gb Free Space | 91,33% Space Free | Partition Type: NTFS Computer Name: RAMIN-PC | User Name: Ramin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Ramin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe () PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe () PRC - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE () PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS) PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe () MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\SiteSafety.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\9266d6e1f8057b5b62b460cbf33cda21\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\1e04a5319c58010e945220af2751d34e\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\25cfdeaf091f16f3f3a7123a91a179ab\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\77dfcfed5fd5f67d0d3edc545935bb21\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\3e79256ce40faa9682f9e3511ca115ea\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\2ad51da1b752b19c992fcefd56eb7c01\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\219c68f83fa608b496b163fd6782e696\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\eb33bf977e97e97b12e82c18e36fbaee\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ff7c9a4f41f7cccc47e696c11b9f8469\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\19b3d17c3ce0e264c4fb62028161adf7\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe () MOD - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (vToolbarUpdater14.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe () SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe (Microsoft Corporation.) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe (Microsoft Corporation.) SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions) SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation) SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation) DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\drivers\avgidsfiltera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc60.sys (Microsoft Corporation) DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation) DRV:64bit: - (SynthVid) -- C:\Windows\SysNative\drivers\VMBusVideoM.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation) DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation) DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys (Research In Motion Limited) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={5A0851DD-5008-499C-8FA4-0C5B3D0E1CE8}&mid=258cd79f5fe147d198e805f79f71b07a-923b70218b06e37ef0e1ff6913dafe87bf528edc&lang=de&ds=AVG&pr=pr&d=2012-03-09 13:34:29&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: avg%40toolbar:14.2.0.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013.02.14 22:59:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.10 13:31:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2013.05.16 16:47:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 20:17:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.16 16:41:24 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.03.10 13:31:38 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 20:17:26 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.16 16:41:24 | 000,000,000 | ---D | M] [2012.03.09 15:38:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ramin\AppData\Roaming\mozilla\Extensions [2012.10.25 08:22:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ramin\AppData\Roaming\mozilla\Firefox\Profiles\qanjj3gk.default\extensions [2013.04.15 20:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.14 22:59:26 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1 [2013.04.15 20:17:26 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.02.16 13:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.14 22:59:27 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012.09.11 09:49:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.02.16 13:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.02.16 13:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.02.16 13:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.02.16 13:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1275714784-1295010817-233862344-1001\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found. O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe () O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.1.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 1.7.0_01) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08217365-C02E-466C-AA83-54BAA48E15B8}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BAD85BA9-1DD7-4949-99CE-A702F9E0A694}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll () O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.16 20:24:45 | 000,000,000 | ---D | C] -- C:\Users\Ramin\AppData\Roaming\Malwarebytes [2013.05.16 20:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.05.16 20:24:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.16 20:24:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.05.16 20:24:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.05.16 20:24:23 | 000,000,000 | ---D | C] -- C:\Users\Ramin\AppData\Local\Programs [2013.05.16 20:24:04 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Ramin\Desktop\mbam-setup-1.75.0.1300.exe [2013.05.16 19:03:21 | 000,000,000 | ---D | C] -- C:\FRST [2013.05.16 18:22:05 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ramin\Desktop\OTL.exe [2013.05.16 16:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.05.16 10:54:41 | 000,128,000 | ---- | C] (Hilgraeve, Inc.) -- C:\ProgramData\hr0lo.dat [2013.05.06 16:39:28 | 000,000,000 | ---D | C] -- C:\Users\Ramin\Desktop\ROTOCONSULTA_PDF.rtfd [2013.04.29 07:27:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype ========== Files - Modified Within 30 Days ========== [2013.05.16 22:38:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.16 22:37:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.16 20:36:51 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.16 20:36:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.16 20:36:39 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.16 20:36:39 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.16 20:36:39 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.16 20:36:39 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.16 20:36:38 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.16 20:24:39 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.16 20:24:14 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Ramin\Desktop\mbam-setup-1.75.0.1300.exe [2013.05.16 19:16:44 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.16 19:16:44 | 000,021,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.16 19:09:25 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013.05.16 19:09:19 | 648,425,393 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.16 19:09:19 | 2133,684,223 | -HS- | M] () -- C:\hiberfil.sys [2013.05.16 18:32:17 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2013.05.16 18:22:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ramin\Desktop\OTL.exe [2013.05.16 18:19:17 | 000,000,000 | ---- | M] () -- C:\Users\Ramin\defogger_reenable [2013.05.16 16:47:46 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk [2013.05.16 16:41:34 | 119,828,980 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2013.05.16 16:41:25 | 000,002,021 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2013.05.16 14:42:16 | 000,377,856 | ---- | M] () -- C:\Users\Ramin\Desktop\gmer_2.1.19163.exe [2013.05.16 14:15:10 | 000,050,477 | ---- | M] () -- C:\Users\Ramin\Desktop\Defogger.exe [2013.05.16 11:02:09 | 095,023,320 | ---- | M] () -- C:\ProgramData\ol0rh.pad [2013.05.16 10:54:41 | 000,128,000 | ---- | M] (Hilgraeve, Inc.) -- C:\ProgramData\hr0lo.dat [2013.05.08 22:32:58 | 008,274,797 | ---- | M] () -- C:\Users\Ramin\Desktop\Simple-Sixpack.pdf [2013.05.08 14:25:50 | 000,285,752 | ---- | M] () -- C:\Users\Ramin\Desktop\Transition piece 01.pdf [2013.05.06 10:19:59 | 000,108,273 | ---- | M] () -- C:\Users\Ramin\Desktop\1.jpg [2013.05.05 16:22:48 | 000,424,153 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2013.05.02 05:06:05 | 000,060,884 | ---- | M] () -- C:\Users\Ramin\Documents\RTJ -flange.jpg ========== Files Created - No Company Name ========== [2013.05.16 20:24:39 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.05.16 18:45:14 | 000,050,477 | ---- | C] () -- C:\Users\Ramin\Desktop\Defogger.exe [2013.05.16 18:43:57 | 000,377,856 | ---- | C] () -- C:\Users\Ramin\Desktop\gmer_2.1.19163.exe [2013.05.16 18:16:26 | 000,000,000 | ---- | C] () -- C:\Users\Ramin\defogger_reenable [2013.05.16 10:54:41 | 095,023,320 | ---- | C] () -- C:\ProgramData\ol0rh.pad [2013.05.08 22:32:56 | 008,274,797 | ---- | C] () -- C:\Users\Ramin\Desktop\Simple-Sixpack.pdf [2013.05.08 14:25:50 | 000,285,752 | ---- | C] () -- C:\Users\Ramin\Desktop\Transition piece 01.pdf [2013.05.06 10:19:59 | 000,108,273 | ---- | C] () -- C:\Users\Ramin\Desktop\1.jpg [2013.05.02 05:06:05 | 000,060,884 | ---- | C] () -- C:\Users\Ramin\Documents\RTJ -flange.jpg [2012.12.03 12:48:44 | 000,622,934 | ---- | C] () -- C:\Users\Ramin\Page_2.jpg [2012.12.03 12:48:44 | 000,621,218 | ---- | C] () -- C:\Users\Ramin\Page_4.jpg [2012.12.03 12:48:44 | 000,502,709 | ---- | C] () -- C:\Users\Ramin\Page_3.jpg [2012.05.15 08:39:40 | 001,577,750 | ---- | C] () -- C:\Users\Ramin\IMG_1842.jpg [2012.05.15 08:39:40 | 001,294,768 | ---- | C] () -- C:\Users\Ramin\IMG_1846.jpg [2012.05.15 08:39:40 | 001,275,518 | ---- | C] () -- C:\Users\Ramin\IMG_1844.jpg [2012.05.15 08:39:40 | 001,262,471 | ---- | C] () -- C:\Users\Ramin\IMG_1843.jpg [2012.03.19 16:54:16 | 000,081,408 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe [2012.03.13 15:01:18 | 000,007,057 | ---- | C] () -- C:\Users\Ramin\AppData\Roaming\e120300059.prf [2012.03.13 15:01:13 | 000,000,417 | ---- | C] () -- C:\Users\Ramin\AppData\Roaming\redirect.xml [2012.03.10 13:29:26 | 000,245,255 | ---- | C] () -- C:\Windows\hpoins19.dat [2012.03.10 13:29:26 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2012.02.24 18:48:24 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.02.24 10:03:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.06.29 01:32:24 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.02.03 19:33:31 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software [2013.02.03 19:33:31 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software [2013.04.02 20:22:56 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Avery [2012.03.09 14:34:37 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\AVG2012 [2012.03.19 16:54:24 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\CAD-KAS [2012.05.06 13:24:36 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Leadertech [2013.02.24 10:19:20 | 000,000,000 | ---D | M] -- C:\Users\Ramin\AppData\Roaming\Spotify ========== Purity Check ========== ========== Files - Unicode (All) ========== [2013.01.20 22:27:16 | 000,020,400 | ---- | M] ()(C:\Users\Ramin\Desktop\?? ???? ???? ???? ????? ???? ???.docx) -- C:\Users\Ramin\Desktop\با سلام خدمت دوست عزیزم امیر جان.docx [2013.01.20 22:27:16 | 000,020,400 | ---- | C] ()(C:\Users\Ramin\Desktop\?? ???? ???? ???? ????? ???? ???.docx) -- C:\Users\Ramin\Desktop\با سلام خدمت دوست عزیزم امیر جان.docx < End of report > Code:
ATTFilter OTL Extras logfile created on: 16.05.2013 22:58:34 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ramin\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,44 Gb Available Physical Memory | 80,69% Memory free
15,96 Gb Paging File | 13,42 Gb Available in Paging File | 84,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 918,71 Gb Total Space | 839,06 Gb Free Space | 91,33% Space Free | Partition Type: NTFS
Computer Name: RAMIN-PC | User Name: Ramin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [+ Add to separate archive(s)] -- "C:\Program Files (x86)\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [+ Add to separate archive(s)] -- "C:\Program Files (x86)\PeaZip\PEAZIP.EXE" "-add2archive" "%1" (Giorgio Tani)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016F2585-84FE-4B89-8F34-8DB507FCF296}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{04E9EAFE-6A75-4D3F-9F4C-E0453AA65115}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{088F3D63-C919-4912-A724-499565BE140B}" = rport=445 | protocol=6 | dir=out | app=system |
"{10077B1E-F3D6-43BA-B838-51771EE677B1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{149E70E3-E5C4-4EAA-9D41-4A0A320DDF58}" = rport=138 | protocol=17 | dir=out | app=system |
"{3B6464D1-78A8-447F-BB9E-EFA77F2D8EA5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3D516E32-9C75-47D4-AC20-8C854F0F77BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{42E836DC-5D59-4A88-9595-899782DDAFAE}" = rport=139 | protocol=6 | dir=out | app=system |
"{439EE0F0-1C60-4D4E-8DB7-2B249F0D4B90}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4C58101D-84FF-48CC-9CA6-52DCCE1579BF}" = rport=137 | protocol=17 | dir=out | app=system |
"{5F666350-1B8D-4F3E-9A15-1A4BDE0149BB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{647EEE0B-FAF9-449B-8739-1664C86D78D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DBAB101-A0D1-455F-8640-E090D7334107}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{942E665B-A60A-4B91-A431-D7B55F4791B4}" = lport=139 | protocol=6 | dir=in | app=system |
"{9D6ED79E-D09D-4C61-AC20-DBAD9CD7283B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{C5322A45-3A9A-43C9-B485-927C5868DA89}" = lport=137 | protocol=17 | dir=in | app=system |
"{C7D29C5E-0B00-4687-9355-DD5FFADC4BC4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D24B15C7-BB56-4D15-B235-81E40E9A4780}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{D30DB36C-C07B-421B-9CB1-3C0710F34157}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DBE6BC3F-B493-4831-9CA2-8398793E3FAE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DC09210D-AC54-43C8-A9F8-5EF72A8762F5}" = lport=138 | protocol=17 | dir=in | app=system |
"{DCB16E2F-8BAC-47EE-BC47-940721E355DA}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E0E9B3C6-BA4D-49F7-B040-EE555DAA66D9}" = lport=445 | protocol=6 | dir=in | app=system |
"{E192DA1D-A888-4C21-89BA-BE36BD263695}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E54C8B6A-B574-465D-85F0-D768254D81B8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F496DBC7-4007-474D-97A0-0FF5DE66F557}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C1F17C-25B3-46E5-BB9A-089622B5A4F9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{087AF494-A455-41A0-B2BF-24967BF4C6BA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0BE48113-7FDB-40A0-9831-BED7769BE7E0}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{0E4C1882-393F-459D-B2FE-FD3654F0FB68}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{0F773C82-D227-4F14-B201-0A4537C493ED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{108F8670-7D7F-4296-AA38-D755C7250F28}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{10FD0457-A293-4DFE-A90C-0D53BBE58624}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{12BFE582-B50A-4C8A-A08A-AFA57FB76A81}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1308709E-738D-4FCE-BA0F-4C19A1139792}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{139E3BA5-DE27-4F7A-A7CD-340758FE8B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{14D5BC0B-C314-4A00-BD83-C1B34DD16E08}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{170F6318-D7CF-459B-9974-D3F6408CE495}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{1791D8D5-2858-4F23-BD8B-7FD981454B78}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{19AC00FE-945E-4DA3-82BA-2535A4012C77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{1B586527-5237-414A-BAA2-268BEAA55E00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{1B8B727C-DB42-4642-97DA-3F456767B310}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{20017D42-DE20-4D18-8A0C-7031F28CCBFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{24C1737E-503B-496C-B2C1-4AE25E7DAED3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2B580F1A-6119-432D-AF30-851B0161EC6E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{2EE81236-2427-41C8-8C98-2E1594258990}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{2F2BA672-2177-4CCB-A824-EA1CE04930AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2FE30045-9193-468E-BE6E-EC9115BA4520}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{3776577B-CF6C-4285-AD6F-55E30E513507}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38E64D63-35BE-41AF-8D0F-62EF09ACC189}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{4C4FA2AE-81DF-4B48-87F7-13BEAEC4AB3E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4D689577-C151-4DCA-B7F8-22129707283A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4E0FCA56-3F46-47A8-BEA1-0EAFC32B7152}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{500A1297-4D3E-492F-BD48-96F4B279E10B}" = protocol=6 | dir=out | app=system |
"{5025366B-D70A-4B66-8162-2F1141D060D1}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5978C63C-47B4-4B42-909D-A3192AE8CB9F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6561D666-31E2-4DA4-AC8B-DD42B91828DF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{6F605829-6478-4585-9738-0B577623AF0C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{77226B0D-2754-469F-96AE-6E9C02C52BFE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{788063B8-33BB-4973-8ADE-0F84381318D8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7E06C933-34D1-44B0-93AE-B1B71916270C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{7F28CE70-E8D6-4F3A-9501-B047BC44FC8F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{845DEBC6-D2AD-46AE-94BE-266A46077762}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{85A870D8-1B4C-41CA-96EB-F0007A20F142}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{868C5ADF-E5CF-4831-885D-6DFEE7AA3BE5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{87621621-20E2-4E93-BD17-9765D8020A69}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{94E66AC2-F8EA-4E56-85A6-52B856FF630B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{A2C724A9-83DE-4C25-B5A7-3D0C4CB4630D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4657C4F-E3EA-4A20-A9E4-E592080501BC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A96E8BAA-1F51-4CB8-8953-3243DEAE699B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{AF10FDB2-6C0C-4B49-80D9-553BDFEE95A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{AFFDC0FC-EFBA-423F-BD44-E1CEA7DC68C6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B9E9A863-A489-4DAA-B4C1-2BE5979D5316}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{BACC5A21-6186-41B7-B128-08DBCC49E0FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{BD835470-5F54-403C-9600-F11244721C00}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{BDC852EF-4F5F-4F83-9AF5-CEC681A8453A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{C56AE811-4DC7-4300-8569-8EDAAD65BB5E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{CB221C3E-CCD8-4D6D-B5A9-A27DFEF2DAC0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{CBA77567-B5F0-43A7-AFD5-5E08ED42F320}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{D1B05C68-AE00-4661-B3E3-D3F57205D7B7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{D9CEB3E8-7CAC-4A90-AD20-E911D362E4CC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{DD011AEB-2A80-493E-A8AA-DF938AECF0EC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E5F03D44-BCB7-479F-AB43-2B6231975555}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{E8994A1D-8169-4D72-B986-7D4D6AA0AF97}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{EC863A98-C6F9-4B4C-BA07-DE0AB58CA6A3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{ECB03963-4F8D-46F7-A2DA-5C7938D7C804}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECD4ABA6-B5D6-471F-802C-47AB1DB855AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EDBAFB81-50BF-4E01-93BB-ACE168144F6F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{EEC9F273-D0A6-4577-BC2D-B5F641A8D01C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F04E99A6-9F1B-4012-B6FD-7A9B9E8D9221}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F1E187A5-12EA-46CD-8613-2DC5FBFFB3E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{F4582078-0702-48E5-B1F7-5C14730606B3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{FB93B67F-24DE-4BFC-9896-4DD5BCD1D47A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FEA9A1B0-519E-4C83-9C00-DD2E743C1D80}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{094A1E1C-F6F9-9BC1-4F0D-8EC94A9F118D}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{262325FE-E6AA-7D56-9071-453A374086C9}" = ATI AVIVO64 Codecs
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java(TM) 7 Update 1 (64-bit)
"{41410F2F-118B-4641-BDA9-47C3CEDE8A6A}" = AVG 2012
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{82AB13D7-BDE1-D24C-B245-1A3F0C29022C}" = ATI Catalyst Install Manager
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}" = AVG 2012
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2012
"Dell Support Center" = Dell Support Center
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Shop for HP Supplies" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00082694-C740-753D-0E17-FAB8B7DFF52F}" = CCC Help Thai
"{066EA6E0-1152-714C-F2B3-10457072F542}" = CCC Help Czech
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{12F9B590-7ED9-6ED7-B41E-CB69E4147A7B}" = Catalyst Control Center Localization All
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19DD3392-63F3-5F8B-BAFE-EF362F797E9E}" = CCC Help Hungarian
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E98D5E9-1E56-CE9B-4198-24D185F71B8C}" = CCC Help Polish
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2B9F83AE-EA8C-7FFB-6BA3-A81BCA9AE4DC}" = CCC Help Japanese
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{382F1842-0E6C-4782-B920-D96ED5165F03}" = Catalyst Control Center - Branding
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{458039D4-0096-9DCF-A752-70D02227F616}" = CCC Help Italian
"{46ABF416-F6DC-C213-0356-E52C0C751E03}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50218CA0-C05D-C4CE-035C-27A735750666}" = Catalyst Control Center
"{52FBC497-0796-D089-BBE1-1C0642678E8C}" = CCC Help Danish
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5DFC378F-28C5-A5B7-0798-2E2A1D60EC28}" = CCC Help Spanish
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B818622-DB95-B03F-E081-2796BBFA150C}" = CCC Help Chinese Standard
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8D01A923-5A28-53ED-EB3C-FB6C8D80964B}" = CCC Help English
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90FA9C66-5810-AE21-8598-704E8C299DE6}" = CCC Help Korean
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{975C9422-4A8E-82DE-238D-604778B4B431}" = CCC Help Finnish
"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
"{A3A529DA-F910-6768-EF19-A795C26FE102}" = CCC Help Chinese Traditional
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B9AB5A97-9C85-B607-B61B-90C129BC2C6F}" = CCC Help Dutch
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE6505D6-9355-D51A-D36E-85E51AD89554}" = CCC Help Greek
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC1D9CCB-B4E6-1575-14AE-BF0F7774A6C8}" = CCC Help French
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2DB85DC-6582-251E-FA93-EB2CF6870EF1}" = CCC Help Portuguese
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D571FEBA-938F-BCCF-FC0C-8BA4E9C06D83}" = CCC Help Norwegian
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCC41203-3F8B-9C4D-19E6-59B72E4FFB5F}" = CCC Help Russian
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECE8F1BD-62BA-A6BB-D351-2980ECE35976}" = CCC Help German
"{ED2DFB39-FED4-83A9-92B0-EDF04CD27D2B}" = Catalyst Control Center InstallProxy
"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0E84DC-7A7F-9A73-9632-0F00FC89C421}" = CCC Help Turkish
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVG Secure Search" = AVG Security Toolbar
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"PDF Editor 3" = PDF Editor 3
"PeaZip_is1" = PeaZip 2.2
"Sweet Home 3D_is1" = Sweet Home 3D version 3.5
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1275714784-1295010817-233862344-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 18.12.2012 04:34:49 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.12.2012 16:27:46 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.12.2012 03:32:58 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.12.2012 04:30:06 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.12.2012 11:54:01 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 22.12.2012 17:33:21 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 23.12.2012 05:01:27 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 24.12.2012 04:35:21 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 28.12.2012 14:42:48 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
Error - 29.12.2012 06:31:58 | Computer Name = Ramin-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 16.05.2013 10:57:24 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 16.05.2013 10:57:25 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error - 16.05.2013 10:58:40 | Computer Name = Ramin-PC | Source = DCOM | ID = 10010
Description =
Error - 16.05.2013 12:11:06 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 16.05.2013 12:11:07 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 16.05.2013 12:11:07 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 16.05.2013 12:11:08 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 16.05.2013 12:11:08 | Computer Name = Ramin-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 16.05.2013 12:53:40 | Computer Name = Ramin-PC | Source = DCOM | ID = 10010
Description =
Error - 16.05.2013 13:09:24 | Computer Name = Ramin-PC | Source = BugCheck | ID = 1001
Description =
< End of report >
|
|
16.05.2013, 21:09
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrt Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ --> BKA - Paysafe Virus, Windows 7 gesperrt |
|
17.05.2013, 08:18
| #7 |
| | BKA - Paysafe Virus, Windows 7 gesperrtCode:
ATTFilter ComboFix 13-05-16.02 - Ramin 17.05.2013 9:05.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8174.5945 [GMT 2:00]
ausgeführt von:: c:\users\Ramin\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\hr0lo.dat
c:\programdata\ol0rh.pad
c:\users\Ramin\AppData\Roaming\e120300059.prf
c:\users\Ramin\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\Ramin\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-04-17 bis 2013-05-17 ))))))))))))))))))))))))))))))
.
.
2013-05-17 07:08 . 2013-05-17 07:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-05-16 18:24 . 2013-05-16 18:24 -------- d-----w- c:\users\Ramin\AppData\Roaming\Malwarebytes
2013-05-16 18:24 . 2013-05-16 18:24 -------- d-----w- c:\programdata\Malwarebytes
2013-05-16 18:24 . 2013-05-16 18:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-05-16 18:24 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-05-16 18:24 . 2013-05-16 18:24 -------- d-----w- c:\users\Ramin\AppData\Local\Programs
2013-05-16 17:03 . 2013-05-16 17:03 -------- d-----w- C:\FRST
2013-05-16 14:46 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-16 14:46 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-16 14:46 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2013-05-16 14:45 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-05-16 14:45 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
2013-05-16 14:45 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
2013-05-16 14:45 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
2013-05-16 14:45 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-05-16 14:45 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
2013-05-16 14:45 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-16 14:45 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-16 14:45 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-05-10 07:57 . 2013-05-10 07:57 187456 ----a-w- c:\program files (x86)\Mozilla Firefox\Plugins\nppdf32.dll
2013-04-29 05:27 . 2013-04-29 05:27 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-04-23 17:55 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-17 06:56 . 2010-06-24 11:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-16 18:37 . 2012-03-10 10:08 75016696 ----a-w- c:\windows\system32\MRT.exe
2013-05-16 18:36 . 2012-03-31 09:42 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-16 18:36 . 2012-02-24 09:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-13 05:49 . 2013-05-16 14:46 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 14:46 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 14:46 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 14:46 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 14:46 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 14:46 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-11 01:18 . 2013-04-11 01:18 384800 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2013-03-19 06:04 . 2013-04-10 09:43 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 09:43 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 09:43 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 09:43 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 09:43 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 09:43 112640 ----a-w- c:\windows\system32\smss.exe
2013-03-15 20:38 . 2013-03-15 20:38 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-15 20:38 . 2013-03-15 20:38 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-15 20:38 . 2013-03-15 20:38 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-15 20:38 . 2013-03-15 20:38 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-15 20:38 . 2013-03-15 20:38 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-15 20:38 . 2013-03-15 20:38 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-15 20:38 . 2013-03-15 20:38 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-15 20:38 . 2013-03-15 20:38 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-15 20:38 . 2013-03-15 20:38 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-15 20:38 . 2013-03-15 20:38 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-15 20:38 . 2013-03-15 20:38 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-15 20:38 . 2013-03-15 20:38 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-15 20:38 . 2013-03-15 20:38 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-15 20:38 . 2013-03-15 20:38 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-15 20:38 . 2013-03-15 20:38 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-15 20:38 . 2013-03-15 20:38 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-15 20:38 . 2013-03-15 20:38 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-15 20:38 . 2013-03-15 20:38 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-15 20:38 . 2013-03-15 20:38 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-15 20:38 . 2013-03-15 20:38 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-15 20:38 . 2013-03-15 20:38 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-15 20:38 . 2013-03-15 20:38 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-15 20:38 . 2013-03-15 20:38 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-15 20:38 . 2013-03-15 20:38 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-15 20:38 . 2013-03-15 20:38 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-15 20:38 . 2013-03-15 20:38 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-15 20:38 . 2013-03-15 20:38 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-15 20:38 . 2013-03-15 20:38 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-15 20:38 . 2013-03-15 20:38 441856 ----a-w- c:\windows\system32\html.iec
2013-03-15 20:38 . 2013-03-15 20:38 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-15 20:38 . 2013-03-15 20:38 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-15 20:38 . 2013-03-15 20:38 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-15 20:38 . 2013-03-15 20:38 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-15 20:38 . 2013-03-15 20:38 235008 ----a-w- c:\windows\system32\url.dll
2013-03-15 20:38 . 2013-03-15 20:38 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-15 20:38 . 2013-03-15 20:38 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-15 20:38 . 2013-03-15 20:38 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-15 20:38 . 2013-03-15 20:38 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-15 20:38 . 2013-03-15 20:38 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-15 20:38 . 2013-03-15 20:38 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-15 20:38 . 2013-03-15 20:38 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-15 20:38 . 2013-03-15 20:38 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-15 20:38 . 2013-03-15 20:38 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-15 20:38 . 2013-03-15 20:38 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-15 20:38 . 2013-03-15 20:38 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-15 20:38 . 2013-03-15 20:38 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-15 20:38 . 2013-03-15 20:38 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-15 20:38 . 2013-03-15 20:38 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-15 20:38 . 2013-03-15 20:38 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-05 06:58 . 2013-03-05 06:58 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-05 06:57 . 2012-03-25 13:17 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-03-05 06:57 . 2012-02-24 09:19 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2013-02-14 20:59 1929392 ----a-w- c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-02-14 1929392]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-02-28 18642024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-06-28 336384]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-02-14 1151152]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-11-02 5174392]
R2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUVC64;Logitech QuickCam E3500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys [2010-11-21 168448]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2011-12-14 25072]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys [2010-11-21 22528]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-23 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-11-08 307040]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2013-04-11 384800]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2013-02-14 39768]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-08-10 204288]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-12-05 2321560]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-05-20 13592]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-02-14 968880]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-08-10 231440]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-12-10 127328]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-05-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 18:36]
.
2012-03-09 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2013-05-17 c:\windows\Tasks\ROC_JAN2013_TB_rmv.job
- c:\program files (x86)\AVG Secure Search\PostInstall\ROC.exe [2013-01-24 19:30]
.
2013-05-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-12-14 04:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
FF - ProfilePath - c:\users\Ramin\AppData\Roaming\Mozilla\Firefox\Profiles\qanjj3gk.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2012-03-10 12:31; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-05-17 09:10:46
ComboFix-quarantined-files.txt 2013-05-17 07:10
.
Vor Suchlauf: 12 Verzeichnis(se), 901.871.988.736 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 909.498.376.192 Bytes frei
.
- - End Of File - - 9331AEF81E1D457F6FE2E8553C59D9A8
|
|
17.05.2013, 10:50
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrtZitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.05.2013, 14:28
| #9 |
| | BKA - Paysafe Virus, Windows 7 gesperrt Das sollte zuerst ein Firmen-PC werden. Dann habe ich das doch für Zuhasuse genommen. Also das ist kein Firmen-PC oder Uni-Rechner. |
|
17.05.2013, 15:04
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrt Ok, danke für die Erklärung Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.05.2013, 00:39
| #11 |
| | BKA - Paysafe Virus, Windows 7 gesperrt Danke für die schnelle Hilfe. Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-05-17 20:47:56
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.JC4A 931,51GB
Running: y6epvsr2.exe; Driver: C:\Users\Ramin\AppData\Local\Temp\pglorpod.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\AVG\AVG2012\avgfws.exe[1792] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000075411465 2 bytes [41, 75]
.text C:\Program Files (x86)\AVG\AVG2012\avgfws.exe[1792] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000754114bb 2 bytes [41, 75]
.text ... * 2
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[4004] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075411465 2 bytes [41, 75]
.text C:\Program Files (x86)\AVG Secure Search\vprot.exe[4004] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 00000000754114bb 2 bytes [41, 75]
.text ... * 2
---- EOF - GMER 2.1 ----
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.17.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Ramin :: RAMIN-PC [administrator]
17.05.2013 21:00:05
mbar-log-2013-05-17 (21-00-05).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29389
Time elapsed: 7 minute(s), 32 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Ich musste das System neustarten. Danach 2. Scann Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.17.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Ramin :: RAMIN-PC [administrator]
17.05.2013 23:27:22
mbar-log-2013-05-17 (23-27-22).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 29375
Time elapsed: 12 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
18.05.2013, 01:19
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrt aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.05.2013, 10:23
| #13 |
| | BKA - Paysafe Virus, Windows 7 gesperrt Vielen Dank für die Anweisung, AVAST ist abgestürtzt der Vorgang wurde abgebrochen. unter AV Scan die Einstellung (none) gewählt. Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-18 10:56:19
-----------------------------
10:56:19.902 OS Version: Windows x64 6.1.7601 Service Pack 1
10:56:19.902 Number of processors: 4 586 0x2A07
10:56:19.903 ComputerName: RAMIN-PC UserName: Ramin
10:56:33.810 Initialize success
10:56:40.792 AVAST engine defs: 13051701
10:57:19.205 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:57:19.206 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
10:57:19.348 Disk 0 MBR read successfully
10:57:19.350 Disk 0 MBR scan
10:57:19.354 Disk 0 Windows VISTA default MBR code
10:57:19.413 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
10:57:19.449 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13068 MB offset 81920
10:57:19.502 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940760 MB offset 26845184
10:57:19.586 Disk 0 scanning C:\Windows\system32\drivers
10:57:37.302 Service scanning
10:57:54.353 Modules scanning
10:57:54.361 Disk 0 trace - called modules:
10:57:54.385 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:57:54.391 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009d13060]
10:57:54.396 3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007496050]
10:57:54.401 Scan finished successfully
10:58:20.951 Disk 0 MBR has been saved successfully to "C:\Users\Ramin\Desktop\MBR.dat"
10:58:20.954 The log file has been saved successfully to "C:\Users\Ramin\Desktop\aswMBR.txt"
Code:
ATTFilter 11:14:20.0628 6272 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:14:21.0881 6272 ============================================================
11:14:21.0881 6272 Current date / time: 2013/05/18 11:14:21.0881
11:14:21.0881 6272 SystemInfo:
11:14:21.0881 6272
11:14:21.0881 6272 OS Version: 6.1.7601 ServicePack: 1.0
11:14:21.0881 6272 Product type: Workstation
11:14:21.0881 6272 ComputerName: RAMIN-PC
11:14:21.0881 6272 UserName: Ramin
11:14:21.0881 6272 Windows directory: C:\Windows
11:14:21.0881 6272 System windows directory: C:\Windows
11:14:21.0881 6272 Running under WOW64
11:14:21.0881 6272 Processor architecture: Intel x64
11:14:21.0882 6272 Number of processors: 4
11:14:21.0882 6272 Page size: 0x1000
11:14:21.0882 6272 Boot type: Normal boot
11:14:21.0882 6272 ============================================================
11:14:22.0426 6272 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:22.0440 6272 Drive \Device\Harddisk1\DR1 - Size: 0x393180000 (14.30 Gb), SectorSize: 0x200, Cylinders: 0x74A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:14:22.0453 6272 ============================================================
11:14:22.0453 6272 \Device\Harddisk0\DR0:
11:14:22.0453 6272 MBR partitions:
11:14:22.0453 6272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
11:14:22.0453 6272 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D6C000
11:14:22.0453 6272 \Device\Harddisk1\DR1:
11:14:22.0454 6272 MBR partitions:
11:14:22.0454 6272 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1C96C80
11:14:22.0454 6272 ============================================================
11:14:22.0496 6272 C: <-> \Device\Harddisk0\DR0\Partition2
11:14:22.0496 6272 ============================================================
11:14:22.0497 6272 Initialize success
11:14:22.0497 6272 ============================================================
11:14:45.0753 6360 ============================================================
11:14:45.0753 6360 Scan started
11:14:45.0753 6360 Mode: Manual;
11:14:45.0753 6360 ============================================================
11:14:45.0958 6360 ================ Scan system memory ========================
11:14:45.0958 6360 System memory - ok
11:14:45.0958 6360 ================ Scan services =============================
11:14:46.0134 6360 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:14:46.0137 6360 1394ohci - ok
11:14:46.0161 6360 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:14:46.0193 6360 ACPI - ok
11:14:46.0208 6360 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:14:46.0209 6360 AcpiPmi - ok
11:14:46.0289 6360 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:14:46.0292 6360 AdobeARMservice - ok
11:14:46.0387 6360 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:14:46.0390 6360 AdobeFlashPlayerUpdateSvc - ok
11:14:46.0435 6360 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:14:46.0441 6360 adp94xx - ok
11:14:46.0455 6360 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:14:46.0459 6360 adpahci - ok
11:14:46.0477 6360 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:14:46.0480 6360 adpu320 - ok
11:14:46.0498 6360 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:14:46.0501 6360 AeLookupSvc - ok
11:14:46.0553 6360 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:14:46.0556 6360 AERTFilters - ok
11:14:46.0588 6360 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:14:46.0594 6360 AFD - ok
11:14:46.0608 6360 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:14:46.0610 6360 agp440 - ok
11:14:46.0636 6360 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:14:46.0638 6360 ALG - ok
11:14:46.0641 6360 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:14:46.0642 6360 aliide - ok
11:14:46.0674 6360 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:14:46.0677 6360 AMD External Events Utility - ok
11:14:46.0682 6360 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:14:46.0683 6360 amdide - ok
11:14:46.0696 6360 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:14:46.0698 6360 AmdK8 - ok
11:14:46.0833 6360 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:14:46.0978 6360 amdkmdag - ok
11:14:46.0999 6360 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:14:47.0001 6360 amdkmdap - ok
11:14:47.0015 6360 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:14:47.0016 6360 AmdPPM - ok
11:14:47.0039 6360 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:14:47.0047 6360 amdsata - ok
11:14:47.0078 6360 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:14:47.0081 6360 amdsbs - ok
11:14:47.0092 6360 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:14:47.0094 6360 amdxata - ok
11:14:47.0119 6360 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:14:47.0121 6360 AppID - ok
11:14:47.0131 6360 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:14:47.0133 6360 AppIDSvc - ok
11:14:47.0168 6360 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:14:47.0170 6360 Appinfo - ok
11:14:47.0198 6360 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:14:47.0200 6360 AppMgmt - ok
11:14:47.0204 6360 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:14:47.0205 6360 arc - ok
11:14:47.0216 6360 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:14:47.0218 6360 arcsas - ok
11:14:47.0564 6360 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:14:47.0565 6360 aspnet_state - ok
11:14:47.0584 6360 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:14:47.0586 6360 AsyncMac - ok
11:14:47.0611 6360 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:14:47.0613 6360 atapi - ok
11:14:47.0666 6360 [ 96ABF88241F90FF647E55C934C55C2F1 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:14:47.0701 6360 athr - ok
11:14:47.0752 6360 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:14:47.0755 6360 AtiHDAudioService - ok
11:14:47.0772 6360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:14:47.0780 6360 AudioEndpointBuilder - ok
11:14:47.0789 6360 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:14:47.0794 6360 AudioSrv - ok
11:14:47.0809 6360 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:14:47.0811 6360 Avgfwfd - ok
11:14:47.0881 6360 [ 6C469E3CB15CF33AD3E757096E6C7026 ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
11:14:47.0895 6360 avgfws - ok
11:14:48.0016 6360 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:14:48.0034 6360 AVGIDSAgent - ok
11:14:48.0068 6360 [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:14:48.0070 6360 AVGIDSDriver - ok
11:14:48.0088 6360 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:14:48.0090 6360 AVGIDSFilter - ok
11:14:48.0123 6360 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:14:48.0124 6360 AVGIDSHA - ok
11:14:48.0140 6360 [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:14:48.0144 6360 Avgldx64 - ok
11:14:48.0178 6360 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:14:48.0180 6360 Avgmfx64 - ok
11:14:48.0201 6360 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:14:48.0203 6360 Avgrkx64 - ok
11:14:48.0235 6360 [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:14:48.0240 6360 Avgtdia - ok
11:14:48.0273 6360 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
11:14:48.0275 6360 avgtp - ok
11:14:48.0299 6360 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:14:48.0302 6360 avgwd - ok
11:14:48.0335 6360 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:14:48.0338 6360 AxInstSV - ok
11:14:48.0385 6360 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:14:48.0401 6360 b06bdrv - ok
11:14:48.0423 6360 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:14:48.0427 6360 b57nd60a - ok
11:14:48.0495 6360 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:14:48.0497 6360 BBSvc - ok
11:14:48.0514 6360 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:14:48.0516 6360 BBUpdate - ok
11:14:48.0528 6360 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:14:48.0531 6360 BDESVC - ok
11:14:48.0539 6360 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:14:48.0541 6360 Beep - ok
11:14:48.0572 6360 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:14:48.0580 6360 BFE - ok
11:14:48.0618 6360 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:14:48.0628 6360 BITS - ok
11:14:48.0641 6360 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:14:48.0643 6360 blbdrive - ok
11:14:48.0669 6360 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:14:48.0671 6360 bowser - ok
11:14:48.0675 6360 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:14:48.0676 6360 BrFiltLo - ok
11:14:48.0679 6360 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:14:48.0680 6360 BrFiltUp - ok
11:14:48.0721 6360 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:14:48.0723 6360 BridgeMP - ok
11:14:48.0758 6360 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:14:48.0760 6360 Browser - ok
11:14:48.0773 6360 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:14:48.0777 6360 Brserid - ok
11:14:48.0781 6360 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:14:48.0783 6360 BrSerWdm - ok
11:14:48.0786 6360 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:14:48.0787 6360 BrUsbMdm - ok
11:14:48.0791 6360 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:14:48.0792 6360 BrUsbSer - ok
11:14:48.0794 6360 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:14:48.0795 6360 BTHMODEM - ok
11:14:48.0819 6360 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:14:48.0821 6360 bthserv - ok
11:14:48.0832 6360 catchme - ok
11:14:48.0847 6360 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:14:48.0849 6360 cdfs - ok
11:14:48.0865 6360 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:14:48.0867 6360 cdrom - ok
11:14:48.0877 6360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:14:48.0880 6360 CertPropSvc - ok
11:14:48.0893 6360 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:14:48.0895 6360 circlass - ok
11:14:48.0910 6360 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:14:48.0915 6360 CLFS - ok
11:14:48.0955 6360 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:14:48.0956 6360 clr_optimization_v2.0.50727_32 - ok
11:14:48.0978 6360 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:14:48.0980 6360 clr_optimization_v2.0.50727_64 - ok
11:14:49.0038 6360 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:14:49.0040 6360 clr_optimization_v4.0.30319_32 - ok
11:14:49.0068 6360 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:14:49.0070 6360 clr_optimization_v4.0.30319_64 - ok
11:14:49.0077 6360 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:14:49.0079 6360 CmBatt - ok
11:14:49.0083 6360 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:14:49.0084 6360 cmdide - ok
11:14:49.0127 6360 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:14:49.0132 6360 CNG - ok
11:14:49.0144 6360 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:14:49.0146 6360 Compbatt - ok
11:14:49.0155 6360 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:14:49.0156 6360 CompositeBus - ok
11:14:49.0160 6360 COMSysApp - ok
11:14:49.0203 6360 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:14:49.0205 6360 crcdisk - ok
11:14:49.0229 6360 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:14:49.0232 6360 CryptSvc - ok
11:14:49.0251 6360 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:14:49.0258 6360 CSC - ok
11:14:49.0280 6360 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:14:49.0314 6360 CscService - ok
11:14:49.0342 6360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:14:49.0348 6360 DcomLaunch - ok
11:14:49.0382 6360 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:14:49.0386 6360 defragsvc - ok
11:14:49.0399 6360 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:14:49.0407 6360 DfsC - ok
11:14:49.0453 6360 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:14:49.0457 6360 Dhcp - ok
11:14:49.0469 6360 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:14:49.0470 6360 discache - ok
11:14:49.0474 6360 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:14:49.0476 6360 Disk - ok
11:14:49.0494 6360 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
11:14:49.0496 6360 dmvsc - ok
11:14:49.0524 6360 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:14:49.0527 6360 Dnscache - ok
11:14:49.0538 6360 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:14:49.0541 6360 dot3svc - ok
11:14:49.0581 6360 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:14:49.0584 6360 Dot4 - ok
11:14:49.0608 6360 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:14:49.0610 6360 Dot4Print - ok
11:14:49.0618 6360 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:14:49.0620 6360 dot4usb - ok
11:14:49.0625 6360 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:14:49.0627 6360 DPS - ok
11:14:49.0652 6360 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:14:49.0653 6360 drmkaud - ok
11:14:49.0688 6360 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:14:49.0698 6360 DXGKrnl - ok
11:14:49.0711 6360 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:14:49.0714 6360 EapHost - ok
11:14:49.0775 6360 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:14:49.0835 6360 ebdrv - ok
11:14:49.0856 6360 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:14:49.0859 6360 EFS - ok
11:14:49.0918 6360 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:14:49.0926 6360 ehRecvr - ok
11:14:49.0939 6360 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:14:49.0942 6360 ehSched - ok
11:14:49.0965 6360 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:14:49.0972 6360 elxstor - ok
11:14:49.0975 6360 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:14:49.0976 6360 ErrDev - ok
11:14:50.0001 6360 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:14:50.0007 6360 EventSystem - ok
11:14:50.0013 6360 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:14:50.0015 6360 exfat - ok
11:14:50.0027 6360 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:14:50.0029 6360 fastfat - ok
11:14:50.0058 6360 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:14:50.0066 6360 Fax - ok
11:14:50.0070 6360 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:14:50.0071 6360 fdc - ok
11:14:50.0102 6360 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:14:50.0104 6360 fdPHost - ok
11:14:50.0108 6360 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:14:50.0109 6360 FDResPub - ok
11:14:50.0113 6360 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:14:50.0115 6360 FileInfo - ok
11:14:50.0127 6360 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:14:50.0129 6360 Filetrace - ok
11:14:50.0133 6360 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:14:50.0134 6360 flpydisk - ok
11:14:50.0148 6360 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:14:50.0151 6360 FltMgr - ok
11:14:50.0200 6360 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:14:50.0212 6360 FontCache - ok
11:14:50.0253 6360 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:14:50.0254 6360 FontCache3.0.0.0 - ok
11:14:50.0268 6360 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:14:50.0270 6360 FsDepends - ok
11:14:50.0292 6360 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:14:50.0294 6360 Fs_Rec - ok
11:14:50.0330 6360 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:14:50.0333 6360 fvevol - ok
11:14:50.0349 6360 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:14:50.0351 6360 gagp30kx - ok
11:14:50.0373 6360 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:14:50.0382 6360 gpsvc - ok
11:14:50.0395 6360 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:14:50.0396 6360 hcw85cir - ok
11:14:50.0415 6360 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:14:50.0417 6360 HDAudBus - ok
11:14:50.0430 6360 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:14:50.0432 6360 HidBatt - ok
11:14:50.0441 6360 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:14:50.0443 6360 HidBth - ok
11:14:50.0459 6360 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:14:50.0461 6360 HidIr - ok
11:14:50.0473 6360 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:14:50.0475 6360 hidserv - ok
11:14:50.0488 6360 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:14:50.0489 6360 HidUsb - ok
11:14:50.0499 6360 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:14:50.0502 6360 hkmsvc - ok
11:14:50.0540 6360 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:14:50.0543 6360 HomeGroupListener - ok
11:14:50.0560 6360 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:14:50.0564 6360 HomeGroupProvider - ok
11:14:50.0646 6360 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:14:50.0650 6360 hpqcxs08 - ok
11:14:50.0662 6360 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:14:50.0664 6360 hpqddsvc - ok
11:14:50.0669 6360 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:14:50.0671 6360 HpSAMD - ok
11:14:50.0704 6360 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:14:50.0715 6360 HPSLPSVC - ok
11:14:50.0756 6360 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:14:50.0765 6360 HTTP - ok
11:14:50.0776 6360 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:14:50.0777 6360 hwpolicy - ok
11:14:50.0795 6360 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:14:50.0797 6360 i8042prt - ok
11:14:50.0822 6360 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:14:50.0827 6360 iaStor - ok
11:14:50.0873 6360 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:14:50.0874 6360 IAStorDataMgrSvc - ok
11:14:50.0897 6360 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:14:50.0902 6360 iaStorV - ok
11:14:50.0958 6360 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:14:50.0965 6360 idsvc - ok
11:14:50.0983 6360 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:14:50.0984 6360 iirsp - ok
11:14:51.0018 6360 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:14:51.0027 6360 IKEEXT - ok
11:14:51.0074 6360 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:14:51.0118 6360 IntcAzAudAddService - ok
11:14:51.0168 6360 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:14:51.0172 6360 IntcDAud - ok
11:14:51.0186 6360 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:14:51.0188 6360 intelide - ok
11:14:51.0211 6360 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:14:51.0213 6360 intelppm - ok
11:14:51.0227 6360 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:14:51.0230 6360 IPBusEnum - ok
11:14:51.0243 6360 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:14:51.0245 6360 IpFilterDriver - ok
11:14:51.0292 6360 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:14:51.0300 6360 iphlpsvc - ok
11:14:51.0312 6360 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:14:51.0315 6360 IPMIDRV - ok
11:14:51.0319 6360 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:14:51.0321 6360 IPNAT - ok
11:14:51.0332 6360 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:14:51.0334 6360 IRENUM - ok
11:14:51.0347 6360 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:14:51.0349 6360 isapnp - ok
11:14:51.0366 6360 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:14:51.0369 6360 iScsiPrt - ok
11:14:51.0385 6360 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:14:51.0390 6360 k57nd60a - ok
11:14:51.0403 6360 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:14:51.0404 6360 kbdclass - ok
11:14:51.0416 6360 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:14:51.0418 6360 kbdhid - ok
11:14:51.0430 6360 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:14:51.0431 6360 KeyIso - ok
11:14:51.0472 6360 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:14:51.0475 6360 KSecDD - ok
11:14:51.0491 6360 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:14:51.0494 6360 KSecPkg - ok
11:14:51.0508 6360 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:14:51.0510 6360 ksthunk - ok
11:14:51.0525 6360 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:14:51.0529 6360 KtmRm - ok
11:14:51.0570 6360 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:14:51.0574 6360 LanmanServer - ok
11:14:51.0597 6360 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:14:51.0600 6360 LanmanWorkstation - ok
11:14:51.0626 6360 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:14:51.0628 6360 lltdio - ok
11:14:51.0643 6360 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:14:51.0647 6360 lltdsvc - ok
11:14:51.0661 6360 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:14:51.0663 6360 lmhosts - ok
11:14:51.0692 6360 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:14:51.0695 6360 LSI_FC - ok
11:14:51.0699 6360 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:14:51.0701 6360 LSI_SAS - ok
11:14:51.0711 6360 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:14:51.0713 6360 LSI_SAS2 - ok
11:14:51.0723 6360 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:14:51.0725 6360 LSI_SCSI - ok
11:14:51.0740 6360 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:14:51.0742 6360 luafv - ok
11:14:51.0790 6360 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:14:51.0798 6360 LVPr2M64 - ok
11:14:51.0825 6360 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:14:51.0826 6360 LVPr2Mon - ok
11:14:51.0885 6360 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:14:51.0887 6360 LVPrcS64 - ok
11:14:51.0903 6360 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
11:14:51.0907 6360 LVRS64 - ok
11:14:52.0006 6360 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
11:14:52.0120 6360 LVUVC64 - ok
11:14:52.0155 6360 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:14:52.0157 6360 MBAMProtector - ok
11:14:52.0211 6360 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:14:52.0215 6360 MBAMScheduler - ok
11:14:52.0239 6360 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:14:52.0244 6360 MBAMService - ok
11:14:52.0263 6360 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:14:52.0266 6360 Mcx2Svc - ok
11:14:52.0282 6360 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:14:52.0284 6360 megasas - ok
11:14:52.0305 6360 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:14:52.0338 6360 MegaSR - ok
11:14:52.0368 6360 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:14:52.0370 6360 MEIx64 - ok
11:14:52.0421 6360 Microsoft SharePoint Workspace Audit Service - ok
11:14:52.0436 6360 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:14:52.0439 6360 MMCSS - ok
11:14:52.0443 6360 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:14:52.0444 6360 Modem - ok
11:14:52.0453 6360 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:14:52.0454 6360 monitor - ok
11:14:52.0474 6360 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:14:52.0476 6360 mouclass - ok
11:14:52.0483 6360 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:14:52.0485 6360 mouhid - ok
11:14:52.0495 6360 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:14:52.0497 6360 mountmgr - ok
11:14:52.0559 6360 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:14:52.0562 6360 MozillaMaintenance - ok
11:14:52.0577 6360 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:14:52.0580 6360 mpio - ok
11:14:52.0591 6360 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:14:52.0593 6360 mpsdrv - ok
11:14:52.0616 6360 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:14:52.0626 6360 MpsSvc - ok
11:14:52.0641 6360 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:14:52.0644 6360 MRxDAV - ok
11:14:52.0671 6360 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:14:52.0674 6360 mrxsmb - ok
11:14:52.0685 6360 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:14:52.0689 6360 mrxsmb10 - ok
11:14:52.0698 6360 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:14:52.0701 6360 mrxsmb20 - ok
11:14:52.0722 6360 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:14:52.0724 6360 msahci - ok
11:14:52.0736 6360 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:14:52.0738 6360 msdsm - ok
11:14:52.0753 6360 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:14:52.0756 6360 MSDTC - ok
11:14:52.0772 6360 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:14:52.0773 6360 Msfs - ok
11:14:52.0783 6360 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:14:52.0784 6360 mshidkmdf - ok
11:14:52.0793 6360 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:14:52.0795 6360 msisadrv - ok
11:14:52.0824 6360 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:14:52.0827 6360 MSiSCSI - ok
11:14:52.0830 6360 msiserver - ok
11:14:52.0850 6360 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:14:52.0852 6360 MSKSSRV - ok
11:14:52.0856 6360 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:14:52.0857 6360 MSPCLOCK - ok
11:14:52.0869 6360 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:14:52.0871 6360 MSPQM - ok
11:14:52.0890 6360 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:14:52.0895 6360 MsRPC - ok
11:14:52.0912 6360 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:14:52.0913 6360 mssmbios - ok
11:14:52.0923 6360 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:14:52.0924 6360 MSTEE - ok
11:14:52.0928 6360 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:14:52.0929 6360 MTConfig - ok
11:14:52.0938 6360 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:14:52.0940 6360 Mup - ok
11:14:52.0979 6360 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:14:52.0985 6360 napagent - ok
11:14:53.0003 6360 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:14:53.0007 6360 NativeWifiP - ok
11:14:53.0048 6360 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:14:53.0058 6360 NDIS - ok
11:14:53.0081 6360 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:14:53.0083 6360 NdisCap - ok
11:14:53.0093 6360 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:14:53.0095 6360 NdisTapi - ok
11:14:53.0108 6360 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:14:53.0110 6360 Ndisuio - ok
11:14:53.0125 6360 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:14:53.0128 6360 NdisWan - ok
11:14:53.0145 6360 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:14:53.0147 6360 NDProxy - ok
11:14:53.0199 6360 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:14:53.0201 6360 Net Driver HPZ12 - ok
11:14:53.0214 6360 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:14:53.0216 6360 NetBIOS - ok
11:14:53.0232 6360 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:14:53.0236 6360 NetBT - ok
11:14:53.0244 6360 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:14:53.0246 6360 Netlogon - ok
11:14:53.0261 6360 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:14:53.0267 6360 Netman - ok
11:14:53.0299 6360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0301 6360 NetMsmqActivator - ok
11:14:53.0306 6360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0308 6360 NetPipeActivator - ok
11:14:53.0330 6360 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:14:53.0337 6360 netprofm - ok
11:14:53.0342 6360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0344 6360 NetTcpActivator - ok
11:14:53.0347 6360 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:14:53.0349 6360 NetTcpPortSharing - ok
11:14:53.0373 6360 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
11:14:53.0377 6360 netvsc - ok
11:14:53.0404 6360 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:14:53.0406 6360 nfrd960 - ok
11:14:53.0422 6360 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:14:53.0427 6360 NlaSvc - ok
11:14:53.0439 6360 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:14:53.0441 6360 Npfs - ok
11:14:53.0451 6360 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:14:53.0454 6360 nsi - ok
11:14:53.0466 6360 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:14:53.0468 6360 nsiproxy - ok
11:14:53.0529 6360 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:14:53.0563 6360 Ntfs - ok
11:14:53.0575 6360 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:14:53.0576 6360 Null - ok
11:14:53.0606 6360 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:14:53.0609 6360 nvraid - ok
11:14:53.0622 6360 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:14:53.0625 6360 nvstor - ok
11:14:53.0656 6360 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:14:53.0658 6360 nv_agp - ok
11:14:53.0667 6360 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:14:53.0669 6360 ohci1394 - ok
11:14:53.0745 6360 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:14:53.0748 6360 ose - ok
11:14:53.0886 6360 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:14:53.0963 6360 osppsvc - ok
11:14:53.0995 6360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:14:54.0000 6360 p2pimsvc - ok
11:14:54.0048 6360 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:14:54.0065 6360 p2psvc - ok
11:14:54.0079 6360 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:14:54.0082 6360 Parport - ok
11:14:54.0119 6360 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:14:54.0121 6360 partmgr - ok
11:14:54.0127 6360 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:14:54.0131 6360 PcaSvc - ok
11:14:54.0197 6360 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
11:14:54.0219 6360 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:14:54.0238 6360 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:14:54.0240 6360 pci - ok
11:14:54.0256 6360 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:14:54.0257 6360 pciide - ok
11:14:54.0270 6360 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:14:54.0274 6360 pcmcia - ok
11:14:54.0284 6360 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:14:54.0286 6360 pcw - ok
11:14:54.0303 6360 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:14:54.0311 6360 PEAUTH - ok
11:14:54.0351 6360 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:14:54.0377 6360 PeerDistSvc - ok
11:14:54.0415 6360 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:14:54.0417 6360 PerfHost - ok
11:14:54.0449 6360 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:14:54.0475 6360 pla - ok
11:14:54.0504 6360 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:14:54.0510 6360 PlugPlay - ok
11:14:54.0518 6360 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:14:54.0521 6360 Pml Driver HPZ12 - ok
11:14:54.0533 6360 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:14:54.0535 6360 PNRPAutoReg - ok
11:14:54.0553 6360 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:14:54.0557 6360 PNRPsvc - ok
11:14:54.0581 6360 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:14:54.0587 6360 PolicyAgent - ok
11:14:54.0609 6360 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
11:14:54.0613 6360 Power - ok
11:14:54.0636 6360 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:14:54.0638 6360 PptpMiniport - ok
11:14:54.0642 6360 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:14:54.0644 6360 Processor - ok
11:14:54.0696 6360 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:14:54.0699 6360 ProfSvc - ok
11:14:54.0709 6360 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:14:54.0711 6360 ProtectedStorage - ok
11:14:54.0745 6360 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:14:54.0747 6360 Psched - ok
11:14:54.0774 6360 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:14:54.0776 6360 PxHlpa64 - ok
11:14:54.0817 6360 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:14:54.0843 6360 ql2300 - ok
11:14:54.0848 6360 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:14:54.0850 6360 ql40xx - ok
11:14:54.0868 6360 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:14:54.0870 6360 QWAVE - ok
11:14:54.0879 6360 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:14:54.0887 6360 QWAVEdrv - ok
11:14:54.0890 6360 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:14:54.0891 6360 RasAcd - ok
11:14:54.0931 6360 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:14:54.0933 6360 RasAgileVpn - ok
11:14:54.0944 6360 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:14:54.0946 6360 RasAuto - ok
11:14:54.0960 6360 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:14:54.0963 6360 Rasl2tp - ok
11:14:54.0975 6360 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:14:54.0979 6360 RasMan - ok
11:14:54.0991 6360 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:14:54.0993 6360 RasPppoe - ok
11:14:55.0002 6360 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:14:55.0004 6360 RasSstp - ok
11:14:55.0019 6360 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:14:55.0022 6360 rdbss - ok
11:14:55.0030 6360 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:14:55.0031 6360 rdpbus - ok
11:14:55.0050 6360 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:14:55.0051 6360 RDPCDD - ok
11:14:55.0071 6360 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:14:55.0073 6360 RDPDR - ok
11:14:55.0076 6360 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:14:55.0077 6360 RDPENCDD - ok
11:14:55.0095 6360 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:14:55.0096 6360 RDPREFMP - ok
11:14:55.0136 6360 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:14:55.0139 6360 RDPWD - ok
11:14:55.0154 6360 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:14:55.0157 6360 rdyboost - ok
11:14:55.0180 6360 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:14:55.0181 6360 RemoteAccess - ok
11:14:55.0202 6360 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:14:55.0206 6360 RemoteRegistry - ok
11:14:55.0241 6360 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:14:55.0242 6360 RimUsb - ok
11:14:55.0351 6360 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:14:55.0364 6360 RoxMediaDB12OEM - ok
11:14:55.0390 6360 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:14:55.0393 6360 RoxWatch12 - ok
11:14:55.0413 6360 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:14:55.0416 6360 RpcEptMapper - ok
11:14:55.0427 6360 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:14:55.0428 6360 RpcLocator - ok
11:14:55.0443 6360 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:14:55.0448 6360 RpcSs - ok
11:14:55.0461 6360 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:14:55.0463 6360 rspndr - ok
11:14:55.0483 6360 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:14:55.0485 6360 s3cap - ok
11:14:55.0500 6360 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:14:55.0502 6360 SamSs - ok
11:14:55.0514 6360 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:14:55.0516 6360 sbp2port - ok
11:14:55.0545 6360 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:14:55.0553 6360 SCardSvr - ok
11:14:55.0567 6360 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:14:55.0569 6360 scfilter - ok
11:14:55.0598 6360 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:14:55.0624 6360 Schedule - ok
11:14:55.0645 6360 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:14:55.0646 6360 SCPolicySvc - ok
11:14:55.0654 6360 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:14:55.0658 6360 SDRSVC - ok
11:14:55.0676 6360 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:14:55.0678 6360 secdrv - ok
11:14:55.0686 6360 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:14:55.0689 6360 seclogon - ok
11:14:55.0698 6360 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:14:55.0701 6360 SENS - ok
11:14:55.0705 6360 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:14:55.0707 6360 SensrSvc - ok
11:14:55.0733 6360 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:14:55.0735 6360 Serenum - ok
11:14:55.0785 6360 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:14:55.0788 6360 Serial - ok
11:14:55.0808 6360 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:14:55.0810 6360 sermouse - ok
11:14:55.0827 6360 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:14:55.0831 6360 SessionEnv - ok
11:14:55.0834 6360 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:14:55.0835 6360 sffdisk - ok
11:14:55.0839 6360 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:14:55.0840 6360 sffp_mmc - ok
11:14:55.0843 6360 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:14:55.0844 6360 sffp_sd - ok
11:14:55.0867 6360 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:14:55.0869 6360 sfloppy - ok
11:14:55.0923 6360 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:14:55.0934 6360 SftService - ok
11:14:55.0960 6360 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:14:55.0964 6360 SharedAccess - ok
11:14:56.0004 6360 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:14:56.0008 6360 ShellHWDetection - ok
11:14:56.0021 6360 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:14:56.0023 6360 SiSRaid2 - ok
11:14:56.0031 6360 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:14:56.0033 6360 SiSRaid4 - ok
11:14:56.0112 6360 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:14:56.0114 6360 SkypeUpdate - ok
11:14:56.0135 6360 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:14:56.0137 6360 Smb - ok
11:14:56.0158 6360 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:14:56.0160 6360 SNMPTRAP - ok
11:14:56.0167 6360 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:14:56.0169 6360 spldr - ok
11:14:56.0208 6360 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:14:56.0215 6360 Spooler - ok
11:14:56.0279 6360 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:14:56.0331 6360 sppsvc - ok
11:14:56.0346 6360 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:14:56.0349 6360 sppuinotify - ok
11:14:56.0368 6360 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:14:56.0371 6360 srv - ok
11:14:56.0412 6360 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:14:56.0420 6360 srv2 - ok
11:14:56.0433 6360 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:14:56.0436 6360 srvnet - ok
11:14:56.0466 6360 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:14:56.0470 6360 SSDPSRV - ok
11:14:56.0479 6360 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:14:56.0482 6360 SstpSvc - ok
11:14:56.0512 6360 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
11:14:56.0514 6360 ss_bus - ok
11:14:56.0532 6360 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
11:14:56.0534 6360 ss_mdfl - ok
11:14:56.0551 6360 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
11:14:56.0554 6360 ss_mdm - ok
11:14:56.0571 6360 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:14:56.0572 6360 stexstor - ok
11:14:56.0635 6360 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:14:56.0652 6360 stisvc - ok
11:14:56.0689 6360 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:14:56.0691 6360 stllssvr - ok
11:14:56.0707 6360 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:14:56.0710 6360 StorSvc - ok
11:14:56.0731 6360 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:14:56.0733 6360 storvsc - ok
11:14:56.0749 6360 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:14:56.0751 6360 swenum - ok
11:14:56.0765 6360 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:14:56.0772 6360 swprv - ok
11:14:56.0788 6360 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:14:56.0790 6360 SynthVid - ok
11:14:56.0852 6360 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:14:56.0887 6360 SysMain - ok
11:14:56.0901 6360 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:14:56.0903 6360 TabletInputService - ok
11:14:56.0919 6360 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:14:56.0925 6360 TapiSrv - ok
11:14:56.0937 6360 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:14:56.0940 6360 TBS - ok
11:14:57.0005 6360 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:14:57.0039 6360 Tcpip - ok
11:14:57.0092 6360 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:14:57.0104 6360 TCPIP6 - ok
11:14:57.0161 6360 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:14:57.0162 6360 tcpipreg - ok
11:14:57.0179 6360 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:14:57.0187 6360 TDPIPE - ok
11:14:57.0257 6360 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:14:57.0270 6360 TDTCP - ok
11:14:57.0304 6360 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:14:57.0307 6360 tdx - ok
11:14:57.0327 6360 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:14:57.0329 6360 TermDD - ok
11:14:57.0340 6360 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:14:57.0347 6360 TermService - ok
11:14:57.0358 6360 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:14:57.0360 6360 Themes - ok
11:14:57.0380 6360 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:14:57.0382 6360 THREADORDER - ok
11:14:57.0389 6360 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:14:57.0393 6360 TrkWks - ok
11:14:57.0416 6360 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:14:57.0418 6360 TrustedInstaller - ok
11:14:57.0428 6360 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:14:57.0429 6360 tssecsrv - ok
11:14:57.0438 6360 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:14:57.0439 6360 TsUsbFlt - ok
11:14:57.0443 6360 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:14:57.0444 6360 TsUsbGD - ok
11:14:57.0462 6360 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:14:57.0464 6360 tunnel - ok
11:14:57.0477 6360 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:14:57.0479 6360 uagp35 - ok
11:14:57.0496 6360 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:14:57.0510 6360 udfs - ok
11:14:57.0531 6360 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:14:57.0533 6360 UI0Detect - ok
11:14:57.0537 6360 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:14:57.0539 6360 uliagpkx - ok
11:14:57.0559 6360 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:14:57.0561 6360 umbus - ok
11:14:57.0565 6360 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:14:57.0566 6360 UmPass - ok
11:14:57.0587 6360 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:14:57.0591 6360 UmRdpService - ok
11:14:57.0608 6360 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:14:57.0614 6360 upnphost - ok
11:14:57.0644 6360 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:14:57.0647 6360 usbaudio - ok
11:14:57.0680 6360 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:14:57.0683 6360 usbccgp - ok
11:14:57.0687 6360 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:14:57.0689 6360 usbcir - ok
11:14:57.0698 6360 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:14:57.0700 6360 usbehci - ok
11:14:57.0737 6360 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:14:57.0742 6360 usbhub - ok
11:14:57.0757 6360 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:14:57.0759 6360 usbohci - ok
11:14:57.0771 6360 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:14:57.0772 6360 usbprint - ok
11:14:57.0796 6360 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:14:57.0798 6360 usbscan - ok
11:14:57.0805 6360 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:14:57.0807 6360 USBSTOR - ok
11:14:57.0829 6360 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:14:57.0831 6360 usbuhci - ok
11:14:57.0845 6360 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:14:57.0848 6360 UxSms - ok
11:14:57.0856 6360 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:14:57.0857 6360 VaultSvc - ok
11:14:57.0861 6360 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:14:57.0863 6360 vdrvroot - ok
11:14:57.0876 6360 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:14:57.0882 6360 vds - ok
11:14:57.0889 6360 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:14:57.0891 6360 vga - ok
11:14:57.0893 6360 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:14:57.0893 6360 VgaSave - ok
11:14:57.0898 6360 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:14:57.0900 6360 vhdmp - ok
11:14:57.0902 6360 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:14:57.0903 6360 viaide - ok
11:14:57.0909 6360 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:14:57.0910 6360 VMBusHID - ok
11:14:57.0924 6360 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:14:57.0933 6360 volmgr - ok
11:14:57.0948 6360 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:14:57.0953 6360 volmgrx - ok
11:14:57.0965 6360 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:14:57.0970 6360 volsnap - ok
11:14:57.0985 6360 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:14:57.0987 6360 vsmraid - ok
11:14:58.0020 6360 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:14:58.0055 6360 VSS - ok
11:14:58.0177 6360 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
11:14:58.0203 6360 vToolbarUpdater14.2.0 - ok
11:14:58.0211 6360 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:14:58.0212 6360 vwifibus - ok
11:14:58.0224 6360 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:14:58.0227 6360 vwififlt - ok
11:14:58.0239 6360 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:14:58.0244 6360 W32Time - ok
11:14:58.0250 6360 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:14:58.0251 6360 WacomPen - ok
11:14:58.0262 6360 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:14:58.0264 6360 WANARP - ok
11:14:58.0267 6360 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:14:58.0268 6360 Wanarpv6 - ok
11:14:58.0315 6360 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:14:58.0339 6360 wbengine - ok
11:14:58.0352 6360 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:14:58.0356 6360 WbioSrvc - ok
11:14:58.0373 6360 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:14:58.0376 6360 wcncsvc - ok
11:14:58.0383 6360 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:14:58.0385 6360 WcsPlugInService - ok
11:14:58.0387 6360 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:14:58.0388 6360 Wd - ok
11:14:58.0414 6360 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:14:58.0419 6360 Wdf01000 - ok
11:14:58.0429 6360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:14:58.0433 6360 WdiServiceHost - ok
11:14:58.0437 6360 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:14:58.0439 6360 WdiSystemHost - ok
11:14:58.0452 6360 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:14:58.0456 6360 WebClient - ok
11:14:58.0470 6360 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:14:58.0473 6360 Wecsvc - ok
11:14:58.0486 6360 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:14:58.0489 6360 wercplsupport - ok
11:14:58.0509 6360 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:14:58.0513 6360 WerSvc - ok
11:14:58.0520 6360 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:14:58.0521 6360 WfpLwf - ok
11:14:58.0550 6360 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:14:58.0553 6360 WimFltr - ok
11:14:58.0561 6360 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:14:58.0563 6360 WIMMount - ok
11:14:58.0587 6360 WinDefend - ok
11:14:58.0600 6360 WinHttpAutoProxySvc - ok
11:14:58.0648 6360 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:14:58.0651 6360 Winmgmt - ok
11:14:58.0688 6360 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:14:58.0715 6360 WinRM - ok
11:14:58.0742 6360 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:14:58.0743 6360 WinUsb - ok
11:14:58.0773 6360 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:14:58.0785 6360 Wlansvc - ok
11:14:58.0842 6360 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:14:58.0844 6360 wlcrasvc - ok
11:14:58.0916 6360 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:14:58.0959 6360 wlidsvc - ok
11:14:58.0963 6360 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:14:58.0964 6360 WmiAcpi - ok
11:14:58.0973 6360 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:14:58.0975 6360 wmiApSrv - ok
11:14:58.0994 6360 WMPNetworkSvc - ok
11:14:59.0022 6360 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:14:59.0025 6360 WPCSvc - ok
11:14:59.0037 6360 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:14:59.0040 6360 WPDBusEnum - ok
11:14:59.0052 6360 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:14:59.0053 6360 ws2ifsl - ok
11:14:59.0064 6360 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:14:59.0068 6360 wscsvc - ok
11:14:59.0071 6360 WSearch - ok
11:14:59.0136 6360 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:14:59.0170 6360 wuauserv - ok
11:14:59.0210 6360 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:14:59.0215 6360 WudfPf - ok
11:14:59.0241 6360 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:14:59.0244 6360 WUDFRd - ok
11:14:59.0263 6360 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:14:59.0266 6360 wudfsvc - ok
11:14:59.0307 6360 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:14:59.0311 6360 WwanSvc - ok
11:14:59.0342 6360 ================ Scan global ===============================
11:14:59.0374 6360 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:14:59.0406 6360 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:14:59.0414 6360 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:14:59.0459 6360 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:14:59.0475 6360 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:14:59.0480 6360 [Global] - ok
11:14:59.0481 6360 ================ Scan MBR ==================================
11:14:59.0497 6360 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:14:59.0698 6360 \Device\Harddisk0\DR0 - ok
11:14:59.0702 6360 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:14:59.0708 6360 \Device\Harddisk1\DR1 - ok
11:14:59.0708 6360 ================ Scan VBR ==================================
11:14:59.0711 6360 [ 09902DB6AAF6FC129F0D66A8AF3DB3A9 ] \Device\Harddisk0\DR0\Partition1
11:14:59.0713 6360 \Device\Harddisk0\DR0\Partition1 - ok
11:14:59.0736 6360 [ A60809C4F5D49DA5FB41B63DFFBA5BE1 ] \Device\Harddisk0\DR0\Partition2
11:14:59.0738 6360 \Device\Harddisk0\DR0\Partition2 - ok
11:14:59.0742 6360 [ 9EF86E395D1230C6140FD15EFE0B7948 ] \Device\Harddisk1\DR1\Partition1
11:14:59.0743 6360 \Device\Harddisk1\DR1\Partition1 - ok
11:14:59.0744 6360 ============================================================
11:14:59.0744 6360 Scan finished
11:14:59.0744 6360 ============================================================
11:14:59.0754 5920 Detected object count: 0
11:14:59.0754 5920 Actual detected object count: 0
|
|
19.05.2013, 01:56
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BKA - Paysafe Virus, Windows 7 gesperrtZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.05.2013, 10:22
| #15 |
| | BKA - Paysafe Virus, Windows 7 gesperrt Sorry. Jetzt habe ich das Programm richtig eingestellt. Code:
ATTFilter 11:17:11.0459 6020 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:17:11.0599 6020 ============================================================
11:17:11.0599 6020 Current date / time: 2013/05/19 11:17:11.0599
11:17:11.0599 6020 SystemInfo:
11:17:11.0599 6020
11:17:11.0599 6020 OS Version: 6.1.7601 ServicePack: 1.0
11:17:11.0599 6020 Product type: Workstation
11:17:11.0599 6020 ComputerName: RAMIN-PC
11:17:11.0599 6020 UserName: Ramin
11:17:11.0599 6020 Windows directory: C:\Windows
11:17:11.0599 6020 System windows directory: C:\Windows
11:17:11.0599 6020 Running under WOW64
11:17:11.0599 6020 Processor architecture: Intel x64
11:17:11.0599 6020 Number of processors: 4
11:17:11.0599 6020 Page size: 0x1000
11:17:11.0599 6020 Boot type: Normal boot
11:17:11.0599 6020 ============================================================
11:17:12.0199 6020 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:17:12.0209 6020 Drive \Device\Harddisk1\DR1 - Size: 0x393180000 (14.30 Gb), SectorSize: 0x200, Cylinders: 0x74A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:17:12.0229 6020 ============================================================
11:17:12.0229 6020 \Device\Harddisk0\DR0:
11:17:12.0229 6020 MBR partitions:
11:17:12.0229 6020 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1986000
11:17:12.0229 6020 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x199A000, BlocksNum 0x72D6C000
11:17:12.0229 6020 \Device\Harddisk1\DR1:
11:17:12.0229 6020 MBR partitions:
11:17:12.0229 6020 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x1C96C80
11:17:12.0229 6020 ============================================================
11:17:12.0319 6020 C: <-> \Device\Harddisk0\DR0\Partition2
11:17:12.0319 6020 ============================================================
11:17:12.0319 6020 Initialize success
11:17:12.0319 6020 ============================================================
11:19:06.0082 7236 ============================================================
11:19:06.0082 7236 Scan started
11:19:06.0082 7236 Mode: Manual; SigCheck; TDLFS;
11:19:06.0082 7236 ============================================================
11:19:06.0412 7236 ================ Scan system memory ========================
11:19:06.0412 7236 System memory - ok
11:19:06.0412 7236 ================ Scan services =============================
11:19:06.0532 7236 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:19:06.0672 7236 1394ohci - ok
11:19:06.0692 7236 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:19:06.0702 7236 ACPI - ok
11:19:06.0712 7236 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:19:06.0732 7236 AcpiPmi - ok
11:19:06.0822 7236 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:19:06.0832 7236 AdobeARMservice - ok
11:19:06.0932 7236 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:19:06.0952 7236 AdobeFlashPlayerUpdateSvc - ok
11:19:07.0002 7236 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
11:19:07.0022 7236 adp94xx - ok
11:19:07.0052 7236 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
11:19:07.0092 7236 adpahci - ok
11:19:07.0112 7236 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
11:19:07.0122 7236 adpu320 - ok
11:19:07.0142 7236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:19:07.0162 7236 AeLookupSvc - ok
11:19:07.0232 7236 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:19:07.0242 7236 AERTFilters - ok
11:19:07.0292 7236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:19:07.0332 7236 AFD - ok
11:19:07.0362 7236 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:19:07.0382 7236 agp440 - ok
11:19:07.0392 7236 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:19:07.0422 7236 ALG - ok
11:19:07.0442 7236 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:19:07.0452 7236 aliide - ok
11:19:07.0492 7236 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:19:07.0532 7236 AMD External Events Utility - ok
11:19:07.0532 7236 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:19:07.0552 7236 amdide - ok
11:19:07.0562 7236 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
11:19:07.0572 7236 AmdK8 - ok
11:19:07.0702 7236 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
11:19:07.0882 7236 amdkmdag - ok
11:19:07.0902 7236 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
11:19:07.0942 7236 amdkmdap - ok
11:19:07.0952 7236 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
11:19:07.0992 7236 AmdPPM - ok
11:19:08.0022 7236 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:19:08.0032 7236 amdsata - ok
11:19:08.0052 7236 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
11:19:08.0062 7236 amdsbs - ok
11:19:08.0072 7236 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:19:08.0082 7236 amdxata - ok
11:19:08.0102 7236 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:19:08.0152 7236 AppID - ok
11:19:08.0202 7236 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:19:08.0262 7236 AppIDSvc - ok
11:19:08.0332 7236 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:19:08.0352 7236 Appinfo - ok
11:19:08.0392 7236 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:19:08.0402 7236 AppMgmt - ok
11:19:08.0422 7236 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
11:19:08.0432 7236 arc - ok
11:19:08.0442 7236 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
11:19:08.0452 7236 arcsas - ok
11:19:08.0512 7236 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:19:08.0522 7236 aspnet_state - ok
11:19:08.0562 7236 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:19:08.0612 7236 AsyncMac - ok
11:19:08.0672 7236 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:19:08.0682 7236 atapi - ok
11:19:08.0752 7236 [ 96ABF88241F90FF647E55C934C55C2F1 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:19:08.0832 7236 athr - ok
11:19:08.0872 7236 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
11:19:08.0902 7236 AtiHDAudioService - ok
11:19:08.0942 7236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:19:08.0982 7236 AudioEndpointBuilder - ok
11:19:08.0992 7236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:19:09.0012 7236 AudioSrv - ok
11:19:09.0052 7236 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
11:19:09.0062 7236 Avgfwfd - ok
11:19:09.0142 7236 [ 6C469E3CB15CF33AD3E757096E6C7026 ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
11:19:09.0182 7236 avgfws - ok
11:19:09.0292 7236 [ 231B6AD3DB2866BC3FDB9979E6B2B61E ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
11:19:09.0342 7236 AVGIDSAgent - ok
11:19:09.0362 7236 [ 633360E94804E7BAFE642017817C9413 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
11:19:09.0372 7236 AVGIDSDriver - ok
11:19:09.0382 7236 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
11:19:09.0402 7236 AVGIDSFilter - ok
11:19:09.0442 7236 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
11:19:09.0452 7236 AVGIDSHA - ok
11:19:09.0462 7236 [ BE8BC5D10ABA05D7F6E79D8296906C86 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
11:19:09.0472 7236 Avgldx64 - ok
11:19:09.0492 7236 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
11:19:09.0492 7236 Avgmfx64 - ok
11:19:09.0512 7236 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
11:19:09.0522 7236 Avgrkx64 - ok
11:19:09.0572 7236 [ A441A655D6D9DDDDBA11994530F84981 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
11:19:09.0592 7236 Avgtdia - ok
11:19:09.0622 7236 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
11:19:09.0632 7236 avgtp - ok
11:19:09.0682 7236 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
11:19:09.0692 7236 avgwd - ok
11:19:09.0752 7236 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:19:09.0802 7236 AxInstSV - ok
11:19:09.0842 7236 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
11:19:09.0872 7236 b06bdrv - ok
11:19:09.0902 7236 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:19:09.0942 7236 b57nd60a - ok
11:19:10.0052 7236 [ A2494901E7226B356B8C1005C45F1C5F ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
11:19:10.0072 7236 BBSvc - ok
11:19:10.0082 7236 [ 63B1CBBAE4790B5BAC98F01BF9449722 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
11:19:10.0092 7236 BBUpdate - ok
11:19:10.0102 7236 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:19:10.0112 7236 BDESVC - ok
11:19:10.0122 7236 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:19:10.0142 7236 Beep - ok
11:19:10.0192 7236 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:19:10.0242 7236 BFE - ok
11:19:10.0282 7236 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
11:19:10.0342 7236 BITS - ok
11:19:10.0372 7236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:19:10.0402 7236 blbdrive - ok
11:19:10.0442 7236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:19:10.0472 7236 bowser - ok
11:19:10.0492 7236 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
11:19:10.0532 7236 BrFiltLo - ok
11:19:10.0532 7236 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
11:19:10.0552 7236 BrFiltUp - ok
11:19:10.0612 7236 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
11:19:10.0642 7236 BridgeMP - ok
11:19:10.0682 7236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:19:10.0712 7236 Browser - ok
11:19:10.0712 7236 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:19:10.0752 7236 Brserid - ok
11:19:10.0752 7236 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:19:10.0802 7236 BrSerWdm - ok
11:19:10.0802 7236 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:19:10.0822 7236 BrUsbMdm - ok
11:19:10.0822 7236 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:19:10.0832 7236 BrUsbSer - ok
11:19:10.0832 7236 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
11:19:10.0842 7236 BTHMODEM - ok
11:19:10.0872 7236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:19:10.0892 7236 bthserv - ok
11:19:10.0902 7236 catchme - ok
11:19:10.0912 7236 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:19:10.0932 7236 cdfs - ok
11:19:10.0952 7236 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:19:10.0962 7236 cdrom - ok
11:19:10.0982 7236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:19:11.0012 7236 CertPropSvc - ok
11:19:11.0022 7236 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
11:19:11.0032 7236 circlass - ok
11:19:11.0052 7236 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:19:11.0062 7236 CLFS - ok
11:19:11.0102 7236 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:19:11.0112 7236 clr_optimization_v2.0.50727_32 - ok
11:19:11.0142 7236 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:19:11.0152 7236 clr_optimization_v2.0.50727_64 - ok
11:19:11.0212 7236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:19:11.0222 7236 clr_optimization_v4.0.30319_32 - ok
11:19:11.0252 7236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:19:11.0252 7236 clr_optimization_v4.0.30319_64 - ok
11:19:11.0262 7236 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
11:19:11.0302 7236 CmBatt - ok
11:19:11.0302 7236 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:19:11.0312 7236 cmdide - ok
11:19:11.0352 7236 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:19:11.0382 7236 CNG - ok
11:19:11.0392 7236 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
11:19:11.0392 7236 Compbatt - ok
11:19:11.0402 7236 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
11:19:11.0422 7236 CompositeBus - ok
11:19:11.0422 7236 COMSysApp - ok
11:19:11.0442 7236 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
11:19:11.0452 7236 crcdisk - ok
11:19:11.0472 7236 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:19:11.0502 7236 CryptSvc - ok
11:19:11.0542 7236 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:19:11.0582 7236 CSC - ok
11:19:11.0612 7236 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:19:11.0642 7236 CscService - ok
11:19:11.0682 7236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:19:11.0732 7236 DcomLaunch - ok
11:19:11.0762 7236 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:19:11.0792 7236 defragsvc - ok
11:19:11.0792 7236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:19:11.0832 7236 DfsC - ok
11:19:11.0872 7236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:19:11.0922 7236 Dhcp - ok
11:19:11.0942 7236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:19:11.0992 7236 discache - ok
11:19:12.0012 7236 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
11:19:12.0012 7236 Disk - ok
11:19:12.0042 7236 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
11:19:12.0052 7236 dmvsc - ok
11:19:12.0082 7236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:19:12.0112 7236 Dnscache - ok
11:19:12.0128 7236 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:19:12.0174 7236 dot3svc - ok
11:19:12.0206 7236 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:19:12.0252 7236 Dot4 - ok
11:19:12.0268 7236 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:19:12.0284 7236 Dot4Print - ok
11:19:12.0299 7236 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:19:12.0330 7236 dot4usb - ok
11:19:12.0330 7236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:19:12.0362 7236 DPS - ok
11:19:12.0393 7236 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:19:12.0424 7236 drmkaud - ok
11:19:12.0455 7236 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:19:12.0486 7236 DXGKrnl - ok
11:19:12.0518 7236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:19:12.0564 7236 EapHost - ok
11:19:12.0658 7236 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
11:19:12.0736 7236 ebdrv - ok
11:19:12.0783 7236 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:19:12.0798 7236 EFS - ok
11:19:12.0861 7236 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:19:12.0876 7236 ehRecvr - ok
11:19:12.0892 7236 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:19:12.0923 7236 ehSched - ok
11:19:12.0954 7236 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
11:19:12.0986 7236 elxstor - ok
11:19:12.0986 7236 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:19:13.0001 7236 ErrDev - ok
11:19:13.0048 7236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:19:13.0110 7236 EventSystem - ok
11:19:13.0126 7236 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:19:13.0157 7236 exfat - ok
11:19:13.0173 7236 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:19:13.0204 7236 fastfat - ok
11:19:13.0235 7236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:19:13.0266 7236 Fax - ok
11:19:13.0282 7236 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
11:19:13.0298 7236 fdc - ok
11:19:13.0313 7236 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:19:13.0360 7236 fdPHost - ok
11:19:13.0360 7236 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:19:13.0391 7236 FDResPub - ok
11:19:13.0391 7236 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:19:13.0407 7236 FileInfo - ok
11:19:13.0422 7236 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:19:13.0500 7236 Filetrace - ok
11:19:13.0516 7236 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
11:19:13.0532 7236 flpydisk - ok
11:19:13.0532 7236 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:19:13.0547 7236 FltMgr - ok
11:19:13.0578 7236 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:19:13.0610 7236 FontCache - ok
11:19:13.0641 7236 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:19:13.0656 7236 FontCache3.0.0.0 - ok
11:19:13.0672 7236 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:19:13.0688 7236 FsDepends - ok
11:19:13.0688 7236 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:19:13.0703 7236 Fs_Rec - ok
11:19:13.0719 7236 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:19:13.0734 7236 fvevol - ok
11:19:13.0750 7236 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
11:19:13.0766 7236 gagp30kx - ok
11:19:13.0797 7236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:19:13.0844 7236 gpsvc - ok
11:19:13.0859 7236 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:19:13.0875 7236 hcw85cir - ok
11:19:13.0906 7236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:19:13.0953 7236 HDAudBus - ok
11:19:13.0968 7236 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
11:19:14.0015 7236 HidBatt - ok
11:19:14.0031 7236 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
11:19:14.0046 7236 HidBth - ok
11:19:14.0078 7236 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
11:19:14.0093 7236 HidIr - ok
11:19:14.0093 7236 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
11:19:14.0124 7236 hidserv - ok
11:19:14.0140 7236 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:19:14.0156 7236 HidUsb - ok
11:19:14.0171 7236 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:19:14.0202 7236 hkmsvc - ok
11:19:14.0218 7236 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:19:14.0234 7236 HomeGroupListener - ok
11:19:14.0249 7236 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:19:14.0280 7236 HomeGroupProvider - ok
11:19:14.0358 7236 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:19:14.0390 7236 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0390 7236 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
11:19:14.0421 7236 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:19:14.0421 7236 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0421 7236 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
11:19:14.0436 7236 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:19:14.0452 7236 HpSAMD - ok
11:19:14.0530 7236 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:19:14.0561 7236 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
11:19:14.0561 7236 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
11:19:14.0592 7236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:19:14.0670 7236 HTTP - ok
11:19:14.0686 7236 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:19:14.0702 7236 hwpolicy - ok
11:19:14.0733 7236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:19:14.0748 7236 i8042prt - ok
11:19:14.0780 7236 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
11:19:14.0795 7236 iaStor - ok
11:19:14.0842 7236 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:19:14.0858 7236 IAStorDataMgrSvc - ok
11:19:14.0889 7236 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:19:14.0920 7236 iaStorV - ok
11:19:14.0951 7236 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:19:14.0982 7236 idsvc - ok
11:19:14.0982 7236 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
11:19:14.0998 7236 iirsp - ok
11:19:15.0014 7236 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:19:15.0076 7236 IKEEXT - ok
11:19:15.0123 7236 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:19:15.0154 7236 IntcAzAudAddService - ok
11:19:15.0170 7236 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
11:19:15.0185 7236 IntcDAud - ok
11:19:15.0201 7236 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:19:15.0201 7236 intelide - ok
11:19:15.0232 7236 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:19:15.0263 7236 intelppm - ok
11:19:15.0294 7236 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:19:15.0326 7236 IPBusEnum - ok
11:19:15.0341 7236 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:19:15.0388 7236 IpFilterDriver - ok
11:19:15.0466 7236 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:19:15.0482 7236 iphlpsvc - ok
11:19:15.0497 7236 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:19:15.0513 7236 IPMIDRV - ok
11:19:15.0528 7236 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:19:15.0560 7236 IPNAT - ok
11:19:15.0575 7236 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:19:15.0606 7236 IRENUM - ok
11:19:15.0622 7236 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:19:15.0622 7236 isapnp - ok
11:19:15.0638 7236 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:19:15.0653 7236 iScsiPrt - ok
11:19:15.0653 7236 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
11:19:15.0669 7236 k57nd60a - ok
11:19:15.0684 7236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:19:15.0684 7236 kbdclass - ok
11:19:15.0700 7236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:19:15.0700 7236 kbdhid - ok
11:19:15.0716 7236 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:19:15.0731 7236 KeyIso - ok
11:19:15.0778 7236 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:19:15.0794 7236 KSecDD - ok
11:19:15.0794 7236 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:19:15.0809 7236 KSecPkg - ok
11:19:15.0825 7236 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:19:15.0856 7236 ksthunk - ok
11:19:15.0887 7236 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:19:15.0918 7236 KtmRm - ok
11:19:15.0950 7236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
11:19:16.0012 7236 LanmanServer - ok
11:19:16.0028 7236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:19:16.0074 7236 LanmanWorkstation - ok
11:19:16.0090 7236 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:19:16.0137 7236 lltdio - ok
11:19:16.0168 7236 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:19:16.0199 7236 lltdsvc - ok
11:19:16.0215 7236 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:19:16.0277 7236 lmhosts - ok
11:19:16.0308 7236 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
11:19:16.0324 7236 LSI_FC - ok
11:19:16.0324 7236 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
11:19:16.0340 7236 LSI_SAS - ok
11:19:16.0340 7236 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
11:19:16.0355 7236 LSI_SAS2 - ok
11:19:16.0371 7236 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
11:19:16.0371 7236 LSI_SCSI - ok
11:19:16.0386 7236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:19:16.0418 7236 luafv - ok
11:19:16.0480 7236 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:19:16.0480 7236 LVPr2M64 - ok
11:19:16.0511 7236 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
11:19:16.0527 7236 LVPr2Mon - ok
11:19:16.0589 7236 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:19:16.0605 7236 LVPrcS64 - ok
11:19:16.0620 7236 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
11:19:16.0636 7236 LVRS64 - ok
11:19:16.0730 7236 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
11:19:16.0870 7236 LVUVC64 - ok
11:19:16.0886 7236 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:19:16.0901 7236 MBAMProtector - ok
11:19:16.0948 7236 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:19:16.0979 7236 MBAMScheduler - ok
11:19:16.0995 7236 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:19:17.0010 7236 MBAMService - ok
11:19:17.0026 7236 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:19:17.0057 7236 Mcx2Svc - ok
11:19:17.0073 7236 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
11:19:17.0073 7236 megasas - ok
11:19:17.0088 7236 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
11:19:17.0104 7236 MegaSR - ok
11:19:17.0135 7236 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:19:17.0151 7236 MEIx64 - ok
11:19:17.0182 7236 Microsoft SharePoint Workspace Audit Service - ok
11:19:17.0213 7236 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:19:17.0276 7236 MMCSS - ok
11:19:17.0276 7236 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:19:17.0322 7236 Modem - ok
11:19:17.0338 7236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:19:17.0369 7236 monitor - ok
11:19:17.0385 7236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:19:17.0400 7236 mouclass - ok
11:19:17.0432 7236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:19:17.0447 7236 mouhid - ok
11:19:17.0478 7236 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:19:17.0478 7236 mountmgr - ok
11:19:17.0525 7236 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:19:17.0541 7236 MozillaMaintenance - ok
11:19:17.0541 7236 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:19:17.0556 7236 mpio - ok
11:19:17.0572 7236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:19:17.0603 7236 mpsdrv - ok
11:19:17.0619 7236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:19:17.0650 7236 MpsSvc - ok
11:19:17.0666 7236 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:19:17.0697 7236 MRxDAV - ok
11:19:17.0728 7236 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:19:17.0744 7236 mrxsmb - ok
11:19:17.0759 7236 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:19:17.0790 7236 mrxsmb10 - ok
11:19:17.0806 7236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:19:17.0822 7236 mrxsmb20 - ok
11:19:17.0837 7236 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:19:17.0853 7236 msahci - ok
11:19:17.0868 7236 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:19:17.0884 7236 msdsm - ok
11:19:17.0900 7236 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:19:17.0931 7236 MSDTC - ok
11:19:17.0962 7236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:19:18.0024 7236 Msfs - ok
11:19:18.0040 7236 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:19:18.0087 7236 mshidkmdf - ok
11:19:18.0102 7236 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:19:18.0102 7236 msisadrv - ok
11:19:18.0134 7236 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:19:18.0180 7236 MSiSCSI - ok
11:19:18.0180 7236 msiserver - ok
11:19:18.0212 7236 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:19:18.0258 7236 MSKSSRV - ok
11:19:18.0274 7236 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:19:18.0321 7236 MSPCLOCK - ok
11:19:18.0321 7236 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:19:18.0352 7236 MSPQM - ok
11:19:18.0368 7236 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:19:18.0368 7236 MsRPC - ok
11:19:18.0383 7236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
11:19:18.0399 7236 mssmbios - ok
11:19:18.0399 7236 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:19:18.0430 7236 MSTEE - ok
11:19:18.0430 7236 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
11:19:18.0430 7236 MTConfig - ok
11:19:18.0446 7236 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:19:18.0446 7236 Mup - ok
11:19:18.0477 7236 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:19:18.0508 7236 napagent - ok
11:19:18.0539 7236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:19:18.0570 7236 NativeWifiP - ok
11:19:18.0617 7236 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:19:18.0648 7236 NDIS - ok
11:19:18.0664 7236 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:19:18.0680 7236 NdisCap - ok
11:19:18.0695 7236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:19:18.0726 7236 NdisTapi - ok
11:19:18.0742 7236 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:19:18.0758 7236 Ndisuio - ok
11:19:18.0773 7236 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:19:18.0836 7236 NdisWan - ok
11:19:18.0851 7236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:19:18.0867 7236 NDProxy - ok
11:19:18.0898 7236 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:19:18.0898 7236 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:19:18.0898 7236 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:19:18.0898 7236 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:19:18.0960 7236 NetBIOS - ok
11:19:19.0007 7236 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:19:19.0038 7236 NetBT - ok
11:19:19.0038 7236 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:19:19.0054 7236 Netlogon - ok
11:19:19.0085 7236 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:19:19.0132 7236 Netman - ok
11:19:19.0194 7236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0210 7236 NetMsmqActivator - ok
11:19:19.0210 7236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0226 7236 NetPipeActivator - ok
11:19:19.0241 7236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:19:19.0288 7236 netprofm - ok
11:19:19.0288 7236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0288 7236 NetTcpActivator - ok
11:19:19.0304 7236 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:19:19.0304 7236 NetTcpPortSharing - ok
11:19:19.0350 7236 [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
11:19:19.0382 7236 netvsc - ok
11:19:19.0397 7236 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
11:19:19.0413 7236 nfrd960 - ok
11:19:19.0444 7236 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:19:19.0460 7236 NlaSvc - ok
11:19:19.0475 7236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:19:19.0522 7236 Npfs - ok
11:19:19.0522 7236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:19:19.0553 7236 nsi - ok
11:19:19.0569 7236 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:19:19.0631 7236 nsiproxy - ok
11:19:19.0694 7236 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:19:19.0725 7236 Ntfs - ok
11:19:19.0740 7236 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:19:19.0772 7236 Null - ok
11:19:19.0787 7236 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:19:19.0803 7236 nvraid - ok
11:19:19.0818 7236 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:19:19.0834 7236 nvstor - ok
11:19:19.0850 7236 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:19:19.0850 7236 nv_agp - ok
11:19:19.0865 7236 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:19:19.0881 7236 ohci1394 - ok
11:19:19.0912 7236 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:19:19.0928 7236 ose - ok
11:19:20.0068 7236 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:19:20.0115 7236 osppsvc - ok
11:19:20.0146 7236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:19:20.0193 7236 p2pimsvc - ok
11:19:20.0224 7236 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:19:20.0255 7236 p2psvc - ok
11:19:20.0271 7236 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
11:19:20.0286 7236 Parport - ok
11:19:20.0333 7236 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:19:20.0349 7236 partmgr - ok
11:19:20.0349 7236 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:19:20.0380 7236 PcaSvc - ok
11:19:20.0458 7236 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
11:19:20.0474 7236 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
11:19:20.0489 7236 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:19:20.0505 7236 pci - ok
11:19:20.0536 7236 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:19:20.0552 7236 pciide - ok
11:19:20.0583 7236 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
11:19:20.0598 7236 pcmcia - ok
11:19:20.0614 7236 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:19:20.0630 7236 pcw - ok
11:19:20.0630 7236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:19:20.0692 7236 PEAUTH - ok
11:19:20.0739 7236 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:19:20.0801 7236 PeerDistSvc - ok
11:19:20.0864 7236 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:19:20.0895 7236 PerfHost - ok
11:19:20.0942 7236 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:19:20.0988 7236 pla - ok
11:19:21.0051 7236 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:19:21.0082 7236 PlugPlay - ok
11:19:21.0098 7236 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:19:21.0113 7236 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
11:19:21.0113 7236 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
11:19:21.0144 7236 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:19:21.0160 7236 PNRPAutoReg - ok
11:19:21.0191 7236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:19:21.0207 7236 PNRPsvc - ok
11:19:21.0238 7236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:19:21.0285 7236 PolicyAgent - ok
11:19:21.0332 7236 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
11:19:21.0347 7236 Power - ok
11:19:21.0378 7236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:19:21.0394 7236 PptpMiniport - ok
11:19:21.0410 7236 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
11:19:21.0425 7236 Processor - ok
11:19:21.0472 7236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:19:21.0488 7236 ProfSvc - ok
11:19:21.0503 7236 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:19:21.0519 7236 ProtectedStorage - ok
11:19:21.0534 7236 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:19:21.0581 7236 Psched - ok
11:19:21.0612 7236 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
11:19:21.0628 7236 PxHlpa64 - ok
11:19:21.0659 7236 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
11:19:21.0706 7236 ql2300 - ok
11:19:21.0706 7236 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
11:19:21.0706 7236 ql40xx - ok
11:19:21.0737 7236 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:19:21.0753 7236 QWAVE - ok
11:19:21.0753 7236 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:19:21.0768 7236 QWAVEdrv - ok
11:19:21.0768 7236 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:19:21.0784 7236 RasAcd - ok
11:19:21.0831 7236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:19:21.0846 7236 RasAgileVpn - ok
11:19:21.0878 7236 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:19:21.0893 7236 RasAuto - ok
11:19:21.0909 7236 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:19:21.0940 7236 Rasl2tp - ok
11:19:21.0971 7236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:19:22.0002 7236 RasMan - ok
11:19:22.0002 7236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:19:22.0049 7236 RasPppoe - ok
11:19:22.0065 7236 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:19:22.0080 7236 RasSstp - ok
11:19:22.0112 7236 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:19:22.0127 7236 rdbss - ok
11:19:22.0143 7236 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:19:22.0158 7236 rdpbus - ok
11:19:22.0158 7236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:19:22.0190 7236 RDPCDD - ok
11:19:22.0205 7236 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:19:22.0205 7236 RDPDR - ok
11:19:22.0221 7236 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:19:22.0268 7236 RDPENCDD - ok
11:19:22.0299 7236 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:19:22.0314 7236 RDPREFMP - ok
11:19:22.0346 7236 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:19:22.0361 7236 RDPWD - ok
11:19:22.0392 7236 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:19:22.0408 7236 rdyboost - ok
11:19:22.0424 7236 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:19:22.0439 7236 RemoteAccess - ok
11:19:22.0455 7236 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:19:22.0486 7236 RemoteRegistry - ok
11:19:22.0533 7236 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:19:22.0548 7236 RimUsb - ok
11:19:22.0626 7236 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:19:22.0642 7236 RoxMediaDB12OEM - ok
11:19:22.0658 7236 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:19:22.0658 7236 RoxWatch12 - ok
11:19:22.0689 7236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:19:22.0720 7236 RpcEptMapper - ok
11:19:22.0751 7236 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:19:22.0782 7236 RpcLocator - ok
11:19:22.0814 7236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:19:22.0845 7236 RpcSs - ok
11:19:22.0860 7236 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:19:22.0876 7236 rspndr - ok
11:19:22.0907 7236 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:19:22.0938 7236 s3cap - ok
11:19:22.0954 7236 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:19:22.0970 7236 SamSs - ok
11:19:22.0985 7236 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:19:23.0001 7236 sbp2port - ok
11:19:23.0016 7236 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:19:23.0063 7236 SCardSvr - ok
11:19:23.0079 7236 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:19:23.0141 7236 scfilter - ok
11:19:23.0172 7236 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:19:23.0188 7236 Schedule - ok
11:19:23.0219 7236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:19:23.0235 7236 SCPolicySvc - ok
11:19:23.0250 7236 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:19:23.0282 7236 SDRSVC - ok
11:19:23.0313 7236 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:19:23.0360 7236 secdrv - ok
11:19:23.0375 7236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:19:23.0391 7236 seclogon - ok
11:19:23.0422 7236 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
11:19:23.0484 7236 SENS - ok
11:19:23.0484 7236 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:19:23.0500 7236 SensrSvc - ok
11:19:23.0531 7236 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
11:19:23.0562 7236 Serenum - ok
11:19:23.0562 7236 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
11:19:23.0578 7236 Serial - ok
11:19:23.0609 7236 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
11:19:23.0640 7236 sermouse - ok
11:19:23.0672 7236 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:19:23.0718 7236 SessionEnv - ok
11:19:23.0718 7236 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:19:23.0734 7236 sffdisk - ok
11:19:23.0734 7236 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:19:23.0750 7236 sffp_mmc - ok
11:19:23.0750 7236 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:19:23.0765 7236 sffp_sd - ok
11:19:23.0781 7236 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:19:23.0796 7236 sfloppy - ok
11:19:23.0843 7236 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:19:23.0874 7236 SftService - ok
11:19:23.0906 7236 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:19:23.0968 7236 SharedAccess - ok
11:19:23.0968 7236 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:19:23.0999 7236 ShellHWDetection - ok
11:19:23.0999 7236 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
11:19:24.0015 7236 SiSRaid2 - ok
11:19:24.0015 7236 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
11:19:24.0015 7236 SiSRaid4 - ok
11:19:24.0077 7236 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:19:24.0093 7236 SkypeUpdate - ok
11:19:24.0108 7236 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:19:24.0140 7236 Smb - ok
11:19:24.0171 7236 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:19:24.0202 7236 SNMPTRAP - ok
11:19:24.0218 7236 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:19:24.0233 7236 spldr - ok
11:19:24.0280 7236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:19:24.0311 7236 Spooler - ok
11:19:24.0389 7236 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:19:24.0483 7236 sppsvc - ok
11:19:24.0498 7236 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:19:24.0514 7236 sppuinotify - ok
11:19:24.0545 7236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:19:24.0576 7236 srv - ok
11:19:24.0592 7236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:19:24.0623 7236 srv2 - ok
11:19:24.0654 7236 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:19:24.0670 7236 srvnet - ok
11:19:24.0701 7236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:19:24.0717 7236 SSDPSRV - ok
11:19:24.0732 7236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:19:24.0764 7236 SstpSvc - ok
11:19:24.0779 7236 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\Windows\system32\DRIVERS\ss_bus.sys
11:19:24.0795 7236 ss_bus - ok
11:19:24.0810 7236 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\Windows\system32\DRIVERS\ss_mdfl.sys
11:19:24.0826 7236 ss_mdfl - ok
11:19:24.0842 7236 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\Windows\system32\DRIVERS\ss_mdm.sys
11:19:24.0842 7236 ss_mdm - ok
11:19:24.0873 7236 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
11:19:24.0888 7236 stexstor - ok
11:19:24.0920 7236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:19:24.0951 7236 stisvc - ok
11:19:24.0982 7236 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:19:24.0982 7236 stllssvr - ok
11:19:24.0998 7236 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:19:25.0013 7236 StorSvc - ok
11:19:25.0044 7236 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:19:25.0060 7236 storvsc - ok
11:19:25.0076 7236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
11:19:25.0091 7236 swenum - ok
11:19:25.0107 7236 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:19:25.0154 7236 swprv - ok
11:19:25.0154 7236 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:19:25.0185 7236 SynthVid - ok
11:19:25.0232 7236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:19:25.0278 7236 SysMain - ok
11:19:25.0294 7236 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:19:25.0310 7236 TabletInputService - ok
11:19:25.0310 7236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:19:25.0372 7236 TapiSrv - ok
11:19:25.0388 7236 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:19:25.0403 7236 TBS - ok
11:19:25.0450 7236 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:19:25.0481 7236 Tcpip - ok
11:19:25.0528 7236 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:19:25.0559 7236 TCPIP6 - ok
11:19:25.0575 7236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:19:25.0575 7236 tcpipreg - ok
11:19:25.0606 7236 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:19:25.0622 7236 TDPIPE - ok
11:19:25.0653 7236 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:19:25.0668 7236 TDTCP - ok
11:19:25.0684 7236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:19:25.0731 7236 tdx - ok
11:19:25.0731 7236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
11:19:25.0746 7236 TermDD - ok
11:19:25.0746 7236 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:19:25.0793 7236 TermService - ok
11:19:25.0809 7236 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:19:25.0840 7236 Themes - ok
11:19:25.0871 7236 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:19:25.0887 7236 THREADORDER - ok
11:19:25.0902 7236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:19:25.0934 7236 TrkWks - ok
11:19:25.0980 7236 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:19:26.0012 7236 TrustedInstaller - ok
11:19:26.0012 7236 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:19:26.0043 7236 tssecsrv - ok
11:19:26.0058 7236 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:19:26.0058 7236 TsUsbFlt - ok
11:19:26.0058 7236 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
11:19:26.0074 7236 TsUsbGD - ok
11:19:26.0090 7236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:19:26.0152 7236 tunnel - ok
11:19:26.0168 7236 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
11:19:26.0168 7236 uagp35 - ok
11:19:26.0183 7236 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:19:26.0246 7236 udfs - ok
11:19:26.0261 7236 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:19:26.0292 7236 UI0Detect - ok
11:19:26.0308 7236 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:19:26.0324 7236 uliagpkx - ok
11:19:26.0355 7236 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
11:19:26.0370 7236 umbus - ok
11:19:26.0386 7236 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
11:19:26.0417 7236 UmPass - ok
11:19:26.0464 7236 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:19:26.0495 7236 UmRdpService - ok
11:19:26.0511 7236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:19:26.0573 7236 upnphost - ok
11:19:26.0604 7236 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
11:19:26.0651 7236 usbaudio - ok
11:19:26.0682 7236 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:19:26.0714 7236 usbccgp - ok
11:19:26.0714 7236 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:19:26.0729 7236 usbcir - ok
11:19:26.0745 7236 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:19:26.0776 7236 usbehci - ok
11:19:26.0807 7236 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:19:26.0838 7236 usbhub - ok
11:19:26.0870 7236 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:19:26.0885 7236 usbohci - ok
11:19:26.0916 7236 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:19:26.0948 7236 usbprint - ok
11:19:26.0994 7236 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:19:27.0026 7236 usbscan - ok
11:19:27.0026 7236 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:19:27.0057 7236 USBSTOR - ok
11:19:27.0088 7236 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:19:27.0119 7236 usbuhci - ok
11:19:27.0150 7236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:19:27.0182 7236 UxSms - ok
11:19:27.0197 7236 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:19:27.0213 7236 VaultSvc - ok
11:19:27.0213 7236 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:19:27.0213 7236 vdrvroot - ok
11:19:27.0228 7236 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:19:27.0291 7236 vds - ok
11:19:27.0306 7236 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:19:27.0322 7236 vga - ok
11:19:27.0338 7236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:19:27.0353 7236 VgaSave - ok
11:19:27.0369 7236 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:19:27.0369 7236 vhdmp - ok
11:19:27.0384 7236 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:19:27.0384 7236 viaide - ok
11:19:27.0400 7236 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:19:27.0416 7236 VMBusHID - ok
11:19:27.0431 7236 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:19:27.0431 7236 volmgr - ok
11:19:27.0447 7236 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:19:27.0462 7236 volmgrx - ok
11:19:27.0462 7236 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:19:27.0478 7236 volsnap - ok
11:19:27.0494 7236 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
11:19:27.0494 7236 vsmraid - ok
11:19:27.0525 7236 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:19:27.0603 7236 VSS - ok
11:19:27.0696 7236 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
11:19:27.0728 7236 vToolbarUpdater14.2.0 - ok
11:19:27.0743 7236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:19:27.0774 7236 vwifibus - ok
11:19:27.0790 7236 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:19:27.0837 7236 vwififlt - ok
11:19:27.0852 7236 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:19:27.0899 7236 W32Time - ok
11:19:27.0899 7236 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
11:19:27.0915 7236 WacomPen - ok
11:19:27.0946 7236 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:19:28.0008 7236 WANARP - ok
11:19:28.0024 7236 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:19:28.0071 7236 Wanarpv6 - ok
11:19:28.0102 7236 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:19:28.0164 7236 wbengine - ok
11:19:28.0196 7236 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:19:28.0211 7236 WbioSrvc - ok
11:19:28.0258 7236 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:19:28.0305 7236 wcncsvc - ok
11:19:28.0320 7236 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:19:28.0352 7236 WcsPlugInService - ok
11:19:28.0352 7236 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
11:19:28.0367 7236 Wd - ok
11:19:28.0398 7236 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:19:28.0430 7236 Wdf01000 - ok
11:19:28.0430 7236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:19:28.0508 7236 WdiServiceHost - ok
11:19:28.0508 7236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:19:28.0539 7236 WdiSystemHost - ok
11:19:28.0554 7236 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:19:28.0586 7236 WebClient - ok
11:19:28.0617 7236 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:19:28.0679 7236 Wecsvc - ok
11:19:28.0695 7236 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:19:28.0757 7236 wercplsupport - ok
11:19:28.0773 7236 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:19:28.0820 7236 WerSvc - ok
11:19:28.0835 7236 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:19:28.0851 7236 WfpLwf - ok
11:19:28.0882 7236 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:19:28.0882 7236 WimFltr - ok
11:19:28.0898 7236 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:19:28.0898 7236 WIMMount - ok
11:19:28.0929 7236 WinDefend - ok
11:19:28.0929 7236 WinHttpAutoProxySvc - ok
11:19:28.0976 7236 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:19:29.0007 7236 Winmgmt - ok
11:19:29.0054 7236 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:19:29.0116 7236 WinRM - ok
11:19:29.0147 7236 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:19:29.0163 7236 WinUsb - ok
11:19:29.0194 7236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:19:29.0241 7236 Wlansvc - ok
11:19:29.0288 7236 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:19:29.0303 7236 wlcrasvc - ok
11:19:29.0381 7236 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:19:29.0412 7236 wlidsvc - ok
11:19:29.0428 7236 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:19:29.0444 7236 WmiAcpi - ok
11:19:29.0459 7236 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:19:29.0490 7236 wmiApSrv - ok
11:19:29.0522 7236 WMPNetworkSvc - ok
11:19:29.0537 7236 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:19:29.0553 7236 WPCSvc - ok
11:19:29.0568 7236 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:19:29.0584 7236 WPDBusEnum - ok
11:19:29.0600 7236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:19:29.0615 7236 ws2ifsl - ok
11:19:29.0631 7236 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
11:19:29.0646 7236 wscsvc - ok
11:19:29.0662 7236 WSearch - ok
11:19:29.0740 7236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:19:29.0818 7236 wuauserv - ok
11:19:29.0849 7236 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:19:29.0865 7236 WudfPf - ok
11:19:29.0896 7236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:19:29.0927 7236 WUDFRd - ok
11:19:29.0958 7236 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:19:29.0990 7236 wudfsvc - ok
11:19:30.0036 7236 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:19:30.0052 7236 WwanSvc - ok
11:19:30.0083 7236 ================ Scan global ===============================
11:19:30.0114 7236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:19:30.0146 7236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:19:30.0146 7236 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:19:30.0177 7236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:19:30.0192 7236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:19:30.0192 7236 [Global] - ok
11:19:30.0192 7236 ================ Scan MBR ==================================
11:19:30.0208 7236 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:19:30.0473 7236 \Device\Harddisk0\DR0 - ok
11:19:30.0473 7236 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
11:19:30.0988 7236 \Device\Harddisk1\DR1 - ok
11:19:30.0988 7236 ================ Scan VBR ==================================
11:19:31.0004 7236 [ 09902DB6AAF6FC129F0D66A8AF3DB3A9 ] \Device\Harddisk0\DR0\Partition1
11:19:31.0004 7236 \Device\Harddisk0\DR0\Partition1 - ok
11:19:31.0019 7236 [ A60809C4F5D49DA5FB41B63DFFBA5BE1 ] \Device\Harddisk0\DR0\Partition2
11:19:31.0019 7236 \Device\Harddisk0\DR0\Partition2 - ok
11:19:31.0019 7236 [ 9EF86E395D1230C6140FD15EFE0B7948 ] \Device\Harddisk1\DR1\Partition1
11:19:31.0019 7236 \Device\Harddisk1\DR1\Partition1 - ok
11:19:31.0019 7236 ============================================================
11:19:31.0019 7236 Scan finished
11:19:31.0019 7236 ============================================================
11:19:31.0035 7508 Detected object count: 5
11:19:31.0035 7508 Actual detected object count: 5
11:20:12.0297 7508 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:20:12.0297 7508 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:20:12.0297 7508 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0297 7508 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:20:12.0312 7508 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0312 7508 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:20:12.0312 7508 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
11:20:12.0312 7508 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu BKA - Paysafe Virus, Windows 7 gesperrt |
| aufforderung, defogger, ellung, folge, folgende, gefunde, gesperrt, gmer, heute, hoffe, infiziert, laptop, logfiles, nicht mehr, programme, rechner, runtergeladen, schaf, systemwiederherstellung, usb-stick, virus, vorhanden, win 7, windows, windows 7 |
Linear-Darstellung
