| |
| |||||||
Log-Analyse und Auswertung: Trend Micro öffnet nichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.06.2013, 16:55
| #1 |
| |  Trend Micro öffnet nicht Hallo, wir haben das gleiche Problem wie der user: "Trend Micro Titanium Internet Security 2012 lässt sich nicht mehr starten - Verdacht auf Malware" Sind dieser Anleitung gefolgt und hier alle logfiles: |
|
09.06.2013, 17:12
| #2 |
| /// TB-Ausbilder  | Trend Micro öffnet nicht Bitte die Logfiles posten:
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
09.06.2013, 17:31
| #3 |
| | Trend Micro öffnet nichtCode:
ATTFilter OTL logfile created on: 09.06.2013 14:56:04 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = G:\ 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 81,06% Memory free 15,80 Gb Paging File | 14,10 Gb Available in Paging File | 89,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 135,81 Gb Total Space | 76,60 Gb Free Space | 56,40% Space Free | Partition Type: NTFS Drive D: | 90,54 Gb Total Space | 35,68 Gb Free Space | 39,41% Space Free | Partition Type: NTFS Drive F: | 686,61 Gb Total Space | 580,12 Gb Free Space | 84,49% Space Free | Partition Type: NTFS Drive G: | 7,39 Gb Total Space | 7,08 Gb Free Space | 95,87% Space Free | Partition Type: FAT32 Computer Name: NIKISCF | User Name: adminNiki | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - G:\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) PRC - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) PRC - C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI) PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI) PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation) PRC - C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Windows\SysWOW64\MSIService.exe (Micro-Star International Co., Ltd.) ========== Modules (No Company Name) ========== MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7366a39c36523a084bc11c230929ff92\Microsoft.VisualBasic.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8bb2120d5a48b10e27fe82ad5d3fb982\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7ffdaee3a54ffd1a5e3b008a5bde5ecf\IAStorUtil.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\389a1832a3da11e1b409cd6ae60cb9fa\IAStorCommon.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () MOD - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll () ========== Services (SafeList) ========== SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found SRV:64bit: - (Qualcomm Atheros Killer Service) -- C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe () SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (MSI_SuperCharger) -- C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe (MSI) SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation) SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation) SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (MSI Foundation Service) -- C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe (MSI) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (Micro Star SCM) -- C:\Windows\SysWOW64\MSIService.exe (Micro-Star International Co., Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) ========== Driver Services (SafeList) ========== DRV:64bit: - (MGHwCtrl) -- C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys File not found DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (BfLwf) -- C:\Windows\SysNative\drivers\bflwfx64.sys (Bigfoot Networks, Inc.) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\e22W7x64.sys (Qualcomm Atheros, Inc.) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation) DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) DRV:64bit: - (ibtfltcoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation) DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation) DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (tmcomm) -- C:\Windows\SysNative\drivers\tmcomm.sys (Trend Micro Inc.) DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.) DRV:64bit: - (tmactmon) -- C:\Windows\SysNative\drivers\tmactmon.sys (Trend Micro Inc.) DRV:64bit: - (tmevtmgr) -- C:\Windows\SysNative\drivers\tmevtmgr.sys (Trend Micro Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo) DRV - (NTIOLib_1_0_3) -- C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys (MSI) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{7938087C-7958-4B93-979E-5706042D5497}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://msi.msn.com IE - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0 FF - prefs.js..browser.startup.homepage: FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll File not found FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.4: C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll (ESN Social Software AB) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: F:\Downloads\npAmazonMP3DownloaderPlugin101799.dll File not found FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\firefoxextension\ [2013.03.03 15:36:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Firefox\components [2012.11.21 13:33:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2012.10.31 16:51:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\adminNiki\AppData\Roaming\mozilla\Extensions [2013.06.09 14:52:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\adminNiki\AppData\Roaming\mozilla\Firefox\Profiles\7u4nke0j.default\extensions [2013.02.17 22:04:43 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\adminNiki\AppData\Roaming\mozilla\Firefox\Profiles\7u4nke0j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012.10.31 17:46:33 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\adminNiki\AppData\Roaming\mozilla\Firefox\Profiles\7u4nke0j.default\extensions\ich@maltegoetz.de [2013.02.17 22:03:43 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\adminNiki\AppData\Roaming\mozilla\firefox\profiles\7u4nke0j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi File not found (No name found) -- C:\USERS\ADMINNIKI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\7U4NKE0J.DEFAULT\EXTENSIONS\PLUGIN@YONTOO.COM O1 HOSTS File: ([2013.06.09 14:36:53 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [THXCfg64] C:\windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.) O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.) O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [KLM] C:\Program Files (x86)\MSI\KLM\KLM.exe (Micro-Star International Co., Ltd.) O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH) O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI) O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd) O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.) O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) O4 - HKLM..\Run: [VGAOCAP] C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe () O4 - HKU\S-1-5-21-3833806892-711716299-2809217777-1001..\Run: [Steam] F:\Programme\Steam\Steam.exe (Valve Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-3833806892-711716299-2809217777-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{134B834A-96FD-4D77-A2A8-52659D6494A1}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{54D6DB9F-048D-4B0E-A7D4-6F9A21FB7059}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg.dll (Trend Micro Inc.) O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.) O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1505\6.6.1088\TmIEPlg32.dll (Trend Micro Inc.) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.09 14:48:52 | 000,000,000 | ---D | C] -- C:\windows\ERUNT [2013.06.09 14:48:34 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.09 14:40:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.06.09 14:36:32 | 000,000,000 | ---D | C] -- C:\windows\temp [2013.06.09 14:31:13 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe [2013.06.09 14:31:13 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe [2013.06.09 14:31:13 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe [2013.06.09 14:31:10 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.06.09 14:31:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.06.09 14:31:03 | 000,000,000 | ---D | C] -- C:\windows\erdnt [2013.06.09 14:30:02 | 005,078,680 | R--- | C] (Swearware) -- C:\Users\adminNiki\Desktop\ComboFix.exe [2013.06.09 13:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable) [2013.06.09 13:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.05.29 16:18:14 | 000,000,000 | ---D | C] -- C:\Users\adminNiki\Documents\NFS Most Wanted [2013.05.29 16:18:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2013.05.21 18:19:19 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\windows\SysNative\hamachi.sys [2013.05.20 22:03:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SWF Studio [2013.05.20 21:43:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stronghold Crusader [2013.05.15 18:54:50 | 009,195,912 | ---- | C] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2013.05.15 11:08:51 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013.05.15 11:08:51 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013.05.15 11:08:50 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll [2013.05.15 11:08:50 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll [2013.05.15 11:08:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe [2013.05.15 11:08:50 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe [2013.05.15 11:08:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll [2013.05.15 11:08:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll [2013.05.15 11:08:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe [2013.05.15 11:08:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll [2013.05.15 11:08:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll [2013.05.15 11:08:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013.05.15 11:08:48 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013.05.15 11:08:48 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013.05.15 11:08:48 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.05.15 10:46:46 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\dxgmms1.sys [2013.05.15 10:46:46 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\cdd.dll [2013.05.15 10:46:43 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\authui.dll [2013.05.15 10:46:43 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\authui.dll [2013.05.15 10:46:43 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\shdocvw.dll [2013.05.15 10:46:43 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\consent.exe [2013.05.15 10:46:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wwanprotdim.dll [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.09 14:53:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.06.09 14:53:41 | 2066,325,503 | -HS- | M] () -- C:\hiberfil.sys [2013.06.09 14:52:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.06.09 14:51:35 | 001,560,374 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.06.09 14:51:35 | 000,677,202 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013.06.09 14:51:35 | 000,639,044 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.06.09 14:51:35 | 000,137,722 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013.06.09 14:51:35 | 000,114,104 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.06.09 14:47:45 | 000,024,432 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.09 14:47:45 | 000,024,432 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.09 14:36:53 | 000,000,027 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts [2013.06.09 14:18:56 | 005,078,680 | R--- | M] (Swearware) -- C:\Users\adminNiki\Desktop\ComboFix.exe [2013.06.09 14:12:06 | 000,000,512 | ---- | M] () -- C:\Users\adminNiki\Desktop\MBR.dat [2013.06.09 12:25:10 | 000,291,088 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.xtr [2013.06.09 12:25:10 | 000,291,088 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.exe [2013.06.09 12:25:04 | 000,280,904 | ---- | M] () -- C:\windows\SysWow64\PnkBstrB.ex0 [2013.05.29 16:18:07 | 000,000,776 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk [2013.05.15 18:54:55 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.05.15 18:54:55 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.15 18:54:50 | 009,195,912 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerInstaller.exe [2013.05.15 16:52:39 | 000,337,112 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.09 14:31:13 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe [2013.06.09 14:31:13 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe [2013.06.09 14:31:13 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe [2013.06.09 14:31:13 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe [2013.06.09 14:31:13 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe [2013.06.09 14:12:06 | 000,000,512 | ---- | C] () -- C:\Users\adminNiki\Desktop\MBR.dat [2013.05.29 16:18:07 | 000,000,776 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk [2013.05.05 13:58:35 | 000,069,632 | R--- | C] () -- C:\windows\SysWow64\xmltok.dll [2013.05.05 13:58:35 | 000,036,864 | R--- | C] () -- C:\windows\SysWow64\xmlparse.dll [2013.04.30 08:43:29 | 002,434,856 | ---- | C] () -- C:\windows\SysWow64\pbsvc_bc2.exe [2013.01.21 16:58:47 | 000,022,064 | ---- | C] () -- C:\windows\DCEBoot64.exe [2012.12.23 16:30:20 | 000,291,088 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe [2012.12.17 20:35:53 | 002,580,552 | ---- | C] () -- C:\windows\SysWow64\pbsvc.exe [2012.11.02 16:01:35 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe [2012.10.31 16:22:38 | 000,120,200 | ---- | C] () -- C:\windows\SysWow64\DLLDEV32i.dll [2012.03.15 08:19:58 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2012.03.15 08:01:16 | 000,001,313 | ---- | C] () -- C:\windows\THXCfg_SP_APOIM.ini [2012.03.15 08:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_HP_APOIM.ini [2012.03.15 08:01:16 | 000,001,212 | ---- | C] () -- C:\windows\THXCfg_APOIM.ini [2012.03.15 08:01:14 | 000,182,272 | ---- | C] () -- C:\windows\SysWow64\APOMngr.DLL [2012.03.15 08:01:14 | 000,073,728 | ---- | C] () -- C:\windows\SysWow64\CmdRtr.DLL [2012.03.15 06:53:07 | 000,734,772 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin [2012.03.15 06:53:05 | 000,557,476 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin [2012.03.15 06:53:03 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll [2012.03.15 06:53:02 | 012,978,688 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > Code:
ATTFilter OTL Extras logfile created on: 09.06.2013 14:56:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = G:\
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,90 Gb Total Physical Memory | 6,40 Gb Available Physical Memory | 81,06% Memory free
15,80 Gb Paging File | 14,10 Gb Available in Paging File | 89,26% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 135,81 Gb Total Space | 76,60 Gb Free Space | 56,40% Space Free | Partition Type: NTFS
Drive D: | 90,54 Gb Total Space | 35,68 Gb Free Space | 39,41% Space Free | Partition Type: NTFS
Drive F: | 686,61 Gb Total Space | 580,12 Gb Free Space | 84,49% Space Free | Partition Type: NTFS
Drive G: | 7,39 Gb Total Space | 7,08 Gb Free Space | 95,87% Space Free | Partition Type: FAT32
Computer Name: NIKISCF | User Name: adminNiki | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-3833806892-711716299-2809217777-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{B5FD8464-E477-4C81-A68C-E112E67EF7D0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{FF848A2C-D1FB-4C4D-9EBA-9DD82CACBCAB}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D1E71B-006E-45CD-B27F-B900B65DBBD3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{06388A49-0FE7-4C3E-B8D7-D444D5D50553}" = protocol=6 | dir=in | app=d:\programme\blackops2\steam.exe |
"{09039815-6A71-4A41-8BAB-F1291127ABDC}" = protocol=6 | dir=in | app=d:\programme\bf3\simcity\simcity\simcity.exe |
"{09D7BCB0-BA77-4B15-BFC8-AFFD3BB566B7}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{0B6EF636-9609-4CC9-BB77-81D85079E1A7}" = protocol=17 | dir=in | app=f:\programme\bad company 2\bfbc2updater.exe |
"{0ED83BF8-BE33-4855-B4BE-835AC50D476F}" = protocol=6 | dir=in | app=f:\programme\splinter cell\src\system\gu.exe |
"{16E6B48A-2CFC-42F3-8F02-0A73F05DABF5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{185E6C9A-9B5C-4AAC-8F65-FF4F1244B725}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{188CE4B6-2B85-45E8-A0C9-14FE3599A91E}" = protocol=6 | dir=in | app=f:\programme\far cry 3\bin\fc3editor.exe |
"{195DBA20-7F06-4740-A74C-B0ECF5E1D6F5}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{198D332A-8288-405A-9CE7-0ABB2543A0A4}" = protocol=17 | dir=in | app=c:\users\nikiscf\desktop\steamapps\common\call of duty black ops ii\t6zm.exe |
"{1D2EE9AF-FA77-4697-BDD4-8D0A930F4638}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{1EAE14E3-0420-4224-BB71-C0C9BEFC6C6D}" = protocol=6 | dir=in | app=d:\programme\f12011\f1_2011.exe |
"{20C6B948-F199-4A1E-8F5B-69401178AA97}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{21714C3F-3140-45EB-BF1E-A737F85B2DAA}" = protocol=6 | dir=in | app=d:\programme\anno2070\initengine.exe |
"{263F0FA8-D5BC-4F33-8588-F86E96F1694F}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{289C08B1-E173-4B12-9A25-C8239DB618A9}" = protocol=6 | dir=in | app=f:\moh\medal of honor warfighter\mohw.exe |
"{2C555C08-D63B-4C66-99B4-62B37F992F5C}" = protocol=17 | dir=in | app=f:\programme\far cry 3\bin\farcry3.exe |
"{2C811C30-762C-4FC1-85BA-317E68EFFE98}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{38AEDB68-B11B-4DAE-B299-06F76BDB6D2B}" = protocol=17 | dir=in | app=f:\programme\farcry3\bin\farcry3_d3d11.exe |
"{3FDAEBB4-7A5F-415E-BA45-EEC73EA4A2D3}" = protocol=17 | dir=in | app=f:\programme\steam\steam.exe |
"{41A24A07-317C-4522-AF45-148CB600ECDB}" = protocol=6 | dir=in | app=c:\users\nikiscf\desktop\steamapps\common\call of duty black ops ii\t6zm.exe |
"{43D240A9-3695-4E52-A219-EE070A90EFA6}" = protocol=17 | dir=in | app=f:\programme\medal of honor warfighter\mohw.exe |
"{454C2FE5-951F-4A83-A3D5-C57ACD9B7FE2}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{45C3A3E2-FA1E-447B-B9A1-072A2B9DE401}" = protocol=17 | dir=in | app=f:\programme\farcry3\bin\farcry3.exe |
"{46E25023-6B7B-4DD0-BFF5-19B84AB98A87}" = protocol=6 | dir=in | app=f:\programme\farcry3\bin\fc3editor.exe |
"{4D4BC269-2EE8-41F8-BA32-97BE5386EAFE}" = protocol=6 | dir=in | app=f:\programme\far cry 3\bin\farcry3_d3d11.exe |
"{5093D117-FC74-4D6E-AC70-6C45F1BF8414}" = protocol=17 | dir=in | app=d:\programme\blackops2\steam.exe |
"{53934975-1D48-4020-8D25-29EBC4E4FEE7}" = protocol=6 | dir=in | app=d:\programme\bf3\crysis 3\bin32\crysis3.exe |
"{5761EC7A-E09E-40DB-80CE-84839E6227D8}" = protocol=17 | dir=in | app=g:\tom clancy's splinter cell conviction\src\system\gu.exe |
"{57C9C115-2E0D-422A-A102-E9F49D901F35}" = protocol=6 | dir=in | app=d:\programme\blackops2\steamapps\common\call of duty black ops ii\t6sp.exe |
"{58A72732-A08F-44EC-9A78-F484717DEA75}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5B6A2621-F835-41E6-98B8-E3E62693C475}" = protocol=6 | dir=in | app=f:\programme\medal of honor warfighter\mohw.exe |
"{60236F8F-3C0E-4891-9576-B0978A998F23}" = protocol=17 | dir=in | app=d:\programme\anno2070\autopatcher.exe |
"{61E44601-A7A7-4707-B58E-F9955549BC2E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6419A279-B977-4E13-877C-0EA5A36BC374}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{66343DE4-C823-472C-96DE-A7723F39FE21}" = protocol=17 | dir=in | app=f:\moh\medal of honor warfighter\mohw.exe |
"{6AF12D05-066F-4B1E-8C54-9D6B82678C9E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6C073EFC-F211-47B8-9720-0B1FCB31FA06}" = protocol=17 | dir=in | app=d:\programme\bf3\simcity\simcity\simcity.exe |
"{6CA4E993-7BC8-4627-8A1D-7AABCB1C86CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6D09C3A2-A7E5-4B0F-B5F4-81B7BAAF2E87}" = dir=in | app=d:\programme\itunes\itunes.exe |
"{704BDEA6-9484-4965-A5C2-7420F4311327}" = protocol=6 | dir=in | app=f:\programme\splinter cell\src\system\conviction_game.exe |
"{71E5EA1B-7742-4CE8-9945-D9D1C706F96F}" = protocol=6 | dir=in | app=f:\programme\far cry 3\bin\fc3updater.exe |
"{73AE4B6E-6FFD-4DF6-9BCB-DE0959A62BC0}" = protocol=17 | dir=in | app=f:\programme\far cry 3\bin\fc3editor.exe |
"{77B48A52-ED25-43EA-B653-4D03D629CB71}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{79D20B9A-DAD7-4728-8234-2BECB92F5BFE}" = protocol=6 | dir=in | app=g:\tom clancy's splinter cell conviction\src\system\gu.exe |
"{7B54BA9A-8A45-40A2-8D3F-2941CA694A08}" = protocol=6 | dir=in | app=d:\programme\bf3\battlefield 3\bf3.exe |
"{7EB270FD-12EA-4895-8EBF-84F7930347ED}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{82EE072E-5911-4289-9DEA-608C59D0D84A}" = protocol=17 | dir=in | app=g:\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{83D90AE8-AAB9-4D09-926E-6D64D25D993D}" = protocol=17 | dir=in | app=f:\programme\farcry3\bin\fc3updater.exe |
"{875FFF0F-2814-43FE-A6A2-12A4A989FE42}" = protocol=17 | dir=in | app=f:\programme\splinter cell\src\system\conviction_game.exe |
"{8E818563-0464-446C-93ED-7CDD71A34466}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win32\udk.exe |
"{929B8170-2AF4-47D4-9D14-E7C928DA1897}" = protocol=6 | dir=in | app=f:\programme\farcry3\bin\fc3updater.exe |
"{957C8ED7-65E4-4EAA-B329-36AE73E953AD}" = protocol=6 | dir=in | app=f:\programme\farcry3\bin\farcry3.exe |
"{A095A644-0BDA-4CC0-9AA2-7AF42550F50A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A2171194-FF6D-4FBD-89EA-487DC8D7273A}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A2E3760B-A35B-41F1-940C-98D2695D1964}" = protocol=17 | dir=in | app=f:\programme\far cry 3\bin\farcry3_d3d11.exe |
"{A4831FE7-5F9A-40BC-A2C4-420679A5F8D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A5823729-5E92-4CD5-8082-1E548939583E}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{ADA3FF60-215D-43D4-81C9-4FBB17ABF5C9}" = protocol=17 | dir=in | app=d:\programme\f12011\f1_2011.exe |
"{B0F8F0FB-B3B4-449C-B6F5-DA66E86909B4}" = protocol=17 | dir=in | app=d:\programme\anno2070\initengine.exe |
"{B4FF9E5E-19F8-448F-9657-7ABF4830FA12}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{B9DAF88D-1236-4978-92C8-F5D075F324A0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BE99D84B-6252-41BC-B3CA-22EA03C9E276}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C103CF81-A2DD-4D70-9ECB-16042C666F56}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\km\kwikmedia.exe |
"{C60E76D7-4498-4C52-8849-739611C86F48}" = protocol=17 | dir=in | app=d:\programme\anno2070\anno5.exe |
"{C756FCEE-05BF-4A9E-ACC4-35942DD305CC}" = protocol=17 | dir=in | app=f:\programme\farcry3\bin\fc3editor.exe |
"{C8A6AE36-12AD-40E4-8467-2C23DC9F29EE}" = protocol=6 | dir=in | app=f:\programme\farcry3\bin\farcry3_d3d11.exe |
"{C8DEEC4A-3AF2-4461-80CC-573EE3C15A23}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CE6C70CE-FF99-4F60-AD69-C3E7DE383B4C}" = protocol=6 | dir=in | app=d:\programme\anno2070\autopatcher.exe |
"{CFCC18B5-600A-4696-98E7-9DDD82D42D26}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\prototype 2\prototype2.exe |
"{D932FC5D-C896-4C08-A4D5-237216D3C2DF}" = protocol=17 | dir=in | app=d:\programme\blackops2\steamapps\common\call of duty black ops ii\t6sp.exe |
"{E0C94442-197B-4904-A8EA-ED3AA942F4D0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{E2FBC88A-4DF1-4897-A986-6ED3978D8699}" = protocol=6 | dir=in | app=f:\programme\steam\steam.exe |
"{E4DD4768-A64B-4CAE-823E-E40339ED3BE3}" = protocol=17 | dir=in | app=f:\programme\splinter cell\src\system\gu.exe |
"{E597FF78-860C-4ED9-B8B1-604560E7D5A3}" = protocol=17 | dir=in | app=d:\programme\bf3\crysis 3\bin32\crysis3.exe |
"{E61B7005-4080-4798-8008-B1C37D186316}" = protocol=6 | dir=in | app=f:\programme\far cry 3\bin\farcry3.exe |
"{E79EE13E-DDF2-413C-AAD3-6759E645D6B6}" = protocol=17 | dir=in | app=d:\programme\bf3\battlefield 3\bf3.exe |
"{E7BE2BCE-45A8-4F34-ADD7-5A9A42240388}" = protocol=17 | dir=in | app=f:\programme\far cry 3\bin\fc3updater.exe |
"{EB9E94F9-8620-469D-864B-EA2A9E6D1B11}" = protocol=6 | dir=in | app=f:\programme\steam\steamapps\common\prototype 2\prototype2.exe |
"{ED986BE8-1E4C-447A-822F-5994CC2C8C89}" = protocol=6 | dir=in | app=f:\programme\bad company 2\bfbc2updater.exe |
"{F55C2849-5551-47A4-839C-9D6A3B1F8B79}" = protocol=6 | dir=in | app=d:\programme\anno2070\anno5.exe |
"{F6EC2C93-E3AD-4459-A85B-F2A89AC5F872}" = protocol=6 | dir=in | app=g:\tom clancy's splinter cell conviction\src\system\conviction_game.exe |
"{FA3A1DBA-3CA2-4891-95A0-E3981831AC9A}" = protocol=17 | dir=in | app=f:\programme\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{FA93F0E8-2924-40C5-8F6F-B51815698524}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{FCA5B3F7-A18A-4E96-937A-34312C23E31C}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"TCP Query User{0CA94826-8BE2-4F04-93F1-3F105689CD06}C:\windows\syswow64\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"TCP Query User{3052B375-DD70-424F-BDCD-86021EF1F812}F:\programme\bfh\bfheroes.exe" = protocol=6 | dir=in | app=f:\programme\bfh\bfheroes.exe |
"TCP Query User{30A8DA56-8FEC-46BC-A3BD-4E1EA72D7A8A}F:\programme\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=f:\programme\tmnationsforever\tmforever.exe |
"TCP Query User{326F9F22-D90F-4423-9D8E-F29CCA4F22CF}F:\programme\jdown\jdownloader\jre\bin\javaw.exe" = protocol=6 | dir=in | app=f:\programme\jdown\jdownloader\jre\bin\javaw.exe |
"TCP Query User{3284CB4C-7D19-40DF-BD28-5E759A14FB4D}F:\programme\t\utorrent.exe" = protocol=6 | dir=in | app=f:\programme\t\utorrent.exe |
"TCP Query User{348BE5FE-E766-4413-80C0-035AB7A92E61}F:\downloads\utorrent_3.3.0.29544.exe" = protocol=6 | dir=in | app=f:\downloads\utorrent_3.3.0.29544.exe |
"TCP Query User{53B05F3E-8621-4610-8777-9CF728EB882B}G:\try\farcry3\bin\farcry3.exe" = protocol=6 | dir=in | app=g:\try\farcry3\bin\farcry3.exe |
"TCP Query User{6407710F-2709-415A-B559-6B7EDE4C0DF9}F:\programme\stronghold\stronghold crusader.exe" = protocol=6 | dir=in | app=f:\programme\stronghold\stronghold crusader.exe |
"TCP Query User{6B578059-7029-4A0F-9209-D613752C42DE}F:\programme\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=f:\programme\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{7381DA0C-ADC9-44DC-B48C-CF94F815C6A1}F:\downloads\amazon music importer\amazon music importer.exe" = protocol=6 | dir=in | app=f:\downloads\amazon music importer\amazon music importer.exe |
"TCP Query User{7EC0C473-445F-4AB6-A165-3B0CBF8A6FE7}F:\programme\bfh\bfheroes.exe" = protocol=6 | dir=in | app=f:\programme\bfh\bfheroes.exe |
"TCP Query User{8E48D794-73B5-463E-B646-18212FA10CF6}F:\programme\utorrent.exe" = protocol=6 | dir=in | app=f:\programme\utorrent.exe |
"TCP Query User{8FC74FD7-79B8-4EB7-8A49-3C3DF24D84B1}F:\programme\dirt3\dirt3_game.exe" = protocol=6 | dir=in | app=f:\programme\dirt3\dirt3_game.exe |
"TCP Query User{97CBA63E-ECFD-4674-A565-548180F7D8CB}F:\utorrent.exe" = protocol=6 | dir=in | app=f:\utorrent.exe |
"TCP Query User{B32A9613-5CF3-4A9C-BA2C-7E3BF58D10A3}F:\programme\crysis\bin32\crysis2.exe" = protocol=6 | dir=in | app=f:\programme\crysis\bin32\crysis2.exe |
"TCP Query User{B5715519-2E9E-4A6F-BF0D-EF00FF2D694A}D:\programme\bf3\battlefield 3\bf3.exe" = protocol=6 | dir=in | app=d:\programme\bf3\battlefield 3\bf3.exe |
"TCP Query User{BC648CAC-AC09-4263-B799-8B57B6534785}F:\programme\borderlands 2\binaries\win32\borderlands2.exe" = protocol=6 | dir=in | app=f:\programme\borderlands 2\binaries\win32\borderlands2.exe |
"TCP Query User{BC69E8A2-D325-4101-9911-6143ABB4A2E5}F:\programme\tor\utorrent.exe" = protocol=6 | dir=in | app=f:\programme\tor\utorrent.exe |
"TCP Query User{E6A2B4D5-DE1B-4914-952C-C71A2B47F160}F:\utorrent.exe" = protocol=6 | dir=in | app=f:\utorrent.exe |
"TCP Query User{EB042E60-6FB6-4F6A-9824-4B31FA89B4BE}F:\programme\jdown\jdownloader\jre\bin\java.exe" = protocol=6 | dir=in | app=f:\programme\jdown\jdownloader\jre\bin\java.exe |
"TCP Query User{F9027E52-0C93-421F-95F9-DDFE04053FF2}F:\programme\farcry3\bin\farcry3.exe" = protocol=6 | dir=in | app=f:\programme\farcry3\bin\farcry3.exe |
"UDP Query User{060A1428-97EB-4B23-A40A-26F7898F3DFD}F:\utorrent.exe" = protocol=17 | dir=in | app=f:\utorrent.exe |
"UDP Query User{0E5B6CF0-2B99-4101-855B-5FD7FADE47BC}D:\programme\bf3\battlefield 3\bf3.exe" = protocol=17 | dir=in | app=d:\programme\bf3\battlefield 3\bf3.exe |
"UDP Query User{1CC28DA9-D403-4D01-9DB9-6899DA12A447}F:\utorrent.exe" = protocol=17 | dir=in | app=f:\utorrent.exe |
"UDP Query User{1DE92BCE-602D-4CAC-BAF4-89A6E13C0F8D}F:\downloads\utorrent_3.3.0.29544.exe" = protocol=17 | dir=in | app=f:\downloads\utorrent_3.3.0.29544.exe |
"UDP Query User{20F26DFD-7610-41FA-96C3-3047233CF0C9}F:\programme\t\utorrent.exe" = protocol=17 | dir=in | app=f:\programme\t\utorrent.exe |
"UDP Query User{2FAF1633-B1F9-4768-87F6-9C1E88C8B452}F:\programme\stronghold\stronghold crusader.exe" = protocol=17 | dir=in | app=f:\programme\stronghold\stronghold crusader.exe |
"UDP Query User{434CCC8D-0984-4BB7-A667-2D3C833B23EB}F:\programme\jdown\jdownloader\jre\bin\javaw.exe" = protocol=17 | dir=in | app=f:\programme\jdown\jdownloader\jre\bin\javaw.exe |
"UDP Query User{55DD5B0D-9B34-4356-900A-9D24674FA9A3}F:\downloads\amazon music importer\amazon music importer.exe" = protocol=17 | dir=in | app=f:\downloads\amazon music importer\amazon music importer.exe |
"UDP Query User{5823ACF6-7A52-48E8-98BD-6DE53649088A}F:\programme\bfh\bfheroes.exe" = protocol=17 | dir=in | app=f:\programme\bfh\bfheroes.exe |
"UDP Query User{74D5D00A-2FA0-48C9-B46A-B3874C0BCE77}C:\windows\syswow64\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\dplaysvr.exe |
"UDP Query User{753566C1-2668-482E-9DDF-03CA51637014}G:\try\farcry3\bin\farcry3.exe" = protocol=17 | dir=in | app=g:\try\farcry3\bin\farcry3.exe |
"UDP Query User{796BC567-8F9F-4EC8-9902-7E1CACD267D5}F:\programme\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=f:\programme\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{9B00AF23-5AE6-4B45-B6A0-5AFEAC9684CF}F:\programme\jdown\jdownloader\jre\bin\java.exe" = protocol=17 | dir=in | app=f:\programme\jdown\jdownloader\jre\bin\java.exe |
"UDP Query User{A6FD851B-48FA-4D4F-9467-12AE419F081D}F:\programme\utorrent.exe" = protocol=17 | dir=in | app=f:\programme\utorrent.exe |
"UDP Query User{A79B215A-F6FC-4C55-8B7E-DAE0526B2A8C}F:\programme\borderlands 2\binaries\win32\borderlands2.exe" = protocol=17 | dir=in | app=f:\programme\borderlands 2\binaries\win32\borderlands2.exe |
"UDP Query User{C0A5ACBE-2235-4C83-B6AC-1C42D5581E1A}F:\programme\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=f:\programme\tmnationsforever\tmforever.exe |
"UDP Query User{C891BC2A-9612-4C01-87B2-613B8CA4331A}F:\programme\dirt3\dirt3_game.exe" = protocol=17 | dir=in | app=f:\programme\dirt3\dirt3_game.exe |
"UDP Query User{D064F86B-ACF8-4639-B878-756B12C67BFE}F:\programme\crysis\bin32\crysis2.exe" = protocol=17 | dir=in | app=f:\programme\crysis\bin32\crysis2.exe |
"UDP Query User{E1E3FCBB-207D-43DF-97E4-AC32475CF53B}F:\programme\tor\utorrent.exe" = protocol=17 | dir=in | app=f:\programme\tor\utorrent.exe |
"UDP Query User{E52E4BCD-24CE-4466-BDCE-2A6D62E9F16A}F:\programme\bfh\bfheroes.exe" = protocol=17 | dir=in | app=f:\programme\bfh\bfheroes.exe |
"UDP Query User{F45BA04B-4BC9-47EB-B089-A9621EF64063}F:\programme\farcry3\bin\farcry3.exe" = protocol=17 | dir=in | app=f:\programme\farcry3\bin\farcry3.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.5
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Internet Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Internet Security
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}" = WinZip 17.0
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}" = MSI Software Install
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}" = THX TruStudio Pro
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B79E730-D897-4B8F-A1AD-7BB2D1F22B96}" = Nero Blu-ray Player Help (CHM)
"{5C1F18D2-F6B7-4242-B803-B5A78648185D}" = Corel WinDVD
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX
"{619FA785-489B-4D22-911F-82D6EDF5BDB0}" = Battery Calibration
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8C3727F2-8E37-49E4-820C-03B1677F53B6}" = Stronghold Crusader
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95193654-3EF2-4D17-8503-9F80B56D9ED5}" = MSI VGA Overclock Tool
"{957F91DB-A999-4207-A780-828C857370F4}" = Nero Kwik Media
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}" = LEGO® Der Herr der Ringe™
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C9370463-B35E-473F-BB0D-4FC572A1F9DF}" = MAGIX Video easy SE
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.9 Game
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA5597C9-9216-44FF-9670-D1E48817B998}" = MSI HOUSE
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Battlelog Web Plugins" = Battlelog Web Plugins
"Blue Byte Game Channel" = Blue Byte Game Channel
"ESN Sonar-0.70.4" = ESN Sonar
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{4DEA5B85-6C56-45F3-AE00-FED756B0D3B4}" = KLM
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"IrfanView" = IrfanView (remove only)
"MAGIX Foto Manager 9 D" = MAGIX Foto Manager 9
"MAGIX Online Druck Service D" = MAGIX Online Druck Service
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"MAGIX_MSI_Video_easy_SE" = MAGIX Video easy SE
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Native Instruments Traktor 2" = Native Instruments Traktor 2
"OpenAL" = OpenAL
"Origin" = Origin
"PunkBusterSvc" = PunkBuster Services
"Sniper Elite V2_is1" = Sniper Elite V2
"Steam App 115320" = PROTOTYPE 2
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"TmNationsForever_is1" = TmNationsForever
"VLC media player" = VLC media player 2.0.6
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.06.2013 08:54:17 | Computer Name = nikiscf | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 09.06.2013 08:55:48 | Computer Name = nikiscf | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%1330 Vergewissern
Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
Management Console (MMC).
Error - 09.06.2013 08:55:48 | Computer Name = nikiscf | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069
< End of report >
|
|
09.06.2013, 17:55
| #4 |
| /// TB-Ausbilder | Trend Micro öffnet nicht Danke. Und wer hat dir gesagt, dass du Combofix benutzen sollst? Das Logfile bitte ...
__________________  Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.06.2013, 18:44
| #5 |
| | Trend Micro öffnet nicht Learning by doing - den Anweisungen bin ich do.g. Thread gefolgt - deshalb habe ich combofix benutzt. Ergebnis siehe oben. |
|
09.06.2013, 19:03
| #6 |
| /// TB-Ausbilder | Trend Micro öffnet nicht Hier steht überall, dass man Combofix nicht alleine benutzen soll - wenn du die Anweisungen wirklich gelesen hättest . Und das Logfile von combofix würde ich gerne sehen.
__________________ --> Trend Micro öffnet nicht |
|
09.06.2013, 19:23
| #7 |
| | Trend Micro öffnet nicht Sorry - ich dachte ich hätte den Logfile von Combofix schon eingestellt. Anbei den passenden Logfile. Und nochmals - Sorry - beim nächsten Problem werde ich es nicht mehr tun !!! Code:
ATTFilter ComboFix 13-06-08.02 - adminNiki 09.06.2013 14:31:56.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8089.6401 [GMT 2:00]
ausgeführt von:: C:\Users\adminNiki\Desktop\ComboFix.exe
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
C:\windows\IsUn0407.exe
C:\windows\SysWow64\tmpCC34.tmp
C:\windows\SysWow64\tmpCC45.tmp
((((((((((((((((((((((( Dateien erstellt von 2013-05-09 bis 2013-06-09 ))))))))))))))))))))))))))))))
2013-06-09 11:38:20 . 2013-06-09 11:45:11 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-09 11:37:04 . 2013-06-09 11:37:04 -------- d-----w- C:\ProgramData\Malwarebytes
2013-06-09 10:21:52 . 2013-05-13 23:48:30 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDC7C05B-281A-42E2-BCD7-83342668193A}\mpengine.dll
2013-06-04 19:11:58 . 2013-06-04 19:12:14 -------- d-----w- C:\Users\nikiscf\AppData\Local\ESN Sonar
2013-05-21 16:19:19 . 2009-03-18 14:35:42 33856 ---ha-w- C:\windows\system32\hamachi.sys
2013-05-20 20:18:52 . 2013-05-21 16:19:50 -------- d-----w- C:\Users\nikiscf\AppData\Local\LogMeIn Hamachi
2013-05-20 20:04:35 . 2013-05-20 20:04:35 -------- d-----w- C:\Users\nikiscf\AppData\Roaming\InstallShield Installation Information
2013-05-20 20:03:06 . 2013-05-20 20:03:06 -------- d-----w- C:\Program Files (x86)\Common Files\SWF Studio
2013-05-15 16:54:50 . 2013-05-15 16:54:50 9195912 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
2013-05-15 08:46:46 . 2013-04-10 06:01:54 265064 ----a-w- C:\windows\system32\drivers\dxgmms1.sys
2013-05-12 19:34:43 . 2013-05-12 19:34:43 -------- d-----w- C:\Users\adminNiki\AppData\Roaming\BabSolution
2013-05-12 19:32:50 . 2013-05-12 19:32:50 -------- d-----w- C:\Users\adminNiki\AppData\Roaming\Babylon
2013-05-12 19:32:50 . 2013-05-12 19:32:50 -------- d-----w- C:\ProgramData\Babylon
2013-05-12 19:32:46 . 2013-05-12 19:32:46 -------- d-----w- C:\Program Files (x86)\Gophoto.it
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-06-09 10:25:10 . 2012-12-23 14:30:20 291088 ----a-w- C:\windows\SysWow64\PnkBstrB.exe
2013-06-09 10:25:04 . 2012-11-02 14:01:35 280904 ----a-w- C:\windows\SysWow64\PnkBstrB.ex0
2013-05-15 16:54:55 . 2012-10-31 16:08:23 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-05-15 16:54:55 . 2012-03-15 06:13:04 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 09:10:35 . 2012-12-20 15:19:59 75016696 ----a-w- C:\windows\system32\MRT.exe
2013-05-14 18:36:03 . 2011-03-29 01:36:46 22240 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06:08 . 2010-11-21 03:27:21 278800 ------w- C:\windows\system32\MpSigStub.exe
2013-04-30 06:43:29 . 2013-04-30 06:43:29 2434856 ----a-w- C:\windows\SysWow64\pbsvc_bc2.exe
2013-04-30 06:38:25 . 2013-01-21 14:58:47 22064 ----a-w- C:\windows\DCEBoot64.exe
2013-04-13 05:49:23 . 2013-05-15 08:46:45 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 . 2013-05-15 08:46:45 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 . 2013-05-15 08:46:45 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 . 2013-05-15 08:46:45 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 . 2013-05-15 08:46:45 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 . 2013-05-15 08:46:45 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 . 2013-04-24 15:44:42 1656680 ----a-w- C:\windows\system32\drivers\ntfs.sys
2013-04-05 09:46:58 . 2013-04-05 09:46:58 1054720 ----a-w- C:\windows\system32\MsSpellCheckingFacility.exe
2013-04-05 09:46:57 . 2013-04-05 09:46:57 719360 ----a-w- C:\windows\SysWow64\mshtmlmedia.dll
2013-04-05 09:46:57 . 2013-04-05 09:46:57 523264 ----a-w- C:\windows\SysWow64\vbscript.dll
2013-04-05 09:46:57 . 2013-04-05 09:46:57 226304 ----a-w- C:\windows\system32\elshyph.dll
2013-04-05 09:46:57 . 2013-04-05 09:46:57 185344 ----a-w- C:\windows\SysWow64\elshyph.dll
2013-04-05 09:46:57 . 2013-04-05 09:46:57 158720 ----a-w- C:\windows\SysWow64\msls31.dll
2013-04-05 09:46:57 . 2013-04-05 09:46:57 150528 ----a-w- C:\windows\SysWow64\iexpress.exe
2013-04-05 09:46:57 . 2013-04-05 09:46:57 138752 ----a-w- C:\windows\SysWow64\wextract.exe
2013-04-05 09:46:56 . 2013-04-05 09:46:56 73728 ----a-w- C:\windows\SysWow64\SetIEInstalledDate.exe
2013-04-05 09:46:56 . 2013-04-05 09:46:56 61952 ----a-w- C:\windows\SysWow64\tdc.ocx
2013-04-05 09:46:56 . 2013-04-05 09:46:56 48640 ----a-w- C:\windows\SysWow64\mshtmler.dll
2013-04-05 09:46:56 . 2013-04-05 09:46:56 38400 ----a-w- C:\windows\SysWow64\imgutil.dll
2013-04-05 09:46:56 . 2013-04-05 09:46:56 361984 ----a-w- C:\windows\SysWow64\html.iec
2013-04-05 09:46:56 . 2013-04-05 09:46:56 23040 ----a-w- C:\windows\SysWow64\licmgr10.dll
2013-04-05 09:46:56 . 2013-04-05 09:46:56 1441280 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-04-05 09:46:56 . 2013-04-05 09:46:56 137216 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2013-04-05 09:46:56 . 2013-04-05 09:46:56 12800 ----a-w- C:\windows\SysWow64\mshta.exe
2013-04-05 09:46:56 . 2013-04-05 09:46:56 110592 ----a-w- C:\windows\SysWow64\IEAdvpack.dll
2013-04-05 09:46:55 . 2013-04-05 09:46:55 216064 ----a-w- C:\windows\system32\msls31.dll
2013-04-05 09:46:55 . 2013-04-05 09:46:55 197120 ----a-w- C:\windows\system32\msrating.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 97280 ----a-w- C:\windows\system32\mshtmled.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 905728 ----a-w- C:\windows\system32\mshtmlmedia.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 81408 ----a-w- C:\windows\system32\icardie.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 762368 ----a-w- C:\windows\system32\ieapfltr.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 62976 ----a-w- C:\windows\system32\pngfilt.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 599552 ----a-w- C:\windows\system32\vbscript.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 452096 ----a-w- C:\windows\system32\dxtmsft.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 441856 ----a-w- C:\windows\system32\html.iec
2013-04-05 09:46:54 . 2013-04-05 09:46:54 281600 ----a-w- C:\windows\system32\dxtrans.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 27648 ----a-w- C:\windows\system32\licmgr10.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 270848 ----a-w- C:\windows\system32\iedkcs32.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 247296 ----a-w- C:\windows\system32\webcheck.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 235008 ----a-w- C:\windows\system32\url.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 173568 ----a-w- C:\windows\system32\ieUnatt.exe
2013-04-05 09:46:54 . 2013-04-05 09:46:54 167424 ----a-w- C:\windows\system32\iexpress.exe
2013-04-05 09:46:54 . 2013-04-05 09:46:54 1509376 ----a-w- C:\windows\system32\inetcpl.cpl
2013-04-05 09:46:54 . 2013-04-05 09:46:54 149504 ----a-w- C:\windows\system32\occache.dll
2013-04-05 09:46:54 . 2013-04-05 09:46:54 144896 ----a-w- C:\windows\system32\wextract.exe
2013-04-05 09:46:54 . 2013-04-05 09:46:54 1400416 ----a-w- C:\windows\system32\ieapfltr.dat
2013-04-05 09:46:54 . 2013-04-05 09:46:54 13824 ----a-w- C:\windows\system32\mshta.exe
2013-04-05 09:46:54 . 2013-04-05 09:46:54 102912 ----a-w- C:\windows\system32\inseng.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 92160 ----a-w- C:\windows\system32\SetIEInstalledDate.exe
2013-04-05 09:46:53 . 2013-04-05 09:46:53 77312 ----a-w- C:\windows\system32\tdc.ocx
2013-04-05 09:46:53 . 2013-04-05 09:46:53 52224 ----a-w- C:\windows\system32\msfeedsbs.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 51200 ----a-w- C:\windows\system32\imgutil.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 48640 ----a-w- C:\windows\system32\mshtmler.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 136192 ----a-w- C:\windows\system32\iepeers.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 135680 ----a-w- C:\windows\system32\IEAdvpack.dll
2013-04-05 09:46:53 . 2013-04-05 09:46:53 12800 ----a-w- C:\windows\system32\msfeedssync.exe
2013-03-19 06:04:06 . 2013-04-10 15:10:54 5550424 ----a-w- C:\windows\system32\ntoskrnl.exe
2013-03-19 05:46:56 . 2013-04-10 15:10:54 43520 ----a-w- C:\windows\system32\csrsrv.dll
2013-03-19 05:04:13 . 2013-04-10 15:10:54 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 . 2013-04-10 15:10:54 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 . 2013-04-10 15:10:54 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 . 2013-04-10 15:10:54 112640 ----a-w- C:\windows\system32\smss.exe
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
2012-10-24 00:36:15 194928 ----a-w- C:\Program Files (x86)\Yontoo\YontooIEClient.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="F:\Programme\Steam\Steam.exe" [2013-04-19 21:10:48 1631144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 19:04:54 284440]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-04 19:59:50 291608]
"Super-Charger"="C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe" [2012-01-03 20:34:16 502288]
"KLM"="C:\Program Files (x86)\MSI\KLM\KLM.exe" [2011-12-19 21:27:00 1522376]
"VGAOCAP"="C:\Program Files (x86)\MSI\MSI VGA Overclock Tool\VGAOCAP.exe" [2012-01-31 21:49:16 88576]
"THX Audio Control Panel"="C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2011-08-29 23:37:02 1517056]
"UpdReg"="C:\windows\UpdReg.EXE" [2000-05-11 08:00:00 90112]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 21:06:36 958576]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 13:13:16 59280]
"iTunesHelper"="D:\Programme\iTunes\iTunesHelper.exe" [2012-11-28 23:49:26 151952]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Qualcomm Atheros Killer Network Manager.lnk - C:\Program Files\Qualcomm Atheros\Killer Network Manager\KillerNetManager.exe [2012-3-8 549888]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe;C:\Program Files (x86)\Skype\Updater\Updater.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\system32\DRIVERS\btmaux.sys;C:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;C:\windows\system32\DRIVERS\btmhsf.sys;C:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\system32\DRIVERS\clwvd.sys;C:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ibtfltcoex;ibtfltcoex;C:\windows\system32\DRIVERS\iBtFltCoex.sys;C:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 MBfilt;MBfilt;C:\windows\system32\drivers\MBfilt64.sys;C:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
R3 MGHwCtrl;MGHwCtrl;C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys;C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys;C:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys;C:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.5;C:\Program Files\Intel\TurboBoost\TurboBoost.exe;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\windows\system32\drivers\iusb3hcs.sys;C:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;C:\windows\system32\DRIVERS\nvpciflt.sys;C:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BfLwf;Bigfoot Networks Bandwidth Control;C:\windows\system32\DRIVERS\bflwfx64.sys;C:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Micro Star SCM;Micro Star SCM;C:\windows\SysWOW64\MSIService.exe;C:\windows\SysWOW64\MSIService.exe [x]
S2 MSI Foundation Service;MSI Foundation Service;C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe;C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe;C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe;C:\Program Files (x86)\Nero\Update\NASvc.exe [x]
S2 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x]
S2 regi;regi;C:\windows\system32\drivers\regi.sys;C:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 tmevtmgr;tmevtmgr;C:\windows\system32\DRIVERS\tmevtmgr.sys;C:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 TurboB;Turbo Boost UI Monitor driver;C:\windows\system32\DRIVERS\TurboB.sys;C:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 IntcDAud;Intel(R) Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys;C:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\windows\system32\drivers\iusb3hub.sys;C:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\windows\system32\drivers\iusb3xhc.sys;C:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for the Killer e2200 PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\e22w7x64.sys;C:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\windows\system32\DRIVERS\RtsPStor.sys;C:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
--- Andere Dienste/Treiber im Speicher ---
*NewlyCreated* - 26920364
*NewlyCreated* - ASWMBR
*NewlyCreated* - NTIOLIB_1_0_3
*Deregistered* - 26920364
*Deregistered* - aswMBR
Inhalt des "geplante Tasks" Ordners
2013-06-09 C:\windows\Tasks\Adobe Flash Player Updater.job
- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-31 16:08:23 . 2013-05-15 16:54:56]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\windows\system32\igfxtray.exe" [2012-01-12 06:24:22 170264]
"HotKeysCmds"="C:\windows\system32\hkcmd.exe" [2012-01-12 06:24:10 398104]
"Persistence"="C:\windows\system32\igfxpers.exe" [2012-01-12 06:24:14 440600]
"BTMTrayAgent"="C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll" [2011-12-20 02:16:02 11406608]
"THXCfg64"="C:\windows\system32\THXCfg64.dll" [2010-09-14 20:53:22 25600]
"Trend Micro Titanium"="C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-10-08 15:16:10 1111568]
"Trend Micro Client Framework"="C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 14:00:28 197152]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 01:39:57 168960]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-05 18:59:40 11474024]
------- Zusätzlicher Suchlauf -------
uLocal Page = C:\windows\system32\blank.htm
uStart Page = hxxp://msi.msn.com
mLocal Page = C:\Windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\BfLLR.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\
FF - prefs.js: browser.startup.homepage -
FF - user.js: extentions.y2layers.installId - fc108ba3-e56a-4c1e-8b79-af6bfb62280f
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,buzzdock,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
- - - - Entfernte verwaiste Registrierungseinträge - - - -
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Battlelog Web Plugins - C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Blue Byte Game Channel - F:\Programme\DieSiedler\uninst.dll
AddRemove-PunkBusterSvc - C:\windows\system32\pbsvc_bc2.exe
|
|
09.06.2013, 19:29
| #8 |
| /// TB-Ausbilder | Trend Micro öffnet nicht Ok. Aber komplett hätte ich es schon auch gerne.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
09.06.2013, 19:52
| #9 |
| | Trend Micro öffnet nichtCode:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-09 13:53:11
-----------------------------
13:53:11.085 OS Version: Windows x64 6.1.7601 Service Pack 1
13:53:11.085 Number of processors: 8 586 0x3A09
13:53:11.085 ComputerName: NIKISCF UserName:
13:53:11.288 Initialize success
13:57:57.893 AVAST engine defs: 13060900
13:59:57.218 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:59:57.218 Disk 0 Vendor: SAMSUNG_ CXM0 Size: 244198MB BusType: 3
13:59:57.218 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
13:59:57.218 Disk 1 Vendor: Hitachi_ JF4O Size: 715404MB BusType: 3
13:59:57.233 Disk 0 MBR read successfully
13:59:57.233 Disk 0 MBR scan
13:59:57.233 Disk 0 Windows 7 default MBR code
13:59:57.249 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 12315 MB offset 2048
13:59:57.249 Disk 0 Partition 2 80 (A) 27 Hidden NTFS WinRE NTFS 100 MB offset 25223168
13:59:57.249 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 139065 MB offset 25427968
13:59:57.249 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 92716 MB offset 310233088
13:59:57.265 Disk 0 scanning C:\windows\system32\drivers
13:59:59.542 Service scanning
14:00:06.094 Modules scanning
14:00:06.094 Disk 0 trace - called modules:
14:00:06.110 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:00:06.110 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006a0d790]
14:00:06.110 3 CLASSPNP.SYS[fffff88001d4843f] -> nt!IofCallDriver -> [0xfffffa80071e6950]
14:00:06.110 5 ACPI.sys[fffff88000d6d7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80072d2050]
14:00:06.328 AVAST engine scan C:\windows
14:00:06.703 AVAST engine scan C:\windows\system32
14:00:57.418 AVAST engine scan C:\windows\system32\drivers
14:01:00.086 AVAST engine scan C:\Users\adminNiki
14:01:15.733 AVAST engine scan C:\ProgramData
14:01:29.866 Scan finished successfully
14:12:06.102 Disk 0 MBR has been saved successfully to "C:\Users\adminNiki\Desktop\MBR.dat"
14:12:06.118 The log file has been saved successfully to "C:\Users\adminNiki\Desktop\aswMBR.txt"
Code:
ATTFilter # AdwCleaner v2.303 - Datei am 09/06/2013 um 14:52:30 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : adminNiki - NIKISCF
# Bootmodus : Normal
# Ausgeführt unter : G:\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\extensions\gophoto@gophoto.it.xpi
Datei Gelöscht : C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\nikiscf\AppData\Roaming\Mozilla\Firefox\Profiles\9l1by1ub.default\foxydeal.sqlite
Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it
Ordner Gelöscht : C:\Users\adminNiki\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\extensions\plugin@yontoo.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v17.0 (de)
Datei : C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\prefs.js
C:\Users\adminNiki\AppData\Roaming\Mozilla\Firefox\Profiles\7u4nke0j.default\user.js ... Gelöscht !
Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Gelöscht : user_pref("extentions.y2layers.installId", "fc108ba3-e56a-4c1e-8b79-af6bfb62280f");
Datei : C:\Users\nikiscf\AppData\Roaming\Mozilla\Firefox\Profiles\9l1by1ub.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [3746 octets] - [09/06/2013 14:52:30]
########## EOF - C:\AdwCleaner[S1].txt - [3806 octets] ##########
weitere: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by adminNiki on 09.06.2013 at 14:48:53,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\1clickdownload
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babylontoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\yontooieclient.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\yontooieclient.api.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{02EC91B1-3EF1-4407-8AC9-D268F2D96D97}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\adminNiki\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\adminNiki\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\adminNiki\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Program Files (x86)\yontoo"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2013 at 14:51:25,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d97356857fb69842a1eb62708b014e3a
# engine=14031
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-09 02:11:09
# local_time=2013-06-09 04:11:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 6025 122416919 0 0
# scanned=170950
# found=2
# cleaned=0
# scan_time=2223
sh=21C23C470BDABB763D2FC372D86E9D3FB9F923AE ft=1 fh=1a43b0206fc57ad6 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="F:\Programme\Dirt3\paul.dll"
sh=5B31FB5741304E8486ACFD81E30B314B87A28E9F ft=1 fh=b4b60b69ec22cbd1 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="F:\Programme\Dirt3\SKIDROW.dll"
esets_scanner_update returned -1 esets_gle=1
Code:
ATTFilter 14:22:30.0101 5860 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:22:30.0132 5860 ============================================================
14:22:30.0132 5860 Current date / time: 2013/06/09 14:22:30.0132
14:22:30.0132 5860 SystemInfo:
14:22:30.0132 5860
14:22:30.0132 5860 OS Version: 6.1.7601 ServicePack: 1.0
14:22:30.0132 5860 Product type: Workstation
14:22:30.0132 5860 ComputerName: NIKISCF
14:22:30.0132 5860 UserName: adminNiki
14:22:30.0132 5860 Windows directory: C:\windows
14:22:30.0132 5860 System windows directory: C:\windows
14:22:30.0132 5860 Running under WOW64
14:22:30.0132 5860 Processor architecture: Intel x64
14:22:30.0132 5860 Number of processors: 8
14:22:30.0132 5860 Page size: 0x1000
14:22:30.0132 5860 Boot type: Normal boot
14:22:30.0132 5860 ============================================================
14:22:32.0877 5860 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:32.0877 5860 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:32.0877 5860 Drive \Device\Harddisk2\DR5 - Size: 0x1D9C00000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:22:32.0877 5860 ============================================================
14:22:32.0877 5860 \Device\Harddisk0\DR0:
14:22:32.0877 5860 MBR partitions:
14:22:32.0877 5860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1840000, BlocksNum 0x10F9C800
14:22:32.0877 5860 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x127DC800, BlocksNum 0xB516000
14:22:32.0877 5860 \Device\Harddisk1\DR1:
14:22:32.0877 5860 MBR partitions:
14:22:32.0877 5860 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x180E000, BlocksNum 0x55D37800
14:22:32.0877 5860 \Device\Harddisk2\DR5:
14:22:32.0893 5860 MBR partitions:
14:22:32.0893 5860 ============================================================
14:22:32.0893 5860 C: <-> \Device\Harddisk0\DR0\Partition1
14:22:32.0893 5860 D: <-> \Device\Harddisk0\DR0\Partition2
14:22:32.0924 5860 F: <-> \Device\Harddisk1\DR1\Partition1
14:22:32.0924 5860 ============================================================
14:22:32.0924 5860 Initialize success
14:22:32.0924 5860 ============================================================
14:22:38.0556 3020 ============================================================
14:22:38.0556 3020 Scan started
14:22:38.0556 3020 Mode: Manual;
14:22:38.0556 3020 ============================================================
14:22:39.0039 3020 ================ Scan system memory ========================
14:22:39.0039 3020 System memory - ok
14:22:39.0039 3020 ================ Scan services =============================
14:22:39.0055 3020 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:22:39.0071 3020 1394ohci - ok
14:22:39.0071 3020 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:22:39.0071 3020 ACPI - ok
14:22:39.0071 3020 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:22:39.0071 3020 AcpiPmi - ok
14:22:39.0071 3020 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:22:39.0071 3020 AdobeARMservice - ok
14:22:39.0086 3020 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:22:39.0086 3020 AdobeFlashPlayerUpdateSvc - ok
14:22:39.0102 3020 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:22:39.0102 3020 adp94xx - ok
14:22:39.0102 3020 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:22:39.0102 3020 adpahci - ok
14:22:39.0117 3020 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:22:39.0117 3020 adpu320 - ok
14:22:39.0117 3020 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:22:39.0117 3020 AeLookupSvc - ok
14:22:39.0117 3020 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:22:39.0117 3020 AFD - ok
14:22:39.0133 3020 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:22:39.0133 3020 agp440 - ok
14:22:39.0133 3020 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:22:39.0133 3020 ALG - ok
14:22:39.0133 3020 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:22:39.0133 3020 aliide - ok
14:22:39.0133 3020 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:22:39.0133 3020 amdide - ok
14:22:39.0133 3020 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:22:39.0133 3020 AmdK8 - ok
14:22:39.0133 3020 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
14:22:39.0149 3020 AmdPPM - ok
14:22:39.0149 3020 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:22:39.0149 3020 amdsata - ok
14:22:39.0149 3020 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:22:39.0149 3020 amdsbs - ok
14:22:39.0149 3020 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:22:39.0149 3020 amdxata - ok
14:22:39.0164 3020 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:22:39.0164 3020 Amsp - ok
14:22:39.0164 3020 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:22:39.0164 3020 AppID - ok
14:22:39.0164 3020 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:22:39.0164 3020 AppIDSvc - ok
14:22:39.0164 3020 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
14:22:39.0164 3020 Appinfo - ok
14:22:39.0180 3020 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:22:39.0180 3020 Apple Mobile Device - ok
14:22:39.0180 3020 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:22:39.0180 3020 arc - ok
14:22:39.0180 3020 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:22:39.0180 3020 arcsas - ok
14:22:39.0180 3020 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:22:39.0180 3020 AsyncMac - ok
14:22:39.0180 3020 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:22:39.0180 3020 atapi - ok
14:22:39.0195 3020 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
14:22:39.0211 3020 athr - ok
14:22:39.0211 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:22:39.0211 3020 AudioEndpointBuilder - ok
14:22:39.0227 3020 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:22:39.0227 3020 AudioSrv - ok
14:22:39.0227 3020 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:22:39.0227 3020 AxInstSV - ok
14:22:39.0242 3020 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:22:39.0242 3020 b06bdrv - ok
14:22:39.0242 3020 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:22:39.0242 3020 b57nd60a - ok
14:22:39.0242 3020 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:22:39.0242 3020 BDESVC - ok
14:22:39.0258 3020 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:22:39.0258 3020 Beep - ok
14:22:39.0258 3020 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:22:39.0258 3020 BFE - ok
14:22:39.0273 3020 [ A547A67CD2E6E0354A2EFDBE939C2E6C ] BfLwf C:\windows\system32\DRIVERS\bflwfx64.sys
14:22:39.0273 3020 BfLwf - ok
14:22:39.0273 3020 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
14:22:39.0273 3020 BITS - ok
14:22:39.0289 3020 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
14:22:39.0289 3020 blbdrive - ok
14:22:39.0289 3020 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:22:39.0305 3020 Bluetooth Device Monitor - ok
14:22:39.0320 3020 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:22:39.0320 3020 Bluetooth Media Service - ok
14:22:39.0336 3020 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:22:39.0336 3020 Bluetooth OBEX Service - ok
14:22:39.0351 3020 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:22:39.0351 3020 Bonjour Service - ok
14:22:39.0351 3020 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:22:39.0351 3020 bowser - ok
14:22:39.0351 3020 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:22:39.0351 3020 BrFiltLo - ok
14:22:39.0351 3020 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:22:39.0351 3020 BrFiltUp - ok
14:22:39.0367 3020 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:22:39.0367 3020 Browser - ok
14:22:39.0367 3020 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:22:39.0367 3020 Brserid - ok
14:22:39.0367 3020 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:22:39.0367 3020 BrSerWdm - ok
14:22:39.0367 3020 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:22:39.0367 3020 BrUsbMdm - ok
14:22:39.0367 3020 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:22:39.0367 3020 BrUsbSer - ok
14:22:39.0383 3020 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
14:22:39.0383 3020 BthEnum - ok
14:22:39.0383 3020 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:22:39.0383 3020 BTHMODEM - ok
14:22:39.0383 3020 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
14:22:39.0383 3020 BthPan - ok
14:22:39.0398 3020 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
14:22:39.0398 3020 BTHPORT - ok
14:22:39.0398 3020 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:22:39.0398 3020 bthserv - ok
14:22:39.0398 3020 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
14:22:39.0398 3020 BTHUSB - ok
14:22:39.0398 3020 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
14:22:39.0398 3020 btmaux - ok
14:22:39.0414 3020 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
14:22:39.0414 3020 btmhsf - ok
14:22:39.0414 3020 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:22:39.0414 3020 cdfs - ok
14:22:39.0414 3020 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:22:39.0429 3020 cdrom - ok
14:22:39.0429 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:22:39.0429 3020 CertPropSvc - ok
14:22:39.0429 3020 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:22:39.0429 3020 circlass - ok
14:22:39.0429 3020 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:22:39.0429 3020 CLFS - ok
14:22:39.0445 3020 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:22:39.0445 3020 clr_optimization_v2.0.50727_32 - ok
14:22:39.0445 3020 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:22:39.0445 3020 clr_optimization_v2.0.50727_64 - ok
14:22:39.0445 3020 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:22:39.0445 3020 clr_optimization_v4.0.30319_32 - ok
14:22:39.0461 3020 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:22:39.0461 3020 clr_optimization_v4.0.30319_64 - ok
14:22:39.0461 3020 clwvd - ok
14:22:39.0461 3020 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
14:22:39.0461 3020 CmBatt - ok
14:22:39.0461 3020 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:22:39.0461 3020 cmdide - ok
14:22:39.0476 3020 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:22:39.0476 3020 CNG - ok
14:22:39.0476 3020 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:22:39.0476 3020 Compbatt - ok
14:22:39.0476 3020 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
14:22:39.0476 3020 CompositeBus - ok
14:22:39.0476 3020 COMSysApp - ok
14:22:39.0492 3020 [ DB84D759193FDEDF82144E565108037E ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
14:22:39.0492 3020 cphs - ok
14:22:39.0492 3020 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:22:39.0492 3020 crcdisk - ok
14:22:39.0492 3020 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:22:39.0492 3020 CryptSvc - ok
14:22:39.0507 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:22:39.0507 3020 DcomLaunch - ok
14:22:39.0507 3020 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
14:22:39.0507 3020 defragsvc - ok
14:22:39.0507 3020 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:22:39.0507 3020 DfsC - ok
14:22:39.0523 3020 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:22:39.0523 3020 Dhcp - ok
14:22:39.0523 3020 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:22:39.0523 3020 discache - ok
14:22:39.0523 3020 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:22:39.0523 3020 Disk - ok
14:22:39.0523 3020 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:22:39.0539 3020 Dnscache - ok
14:22:39.0539 3020 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:22:39.0539 3020 dot3svc - ok
14:22:39.0539 3020 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:22:39.0539 3020 DPS - ok
14:22:39.0539 3020 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:22:39.0539 3020 drmkaud - ok
14:22:39.0554 3020 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:22:39.0554 3020 DXGKrnl - ok
14:22:39.0554 3020 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:22:39.0570 3020 EapHost - ok
14:22:39.0585 3020 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:22:39.0601 3020 ebdrv - ok
14:22:39.0601 3020 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:22:39.0601 3020 EFS - ok
14:22:39.0617 3020 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:22:39.0617 3020 ehRecvr - ok
14:22:39.0617 3020 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:22:39.0617 3020 ehSched - ok
14:22:39.0632 3020 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:22:39.0632 3020 elxstor - ok
14:22:39.0632 3020 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:22:39.0632 3020 ErrDev - ok
14:22:39.0632 3020 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:22:39.0648 3020 EventSystem - ok
14:22:39.0648 3020 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:22:39.0648 3020 exfat - ok
14:22:39.0648 3020 Fabs - ok
14:22:39.0648 3020 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:22:39.0648 3020 fastfat - ok
14:22:39.0663 3020 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:22:39.0663 3020 Fax - ok
14:22:39.0663 3020 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:22:39.0663 3020 fdc - ok
14:22:39.0663 3020 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:22:39.0663 3020 fdPHost - ok
14:22:39.0679 3020 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:22:39.0679 3020 FDResPub - ok
14:22:39.0679 3020 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:22:39.0679 3020 FileInfo - ok
14:22:39.0679 3020 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:22:39.0679 3020 Filetrace - ok
14:22:39.0695 3020 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:22:39.0726 3020 FirebirdServerMAGIXInstance - ok
14:22:39.0726 3020 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:22:39.0726 3020 flpydisk - ok
14:22:39.0726 3020 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:22:39.0726 3020 FltMgr - ok
14:22:39.0741 3020 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
14:22:39.0741 3020 FontCache - ok
14:22:39.0741 3020 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:39.0741 3020 FontCache3.0.0.0 - ok
14:22:39.0757 3020 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:22:39.0757 3020 FsDepends - ok
14:22:39.0757 3020 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:22:39.0757 3020 Fs_Rec - ok
14:22:39.0757 3020 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:22:39.0757 3020 fvevol - ok
14:22:39.0757 3020 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:22:39.0757 3020 gagp30kx - ok
14:22:39.0757 3020 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:22:39.0757 3020 GEARAspiWDM - ok
14:22:39.0773 3020 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:22:39.0773 3020 gpsvc - ok
14:22:39.0773 3020 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
14:22:39.0773 3020 hamachi - ok
14:22:39.0788 3020 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:22:39.0788 3020 hcw85cir - ok
14:22:39.0788 3020 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:22:39.0788 3020 HdAudAddService - ok
14:22:39.0788 3020 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
14:22:39.0788 3020 HDAudBus - ok
14:22:39.0788 3020 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:22:39.0788 3020 HidBatt - ok
14:22:39.0804 3020 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:22:39.0804 3020 HidBth - ok
14:22:39.0804 3020 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:22:39.0804 3020 HidIr - ok
14:22:39.0804 3020 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
14:22:39.0804 3020 hidserv - ok
14:22:39.0804 3020 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:22:39.0804 3020 HidUsb - ok
14:22:39.0804 3020 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:22:39.0804 3020 hkmsvc - ok
14:22:39.0819 3020 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:22:39.0819 3020 HomeGroupListener - ok
14:22:39.0819 3020 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:22:39.0819 3020 HomeGroupProvider - ok
14:22:39.0819 3020 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:22:39.0819 3020 HpSAMD - ok
14:22:39.0835 3020 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:22:39.0835 3020 HTTP - ok
14:22:39.0835 3020 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:22:39.0835 3020 hwpolicy - ok
14:22:39.0835 3020 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
14:22:39.0835 3020 i8042prt - ok
14:22:39.0851 3020 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\drivers\iaStor.sys
14:22:39.0851 3020 iaStor - ok
14:22:39.0851 3020 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:22:39.0851 3020 IAStorDataMgrSvc - ok
14:22:39.0866 3020 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:22:39.0866 3020 iaStorV - ok
14:22:39.0866 3020 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
14:22:39.0866 3020 ibtfltcoex - ok
14:22:39.0882 3020 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:22:39.0897 3020 IconMan_R - ok
14:22:39.0913 3020 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:22:39.0913 3020 idsvc - ok
14:22:40.0007 3020 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
14:22:40.0053 3020 igfx - ok
14:22:40.0069 3020 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:22:40.0069 3020 iirsp - ok
14:22:40.0069 3020 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:22:40.0085 3020 IKEEXT - ok
14:22:40.0100 3020 [ C03463214D23B46B991F582821C8DF69 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:22:40.0116 3020 IntcAzAudAddService - ok
14:22:40.0116 3020 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
14:22:40.0116 3020 IntcDAud - ok
14:22:40.0116 3020 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:22:40.0116 3020 intelide - ok
14:22:40.0116 3020 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
14:22:40.0116 3020 intelppm - ok
14:22:40.0131 3020 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:22:40.0131 3020 IPBusEnum - ok
14:22:40.0131 3020 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:22:40.0131 3020 IpFilterDriver - ok
14:22:40.0131 3020 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:22:40.0131 3020 iphlpsvc - ok
14:22:40.0147 3020 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:22:40.0147 3020 IPMIDRV - ok
14:22:40.0147 3020 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:22:40.0147 3020 IPNAT - ok
14:22:40.0147 3020 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:22:40.0163 3020 iPod Service - ok
14:22:40.0163 3020 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:22:40.0163 3020 IRENUM - ok
14:22:40.0163 3020 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:22:40.0163 3020 isapnp - ok
14:22:40.0163 3020 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:22:40.0163 3020 iScsiPrt - ok
14:22:40.0178 3020 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\drivers\iusb3hcs.sys
14:22:40.0178 3020 iusb3hcs - ok
14:22:40.0178 3020 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\drivers\iusb3hub.sys
14:22:40.0178 3020 iusb3hub - ok
14:22:40.0194 3020 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\drivers\iusb3xhc.sys
14:22:40.0194 3020 iusb3xhc - ok
14:22:40.0194 3020 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:22:40.0194 3020 IviRegMgr - ok
14:22:40.0194 3020 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:22:40.0194 3020 kbdclass - ok
14:22:40.0194 3020 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
14:22:40.0194 3020 kbdhid - ok
14:22:40.0209 3020 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:22:40.0209 3020 KeyIso - ok
14:22:40.0209 3020 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:22:40.0209 3020 KSecDD - ok
14:22:40.0209 3020 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:22:40.0209 3020 KSecPkg - ok
14:22:40.0209 3020 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:22:40.0209 3020 ksthunk - ok
14:22:40.0225 3020 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:22:40.0225 3020 KtmRm - ok
14:22:40.0225 3020 [ 19A1E658E858CB93CCA526438086881E ] L1C C:\windows\system32\DRIVERS\e22w7x64.sys
14:22:40.0225 3020 L1C - ok
14:22:40.0225 3020 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
14:22:40.0225 3020 LanmanServer - ok
14:22:40.0241 3020 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:22:40.0241 3020 LanmanWorkstation - ok
14:22:40.0241 3020 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:22:40.0241 3020 lltdio - ok
14:22:40.0241 3020 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:22:40.0241 3020 lltdsvc - ok
14:22:40.0256 3020 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:22:40.0256 3020 lmhosts - ok
14:22:40.0256 3020 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:22:40.0256 3020 LSI_FC - ok
14:22:40.0256 3020 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:22:40.0256 3020 LSI_SAS - ok
14:22:40.0256 3020 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:22:40.0256 3020 LSI_SAS2 - ok
14:22:40.0256 3020 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:22:40.0272 3020 LSI_SCSI - ok
14:22:40.0272 3020 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:22:40.0272 3020 luafv - ok
14:22:40.0272 3020 mbamswissarmy - ok
14:22:40.0272 3020 MBfilt - ok
14:22:40.0272 3020 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:22:40.0272 3020 Mcx2Svc - ok
14:22:40.0272 3020 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:22:40.0272 3020 megasas - ok
14:22:40.0287 3020 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:22:40.0287 3020 MegaSR - ok
14:22:40.0287 3020 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
14:22:40.0287 3020 MEIx64 - ok
14:22:40.0287 3020 MGHwCtrl - ok
14:22:40.0287 3020 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\windows\SysWOW64\MSIService.exe
14:22:40.0303 3020 Micro Star SCM - ok
14:22:40.0303 3020 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:22:40.0303 3020 MMCSS - ok
14:22:40.0303 3020 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:22:40.0303 3020 Modem - ok
14:22:40.0303 3020 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:22:40.0303 3020 monitor - ok
14:22:40.0303 3020 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:22:40.0303 3020 mouclass - ok
14:22:40.0303 3020 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:22:40.0303 3020 mouhid - ok
14:22:40.0319 3020 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:22:40.0319 3020 mountmgr - ok
14:22:40.0319 3020 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:22:40.0319 3020 MozillaMaintenance - ok
14:22:40.0319 3020 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:22:40.0319 3020 mpio - ok
14:22:40.0319 3020 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:22:40.0334 3020 mpsdrv - ok
14:22:40.0334 3020 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:22:40.0334 3020 MpsSvc - ok
14:22:40.0350 3020 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:22:40.0350 3020 MRxDAV - ok
14:22:40.0350 3020 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:22:40.0350 3020 mrxsmb - ok
14:22:40.0350 3020 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:22:40.0350 3020 mrxsmb10 - ok
14:22:40.0350 3020 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:22:40.0365 3020 mrxsmb20 - ok
14:22:40.0365 3020 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
14:22:40.0365 3020 msahci - ok
14:22:40.0365 3020 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:22:40.0365 3020 msdsm - ok
14:22:40.0365 3020 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:22:40.0365 3020 MSDTC - ok
14:22:40.0365 3020 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:22:40.0365 3020 Msfs - ok
14:22:40.0381 3020 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:22:40.0381 3020 mshidkmdf - ok
14:22:40.0381 3020 [ 87B9DAF6D123EC06C19B41D5295441AD ] MSI Foundation Service C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
14:22:40.0381 3020 MSI Foundation Service - ok
14:22:40.0381 3020 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:22:40.0381 3020 msisadrv - ok
14:22:40.0381 3020 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:22:40.0381 3020 MSiSCSI - ok
14:22:40.0381 3020 msiserver - ok
14:22:40.0397 3020 [ C72ADF8436182E12B1B7E04390CE4C5B ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
14:22:40.0397 3020 MSI_SuperCharger - ok
14:22:40.0397 3020 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:22:40.0397 3020 MSKSSRV - ok
14:22:40.0397 3020 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:22:40.0397 3020 MSPCLOCK - ok
14:22:40.0397 3020 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:22:40.0397 3020 MSPQM - ok
14:22:40.0412 3020 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:22:40.0412 3020 MsRPC - ok
14:22:40.0412 3020 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
14:22:40.0412 3020 mssmbios - ok
14:22:40.0412 3020 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:22:40.0412 3020 MSTEE - ok
14:22:40.0412 3020 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:22:40.0412 3020 MTConfig - ok
14:22:40.0412 3020 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:22:40.0412 3020 Mup - ok
14:22:40.0428 3020 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:22:40.0428 3020 napagent - ok
14:22:40.0428 3020 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:22:40.0428 3020 NativeWifiP - ok
14:22:40.0443 3020 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:22:40.0443 3020 NAUpdate - ok
14:22:40.0459 3020 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:22:40.0459 3020 NDIS - ok
14:22:40.0459 3020 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:22:40.0459 3020 NdisCap - ok
14:22:40.0475 3020 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:22:40.0475 3020 NdisTapi - ok
14:22:40.0475 3020 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:22:40.0475 3020 Ndisuio - ok
14:22:40.0475 3020 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:22:40.0475 3020 NdisWan - ok
14:22:40.0475 3020 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:22:40.0475 3020 NDProxy - ok
14:22:40.0475 3020 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:22:40.0475 3020 NetBIOS - ok
14:22:40.0490 3020 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:22:40.0490 3020 NetBT - ok
14:22:40.0490 3020 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:22:40.0490 3020 Netlogon - ok
14:22:40.0490 3020 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:22:40.0490 3020 Netman - ok
14:22:40.0506 3020 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:22:40.0506 3020 netprofm - ok
14:22:40.0506 3020 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:22:40.0506 3020 NetTcpPortSharing - ok
14:22:40.0584 3020 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
14:22:40.0631 3020 NETwNs64 - ok
14:22:40.0631 3020 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:22:40.0631 3020 nfrd960 - ok
14:22:40.0631 3020 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
14:22:40.0631 3020 NlaSvc - ok
14:22:40.0646 3020 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:22:40.0646 3020 Npfs - ok
14:22:40.0646 3020 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:22:40.0646 3020 nsi - ok
14:22:40.0646 3020 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:22:40.0646 3020 nsiproxy - ok
14:22:40.0662 3020 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:22:40.0662 3020 Ntfs - ok
14:22:40.0662 3020 [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
14:22:40.0662 3020 NTIOLib_1_0_3 - ok
14:22:40.0677 3020 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:22:40.0677 3020 Null - ok
14:22:40.0771 3020 [ 67428BB28210D22743CC5B3C032CBC57 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:22:40.0818 3020 nvlddmkm - ok
14:22:40.0818 3020 [ 2AFE430C06494691DD97CBB20A982544 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
14:22:40.0818 3020 nvpciflt - ok
14:22:40.0833 3020 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:22:40.0833 3020 nvraid - ok
14:22:40.0833 3020 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:22:40.0833 3020 nvstor - ok
14:22:40.0849 3020 [ D594841129E5902A67430C01F59EB20C ] nvsvc C:\windows\system32\nvvsvc.exe
14:22:40.0849 3020 nvsvc - ok
14:22:40.0865 3020 [ CFE798F2095D6F23F9127CDED4547814 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:22:40.0880 3020 nvUpdatusService - ok
14:22:40.0880 3020 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:22:40.0880 3020 nv_agp - ok
14:22:40.0896 3020 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:22:40.0896 3020 odserv - ok
14:22:40.0896 3020 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:22:40.0896 3020 ohci1394 - ok
14:22:40.0911 3020 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:22:40.0911 3020 ose - ok
14:22:40.0911 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:22:40.0911 3020 p2pimsvc - ok
14:22:40.0911 3020 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:22:40.0927 3020 p2psvc - ok
14:22:40.0927 3020 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:22:40.0927 3020 Parport - ok
14:22:40.0927 3020 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:22:40.0927 3020 partmgr - ok
14:22:40.0927 3020 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:22:40.0927 3020 PcaSvc - ok
14:22:40.0943 3020 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:22:40.0943 3020 pci - ok
14:22:40.0943 3020 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
14:22:40.0943 3020 pciide - ok
14:22:40.0943 3020 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:22:40.0943 3020 pcmcia - ok
14:22:40.0943 3020 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:22:40.0943 3020 pcw - ok
14:22:40.0958 3020 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:22:40.0958 3020 PEAUTH - ok
14:22:40.0958 3020 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:22:40.0958 3020 PerfHost - ok
14:22:40.0974 3020 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:22:40.0989 3020 pla - ok
14:22:40.0989 3020 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:22:40.0989 3020 PlugPlay - ok
14:22:41.0005 3020 PnkBstrA - ok
14:22:41.0005 3020 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:22:41.0005 3020 PNRPAutoReg - ok
14:22:41.0005 3020 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:22:41.0005 3020 PNRPsvc - ok
14:22:41.0021 3020 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:22:41.0021 3020 PolicyAgent - ok
14:22:41.0021 3020 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:22:41.0021 3020 Power - ok
14:22:41.0021 3020 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:22:41.0021 3020 PptpMiniport - ok
14:22:41.0036 3020 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:22:41.0036 3020 Processor - ok
14:22:41.0036 3020 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:22:41.0036 3020 ProfSvc - ok
14:22:41.0036 3020 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:22:41.0036 3020 ProtectedStorage - ok
14:22:41.0036 3020 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:22:41.0036 3020 Psched - ok
14:22:41.0052 3020 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:22:41.0052 3020 PSI_SVC_2 - ok
14:22:41.0067 3020 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:22:41.0067 3020 ql2300 - ok
14:22:41.0067 3020 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:22:41.0067 3020 ql40xx - ok
14:22:41.0083 3020 [ 165BF7E379FAA483E0185B2A0B0970D8 ] Qualcomm Atheros Killer Service C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
14:22:41.0083 3020 Qualcomm Atheros Killer Service - ok
14:22:41.0083 3020 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:22:41.0083 3020 QWAVE - ok
14:22:41.0083 3020 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:22:41.0083 3020 QWAVEdrv - ok
14:22:41.0099 3020 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:22:41.0099 3020 RasAcd - ok
14:22:41.0099 3020 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:22:41.0099 3020 RasAgileVpn - ok
14:22:41.0099 3020 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:22:41.0099 3020 RasAuto - ok
14:22:41.0099 3020 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:22:41.0099 3020 Rasl2tp - ok
14:22:41.0114 3020 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:22:41.0114 3020 RasMan - ok
14:22:41.0114 3020 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:22:41.0114 3020 RasPppoe - ok
14:22:41.0114 3020 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:22:41.0114 3020 RasSstp - ok
14:22:41.0130 3020 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:22:41.0130 3020 rdbss - ok
14:22:41.0130 3020 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:22:41.0130 3020 rdpbus - ok
14:22:41.0130 3020 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:22:41.0130 3020 RDPCDD - ok
14:22:41.0130 3020 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:22:41.0130 3020 RDPENCDD - ok
14:22:41.0130 3020 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:22:41.0130 3020 RDPREFMP - ok
14:22:41.0145 3020 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:22:41.0145 3020 RDPWD - ok
14:22:41.0145 3020 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:22:41.0145 3020 rdyboost - ok
14:22:41.0145 3020 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
14:22:41.0145 3020 regi - ok
14:22:41.0145 3020 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:22:41.0145 3020 RemoteAccess - ok
14:22:41.0161 3020 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:22:41.0161 3020 RemoteRegistry - ok
14:22:41.0161 3020 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
14:22:41.0161 3020 RFCOMM - ok
14:22:41.0161 3020 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:22:41.0161 3020 RpcEptMapper - ok
14:22:41.0161 3020 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:22:41.0161 3020 RpcLocator - ok
14:22:41.0177 3020 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
14:22:41.0177 3020 RpcSs - ok
14:22:41.0177 3020 [ 33404B769915388BE7162D9ED58422AC ] RSPCIESTOR C:\windows\system32\DRIVERS\RtsPStor.sys
14:22:41.0177 3020 RSPCIESTOR - ok
14:22:41.0192 3020 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:22:41.0192 3020 rspndr - ok
14:22:41.0192 3020 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:22:41.0192 3020 SamSs - ok
14:22:41.0192 3020 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:22:41.0192 3020 sbp2port - ok
14:22:41.0192 3020 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:22:41.0192 3020 SCardSvr - ok
14:22:41.0208 3020 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:22:41.0208 3020 scfilter - ok
14:22:41.0208 3020 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:22:41.0223 3020 Schedule - ok
14:22:41.0223 3020 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:22:41.0223 3020 SCPolicySvc - ok
14:22:41.0223 3020 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
14:22:41.0223 3020 sdbus - ok
14:22:41.0223 3020 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:22:41.0239 3020 SDRSVC - ok
14:22:41.0239 3020 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:22:41.0239 3020 secdrv - ok
14:22:41.0239 3020 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:22:41.0239 3020 seclogon - ok
14:22:41.0239 3020 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
14:22:41.0239 3020 SENS - ok
14:22:41.0239 3020 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:22:41.0239 3020 SensrSvc - ok
14:22:41.0255 3020 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:22:41.0255 3020 Serenum - ok
14:22:41.0255 3020 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:22:41.0255 3020 Serial - ok
14:22:41.0255 3020 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:22:41.0255 3020 sermouse - ok
14:22:41.0255 3020 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:22:41.0255 3020 SessionEnv - ok
14:22:41.0270 3020 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:22:41.0270 3020 sffdisk - ok
14:22:41.0270 3020 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:22:41.0270 3020 sffp_mmc - ok
14:22:41.0270 3020 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:22:41.0270 3020 sffp_sd - ok
14:22:41.0270 3020 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:22:41.0270 3020 sfloppy - ok
14:22:41.0270 3020 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:22:41.0270 3020 SharedAccess - ok
14:22:41.0286 3020 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:22:41.0286 3020 ShellHWDetection - ok
14:22:41.0286 3020 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:22:41.0286 3020 SiSRaid2 - ok
14:22:41.0286 3020 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:22:41.0286 3020 SiSRaid4 - ok
14:22:41.0301 3020 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:41.0301 3020 SkypeUpdate - ok
14:22:41.0301 3020 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:22:41.0301 3020 Smb - ok
14:22:41.0301 3020 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:22:41.0301 3020 SNMPTRAP - ok
14:22:41.0301 3020 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:22:41.0301 3020 spldr - ok
14:22:41.0317 3020 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:22:41.0317 3020 Spooler - ok
14:22:41.0348 3020 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:22:41.0364 3020 sppsvc - ok
14:22:41.0364 3020 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:22:41.0364 3020 sppuinotify - ok
14:22:41.0364 3020 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:22:41.0364 3020 srv - ok
14:22:41.0379 3020 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:22:41.0379 3020 srv2 - ok
14:22:41.0379 3020 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:22:41.0379 3020 srvnet - ok
14:22:41.0379 3020 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:22:41.0395 3020 SSDPSRV - ok
14:22:41.0395 3020 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:22:41.0395 3020 SstpSvc - ok
14:22:41.0395 3020 Steam Client Service - ok
14:22:41.0395 3020 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:22:41.0395 3020 stexstor - ok
14:22:41.0411 3020 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:22:41.0411 3020 stisvc - ok
14:22:41.0411 3020 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
14:22:41.0411 3020 swenum - ok
14:22:41.0411 3020 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:22:41.0426 3020 swprv - ok
14:22:41.0426 3020 [ F4DB1D9E6A42D491F0F8E21854301C0B ] SynTP C:\windows\system32\drivers\SynTP.sys
14:22:41.0442 3020 SynTP - ok
14:22:41.0457 3020 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:22:41.0457 3020 SysMain - ok
14:22:41.0473 3020 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:22:41.0473 3020 TabletInputService - ok
14:22:41.0473 3020 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:22:41.0473 3020 TapiSrv - ok
14:22:41.0473 3020 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:22:41.0473 3020 TBS - ok
14:22:41.0489 3020 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:22:41.0504 3020 Tcpip - ok
14:22:41.0520 3020 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:22:41.0520 3020 TCPIP6 - ok
14:22:41.0535 3020 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:22:41.0535 3020 tcpipreg - ok
14:22:41.0535 3020 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:22:41.0535 3020 TDPIPE - ok
14:22:41.0535 3020 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:22:41.0535 3020 TDTCP - ok
14:22:41.0535 3020 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:22:41.0535 3020 tdx - ok
14:22:41.0535 3020 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
14:22:41.0535 3020 TermDD - ok
14:22:41.0551 3020 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:22:41.0551 3020 TermService - ok
14:22:41.0551 3020 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:22:41.0551 3020 Themes - ok
14:22:41.0567 3020 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:22:41.0567 3020 THREADORDER - ok
14:22:41.0567 3020 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
14:22:41.0567 3020 tmactmon - ok
14:22:41.0567 3020 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
14:22:41.0567 3020 tmcomm - ok
14:22:41.0567 3020 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
14:22:41.0567 3020 tmevtmgr - ok
14:22:41.0582 3020 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
14:22:41.0582 3020 tmtdi - ok
14:22:41.0582 3020 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:22:41.0582 3020 TrkWks - ok
14:22:41.0582 3020 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:22:41.0582 3020 TrustedInstaller - ok
14:22:41.0582 3020 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:22:41.0582 3020 tssecsrv - ok
14:22:41.0598 3020 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:22:41.0598 3020 TsUsbFlt - ok
14:22:41.0598 3020 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:22:41.0598 3020 TsUsbGD - ok
14:22:41.0598 3020 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:22:41.0598 3020 tunnel - ok
14:22:41.0598 3020 [ 20155CF5FB9F7902178D7D5CDC7C0F90 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
14:22:41.0598 3020 TurboB - ok
14:22:41.0598 3020 [ E00FC2B80837C29817A3A082717B8C48 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:22:41.0613 3020 TurboBoost - ok
14:22:41.0613 3020 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:22:41.0613 3020 uagp35 - ok
14:22:41.0613 3020 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:22:41.0613 3020 udfs - ok
14:22:41.0613 3020 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:22:41.0629 3020 UI0Detect - ok
14:22:41.0629 3020 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:22:41.0629 3020 uliagpkx - ok
14:22:41.0629 3020 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:22:41.0629 3020 umbus - ok
14:22:41.0629 3020 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:22:41.0629 3020 UmPass - ok
14:22:41.0629 3020 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:22:41.0645 3020 upnphost - ok
14:22:41.0645 3020 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:22:41.0645 3020 usbaudio - ok
14:22:41.0645 3020 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:22:41.0645 3020 usbccgp - ok
14:22:41.0645 3020 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:22:41.0645 3020 usbcir - ok
14:22:41.0645 3020 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
14:22:41.0645 3020 usbehci - ok
14:22:41.0660 3020 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys
14:22:41.0660 3020 usbhub - ok
14:22:41.0660 3020 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:22:41.0660 3020 usbohci - ok
14:22:41.0660 3020 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
14:22:41.0660 3020 usbprint - ok
14:22:41.0660 3020 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:22:41.0660 3020 USBSTOR - ok
14:22:41.0676 3020 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:22:41.0676 3020 usbuhci - ok
14:22:41.0676 3020 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:22:41.0676 3020 UxSms - ok
14:22:41.0676 3020 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:22:41.0676 3020 VaultSvc - ok
14:22:41.0676 3020 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:22:41.0676 3020 vdrvroot - ok
14:22:41.0691 3020 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:22:41.0691 3020 vds - ok
14:22:41.0691 3020 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:22:41.0691 3020 vga - ok
14:22:41.0691 3020 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:22:41.0691 3020 VgaSave - ok
14:22:41.0691 3020 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:22:41.0691 3020 vhdmp - ok
14:22:41.0707 3020 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:22:41.0707 3020 viaide - ok
14:22:41.0707 3020 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:22:41.0707 3020 volmgr - ok
14:22:41.0707 3020 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:22:41.0707 3020 volmgrx - ok
14:22:41.0707 3020 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:22:41.0723 3020 volsnap - ok
14:22:41.0723 3020 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:22:41.0723 3020 vsmraid - ok
14:22:41.0738 3020 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:22:41.0738 3020 VSS - ok
14:22:41.0738 3020 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:22:41.0738 3020 vwifibus - ok
14:22:41.0754 3020 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:22:41.0754 3020 vwififlt - ok
14:22:41.0754 3020 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:22:41.0754 3020 W32Time - ok
14:22:41.0754 3020 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:22:41.0754 3020 WacomPen - ok
14:22:41.0754 3020 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:22:41.0754 3020 WANARP - ok
14:22:41.0769 3020 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:22:41.0769 3020 Wanarpv6 - ok
14:22:41.0785 3020 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:22:41.0785 3020 wbengine - ok
14:22:41.0785 3020 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:22:41.0785 3020 WbioSrvc - ok
14:22:41.0801 3020 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:22:41.0801 3020 wcncsvc - ok
14:22:41.0801 3020 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:22:41.0801 3020 WcsPlugInService - ok
14:22:41.0801 3020 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:22:41.0801 3020 Wd - ok
14:22:41.0816 3020 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:22:41.0816 3020 Wdf01000 - ok
14:22:41.0816 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:22:41.0816 3020 WdiServiceHost - ok
14:22:41.0816 3020 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:22:41.0816 3020 WdiSystemHost - ok
14:22:41.0832 3020 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:22:41.0832 3020 WebClient - ok
14:22:41.0832 3020 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:22:41.0832 3020 Wecsvc - ok
14:22:41.0832 3020 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:22:41.0847 3020 wercplsupport - ok
14:22:41.0847 3020 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:22:41.0847 3020 WerSvc - ok
14:22:41.0847 3020 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:22:41.0847 3020 WfpLwf - ok
14:22:41.0847 3020 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:22:41.0847 3020 WIMMount - ok
14:22:41.0847 3020 WinDefend - ok
14:22:41.0847 3020 WinHttpAutoProxySvc - ok
14:22:41.0863 3020 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:22:41.0863 3020 Winmgmt - ok
14:22:41.0879 3020 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:22:41.0894 3020 WinRM - ok
14:22:41.0894 3020 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:22:41.0910 3020 Wlansvc - ok
14:22:41.0925 3020 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:22:41.0941 3020 wlidsvc - ok
14:22:41.0941 3020 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
14:22:41.0941 3020 WmiAcpi - ok
14:22:41.0941 3020 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:22:41.0941 3020 wmiApSrv - ok
14:22:41.0957 3020 WMPNetworkSvc - ok
14:22:41.0957 3020 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:22:41.0957 3020 WPCSvc - ok
14:22:41.0957 3020 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:22:41.0957 3020 WPDBusEnum - ok
14:22:41.0957 3020 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:22:41.0957 3020 ws2ifsl - ok
14:22:41.0957 3020 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
14:22:41.0972 3020 wscsvc - ok
14:22:41.0972 3020 WSearch - ok
14:22:41.0988 3020 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:22:42.0003 3020 wuauserv - ok
14:22:42.0003 3020 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:22:42.0003 3020 WudfPf - ok
14:22:42.0003 3020 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:22:42.0003 3020 WUDFRd - ok
14:22:42.0019 3020 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:22:42.0019 3020 wudfsvc - ok
14:22:42.0019 3020 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
14:22:42.0019 3020 WwanSvc - ok
14:22:42.0019 3020 ================ Scan global ===============================
14:22:42.0019 3020 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:22:42.0035 3020 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
14:22:42.0035 3020 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
14:22:42.0035 3020 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:22:42.0050 3020 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:22:42.0050 3020 [Global] - ok
14:22:42.0050 3020 ================ Scan MBR ==================================
14:22:42.0050 3020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:22:42.0113 3020 \Device\Harddisk0\DR0 - ok
14:22:42.0393 3020 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:22:42.0393 3020 \Device\Harddisk1\DR1 - ok
14:22:42.0393 3020 [ 891B3093BD51252D83AE4011A2A37D7E ] \Device\Harddisk2\DR5
14:22:47.0557 3020 \Device\Harddisk2\DR5 - ok
14:22:47.0557 3020 ================ Scan VBR ==================================
14:22:47.0557 3020 [ 65AFED333BB4C69BA2B03DED0B282C2C ] \Device\Harddisk0\DR0\Partition1
14:22:47.0557 3020 \Device\Harddisk0\DR0\Partition1 - ok
14:22:47.0557 3020 [ 60013B01AADB66E6DFACACB74AA3DE5D ] \Device\Harddisk0\DR0\Partition2
14:22:47.0557 3020 \Device\Harddisk0\DR0\Partition2 - ok
14:22:47.0838 3020 [ 6A4FEA070300D46C01C1A0DD095C1772 ] \Device\Harddisk1\DR1\Partition1
14:22:47.0838 3020 \Device\Harddisk1\DR1\Partition1 - ok
14:22:47.0838 3020 ============================================================
14:22:47.0838 3020 Scan finished
14:22:47.0838 3020 ============================================================
14:22:47.0838 1484 Detected object count: 0
14:22:47.0838 1484 Actual detected object count: 0
14:25:59.0331 4396 ============================================================
14:25:59.0331 4396 Scan started
14:25:59.0331 4396 Mode: Manual; SigCheck; TDLFS;
14:25:59.0331 4396 ============================================================
14:25:59.0799 4396 ================ Scan system memory ========================
14:25:59.0799 4396 System memory - ok
14:25:59.0799 4396 ================ Scan services =============================
14:25:59.0815 4396 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
14:25:59.0846 4396 1394ohci - ok
14:25:59.0861 4396 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
14:25:59.0861 4396 ACPI - ok
14:25:59.0877 4396 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
14:25:59.0893 4396 AcpiPmi - ok
14:25:59.0893 4396 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:25:59.0893 4396 AdobeARMservice - ok
14:25:59.0908 4396 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:25:59.0924 4396 AdobeFlashPlayerUpdateSvc - ok
14:25:59.0924 4396 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
14:25:59.0939 4396 adp94xx - ok
14:25:59.0939 4396 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
14:25:59.0955 4396 adpahci - ok
14:25:59.0955 4396 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
14:25:59.0955 4396 adpu320 - ok
14:25:59.0971 4396 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
14:26:00.0002 4396 AeLookupSvc - ok
14:26:00.0017 4396 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
14:26:00.0033 4396 AFD - ok
14:26:00.0033 4396 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
14:26:00.0033 4396 agp440 - ok
14:26:00.0033 4396 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
14:26:00.0049 4396 ALG - ok
14:26:00.0049 4396 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
14:26:00.0064 4396 aliide - ok
14:26:00.0064 4396 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
14:26:00.0064 4396 amdide - ok
14:26:00.0064 4396 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
14:26:00.0080 4396 AmdK8 - ok
14:26:00.0080 4396 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
14:26:00.0095 4396 AmdPPM - ok
14:26:00.0095 4396 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
14:26:00.0095 4396 amdsata - ok
14:26:00.0111 4396 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
14:26:00.0111 4396 amdsbs - ok
14:26:00.0111 4396 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
14:26:00.0127 4396 amdxata - ok
14:26:00.0127 4396 [ 18F64623E76FF58009D6F9CB9DEA5D0A ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
14:26:00.0142 4396 Amsp - ok
14:26:00.0142 4396 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
14:26:00.0173 4396 AppID - ok
14:26:00.0173 4396 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
14:26:00.0189 4396 AppIDSvc - ok
14:26:00.0189 4396 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
14:26:00.0205 4396 Appinfo - ok
14:26:00.0205 4396 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:26:00.0220 4396 Apple Mobile Device - ok
14:26:00.0220 4396 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
14:26:00.0220 4396 arc - ok
14:26:00.0220 4396 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
14:26:00.0236 4396 arcsas - ok
14:26:00.0236 4396 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
14:26:00.0251 4396 AsyncMac - ok
14:26:00.0251 4396 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
14:26:00.0267 4396 atapi - ok
14:26:00.0283 4396 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
14:26:00.0298 4396 athr - ok
14:26:00.0298 4396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
14:26:00.0329 4396 AudioEndpointBuilder - ok
14:26:00.0329 4396 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
14:26:00.0361 4396 AudioSrv - ok
14:26:00.0361 4396 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
14:26:00.0376 4396 AxInstSV - ok
14:26:00.0392 4396 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
14:26:00.0407 4396 b06bdrv - ok
14:26:00.0407 4396 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
14:26:00.0423 4396 b57nd60a - ok
14:26:00.0423 4396 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
14:26:00.0439 4396 BDESVC - ok
14:26:00.0439 4396 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
14:26:00.0454 4396 Beep - ok
14:26:00.0470 4396 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
14:26:00.0485 4396 BFE - ok
14:26:00.0501 4396 [ A547A67CD2E6E0354A2EFDBE939C2E6C ] BfLwf C:\windows\system32\DRIVERS\bflwfx64.sys
14:26:00.0501 4396 BfLwf - ok
14:26:00.0517 4396 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
14:26:00.0548 4396 BITS - ok
14:26:00.0548 4396 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
14:26:00.0563 4396 blbdrive - ok
14:26:00.0563 4396 [ 05981C3E51D827ED6B8101A54B05E392 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:26:00.0579 4396 Bluetooth Device Monitor - ok
14:26:00.0595 4396 [ BBFAF63BF768047FE2441B4139E803E3 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:26:00.0610 4396 Bluetooth Media Service - ok
14:26:00.0626 4396 [ 41D8F56E6BBE0111244D87BE2FA90374 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:26:00.0641 4396 Bluetooth OBEX Service - ok
14:26:00.0641 4396 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:26:00.0657 4396 Bonjour Service - ok
14:26:00.0657 4396 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
14:26:00.0657 4396 bowser - ok
14:26:00.0673 4396 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
14:26:00.0673 4396 BrFiltLo - ok
14:26:00.0673 4396 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
14:26:00.0688 4396 BrFiltUp - ok
14:26:00.0688 4396 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
14:26:00.0704 4396 Browser - ok
14:26:00.0704 4396 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
14:26:00.0719 4396 Brserid - ok
14:26:00.0719 4396 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
14:26:00.0719 4396 BrSerWdm - ok
14:26:00.0735 4396 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
14:26:00.0735 4396 BrUsbMdm - ok
14:26:00.0735 4396 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
14:26:00.0751 4396 BrUsbSer - ok
14:26:00.0751 4396 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
14:26:00.0766 4396 BthEnum - ok
14:26:00.0766 4396 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
14:26:00.0766 4396 BTHMODEM - ok
14:26:00.0782 4396 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
14:26:00.0782 4396 BthPan - ok
14:26:00.0797 4396 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
14:26:00.0797 4396 BTHPORT - ok
14:26:00.0813 4396 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
14:26:00.0829 4396 bthserv - ok
14:26:00.0829 4396 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
14:26:00.0844 4396 BTHUSB - ok
14:26:00.0844 4396 [ 988CC6CC49303665D3B2435C51505C3F ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
14:26:00.0844 4396 btmaux - ok
14:26:00.0860 4396 [ 2B4B508AFAC2A563931AF1FE875A5B16 ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
14:26:00.0875 4396 btmhsf - ok
14:26:00.0875 4396 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
14:26:00.0891 4396 cdfs - ok
14:26:00.0907 4396 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
14:26:00.0907 4396 cdrom - ok
14:26:00.0907 4396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
14:26:00.0938 4396 CertPropSvc - ok
14:26:00.0938 4396 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
14:26:00.0953 4396 circlass - ok
14:26:00.0953 4396 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
14:26:00.0953 4396 CLFS - ok
14:26:00.0969 4396 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:26:00.0969 4396 clr_optimization_v2.0.50727_32 - ok
14:26:00.0969 4396 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:26:00.0985 4396 clr_optimization_v2.0.50727_64 - ok
14:26:00.0985 4396 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:26:01.0000 4396 clr_optimization_v4.0.30319_32 - ok
14:26:01.0000 4396 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:26:01.0000 4396 clr_optimization_v4.0.30319_64 - ok
14:26:01.0000 4396 clwvd - ok
14:26:01.0016 4396 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
14:26:01.0016 4396 CmBatt - ok
14:26:01.0016 4396 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
14:26:01.0031 4396 cmdide - ok
14:26:01.0031 4396 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
14:26:01.0047 4396 CNG - ok
14:26:01.0047 4396 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
14:26:01.0047 4396 Compbatt - ok
14:26:01.0063 4396 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
14:26:01.0063 4396 CompositeBus - ok
14:26:01.0063 4396 COMSysApp - ok
14:26:01.0078 4396 [ DB84D759193FDEDF82144E565108037E ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
14:26:01.0094 4396 cphs - ok
14:26:01.0094 4396 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
14:26:01.0094 4396 crcdisk - ok
14:26:01.0094 4396 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
14:26:01.0109 4396 CryptSvc - ok
14:26:01.0125 4396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
14:26:01.0141 4396 DcomLaunch - ok
14:26:01.0141 4396 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
14:26:01.0172 4396 defragsvc - ok
14:26:01.0172 4396 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
14:26:01.0203 4396 DfsC - ok
14:26:01.0203 4396 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
14:26:01.0219 4396 Dhcp - ok
14:26:01.0219 4396 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
14:26:01.0234 4396 discache - ok
14:26:01.0234 4396 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
14:26:01.0250 4396 Disk - ok
14:26:01.0250 4396 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
14:26:01.0265 4396 Dnscache - ok
14:26:01.0265 4396 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
14:26:01.0281 4396 dot3svc - ok
14:26:01.0297 4396 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
14:26:01.0312 4396 DPS - ok
14:26:01.0312 4396 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
14:26:01.0328 4396 drmkaud - ok
14:26:01.0343 4396 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
14:26:01.0343 4396 DXGKrnl - ok
14:26:01.0359 4396 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
14:26:01.0375 4396 EapHost - ok
14:26:01.0406 4396 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
14:26:01.0437 4396 ebdrv - ok
14:26:01.0437 4396 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
14:26:01.0437 4396 EFS - ok
14:26:01.0453 4396 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
14:26:01.0468 4396 ehRecvr - ok
14:26:01.0468 4396 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
14:26:01.0484 4396 ehSched - ok
14:26:01.0484 4396 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
14:26:01.0499 4396 elxstor - ok
14:26:01.0499 4396 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
14:26:01.0499 4396 ErrDev - ok
14:26:01.0515 4396 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
14:26:01.0531 4396 EventSystem - ok
14:26:01.0546 4396 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
14:26:01.0562 4396 exfat - ok
14:26:01.0562 4396 Fabs - ok
14:26:01.0562 4396 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
14:26:01.0593 4396 fastfat - ok
14:26:01.0593 4396 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
14:26:01.0609 4396 Fax - ok
14:26:01.0609 4396 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
14:26:01.0624 4396 fdc - ok
14:26:01.0624 4396 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
14:26:01.0640 4396 fdPHost - ok
14:26:01.0655 4396 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
14:26:01.0671 4396 FDResPub - ok
14:26:01.0671 4396 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
14:26:01.0687 4396 FileInfo - ok
14:26:01.0687 4396 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
14:26:01.0702 4396 Filetrace - ok
14:26:01.0733 4396 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
14:26:01.0749 4396 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
14:26:01.0749 4396 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
14:26:01.0765 4396 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
14:26:01.0765 4396 flpydisk - ok
14:26:01.0765 4396 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
14:26:01.0780 4396 FltMgr - ok
14:26:01.0796 4396 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
14:26:01.0811 4396 FontCache - ok
14:26:01.0811 4396 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:26:01.0811 4396 FontCache3.0.0.0 - ok
14:26:01.0811 4396 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
14:26:01.0827 4396 FsDepends - ok
14:26:01.0827 4396 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
14:26:01.0827 4396 Fs_Rec - ok
14:26:01.0843 4396 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
14:26:01.0843 4396 fvevol - ok
14:26:01.0843 4396 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
14:26:01.0858 4396 gagp30kx - ok
14:26:01.0858 4396 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
14:26:01.0858 4396 GEARAspiWDM - ok
14:26:01.0874 4396 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
14:26:01.0889 4396 gpsvc - ok
14:26:01.0905 4396 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
14:26:01.0905 4396 hamachi - ok
14:26:01.0921 4396 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
14:26:01.0921 4396 hcw85cir - ok
14:26:01.0921 4396 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
14:26:01.0936 4396 HdAudAddService - ok
14:26:01.0936 4396 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
14:26:01.0952 4396 HDAudBus - ok
14:26:01.0952 4396 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
14:26:01.0967 4396 HidBatt - ok
14:26:01.0967 4396 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
14:26:01.0983 4396 HidBth - ok
14:26:01.0983 4396 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
14:26:01.0983 4396 HidIr - ok
14:26:01.0983 4396 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
14:26:02.0014 4396 hidserv - ok
14:26:02.0014 4396 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
14:26:02.0014 4396 HidUsb - ok
14:26:02.0030 4396 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
14:26:02.0045 4396 hkmsvc - ok
14:26:02.0045 4396 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
14:26:02.0061 4396 HomeGroupListener - ok
14:26:02.0061 4396 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
14:26:02.0077 4396 HomeGroupProvider - ok
14:26:02.0077 4396 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
14:26:02.0092 4396 HpSAMD - ok
14:26:02.0092 4396 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
14:26:02.0123 4396 HTTP - ok
14:26:02.0123 4396 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
14:26:02.0123 4396 hwpolicy - ok
14:26:02.0123 4396 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
14:26:02.0139 4396 i8042prt - ok
14:26:02.0139 4396 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\windows\system32\drivers\iaStor.sys
14:26:02.0170 4396 iaStor - ok
14:26:02.0170 4396 [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:26:02.0186 4396 IAStorDataMgrSvc - ok
14:26:02.0186 4396 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
14:26:02.0201 4396 iaStorV - ok
14:26:02.0201 4396 [ 9E3D44CE737388F6BBBB6DD4A1C1847C ] ibtfltcoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
14:26:02.0201 4396 ibtfltcoex - ok
14:26:02.0217 4396 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:26:02.0264 4396 IconMan_R - ok
14:26:02.0264 4396 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:26:02.0279 4396 idsvc - ok
14:26:02.0373 4396 [ 54E37A4E66B2CA1C38E9728FAD5F9822 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
14:26:02.0498 4396 igfx - ok
14:26:02.0498 4396 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
14:26:02.0513 4396 iirsp - ok
14:26:02.0513 4396 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
14:26:02.0545 4396 IKEEXT - ok
14:26:02.0560 4396 [ C03463214D23B46B991F582821C8DF69 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
14:26:02.0591 4396 IntcAzAudAddService - ok
14:26:02.0607 4396 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
14:26:02.0607 4396 IntcDAud - ok
14:26:02.0607 4396 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
14:26:02.0623 4396 intelide - ok
14:26:02.0623 4396 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
14:26:02.0623 4396 intelppm - ok
14:26:02.0638 4396 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
14:26:02.0654 4396 IPBusEnum - ok
14:26:02.0654 4396 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
14:26:02.0685 4396 IpFilterDriver - ok
14:26:02.0685 4396 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
14:26:02.0701 4396 iphlpsvc - ok
14:26:02.0701 4396 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
14:26:02.0716 4396 IPMIDRV - ok
14:26:02.0716 4396 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
14:26:02.0732 4396 IPNAT - ok
14:26:02.0747 4396 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:26:02.0747 4396 iPod Service - ok
14:26:02.0747 4396 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
14:26:02.0763 4396 IRENUM - ok
14:26:02.0763 4396 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
14:26:02.0779 4396 isapnp - ok
14:26:02.0779 4396 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
14:26:02.0794 4396 iScsiPrt - ok
14:26:02.0794 4396 [ 8E4577C6E0D3114170509159DE658907 ] iusb3hcs C:\windows\system32\drivers\iusb3hcs.sys
14:26:02.0794 4396 iusb3hcs - ok
14:26:02.0810 4396 [ FE76346E9B57DA575BD1B3BD0CCAD7FF ] iusb3hub C:\windows\system32\drivers\iusb3hub.sys
14:26:02.0825 4396 iusb3hub - ok
14:26:02.0825 4396 [ 1008CD90DA2198FFD250298DEB9DF160 ] iusb3xhc C:\windows\system32\drivers\iusb3xhc.sys
14:26:02.0841 4396 iusb3xhc - ok
14:26:02.0857 4396 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:26:02.0857 4396 IviRegMgr - ok
14:26:02.0857 4396 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
14:26:02.0872 4396 kbdclass - ok
14:26:02.0872 4396 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
14:26:02.0872 4396 kbdhid - ok
14:26:02.0872 4396 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
14:26:02.0888 4396 KeyIso - ok
14:26:02.0888 4396 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
14:26:02.0888 4396 KSecDD - ok
14:26:02.0903 4396 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
14:26:02.0903 4396 KSecPkg - ok
14:26:02.0903 4396 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
14:26:02.0935 4396 ksthunk - ok
14:26:02.0935 4396 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
14:26:02.0966 4396 KtmRm - ok
14:26:02.0966 4396 [ 19A1E658E858CB93CCA526438086881E ] L1C C:\windows\system32\DRIVERS\e22w7x64.sys
14:26:02.0981 4396 L1C - ok
14:26:02.0981 4396 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
14:26:03.0013 4396 LanmanServer - ok
14:26:03.0013 4396 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
14:26:03.0028 4396 LanmanWorkstation - ok
14:26:03.0028 4396 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
14:26:03.0059 4396 lltdio - ok
14:26:03.0059 4396 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
14:26:03.0091 4396 lltdsvc - ok
14:26:03.0091 4396 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
14:26:03.0106 4396 lmhosts - ok
14:26:03.0106 4396 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
14:26:03.0122 4396 LSI_FC - ok
14:26:03.0122 4396 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
14:26:03.0137 4396 LSI_SAS - ok
14:26:03.0137 4396 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
14:26:03.0137 4396 LSI_SAS2 - ok
14:26:03.0137 4396 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
14:26:03.0153 4396 LSI_SCSI - ok
14:26:03.0153 4396 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
14:26:03.0169 4396 luafv - ok
14:26:03.0169 4396 mbamswissarmy - ok
14:26:03.0184 4396 MBfilt - ok
14:26:03.0184 4396 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
14:26:03.0184 4396 Mcx2Svc - ok
14:26:03.0184 4396 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
14:26:03.0200 4396 megasas - ok
14:26:03.0200 4396 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
14:26:03.0215 4396 MegaSR - ok
14:26:03.0215 4396 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\windows\system32\drivers\HECIx64.sys
14:26:03.0231 4396 MEIx64 - ok
14:26:03.0231 4396 MGHwCtrl - ok
14:26:03.0231 4396 [ 71C6748EE8DE938532057EF10B4B7E44 ] Micro Star SCM C:\windows\SysWOW64\MSIService.exe
14:26:03.0231 4396 Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
14:26:03.0231 4396 Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
14:26:03.0247 4396 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
14:26:03.0262 4396 MMCSS - ok
14:26:03.0262 4396 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
14:26:03.0293 4396 Modem - ok
14:26:03.0293 4396 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
14:26:03.0293 4396 monitor - ok
14:26:03.0293 4396 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
14:26:03.0309 4396 mouclass - ok
14:26:03.0309 4396 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
14:26:03.0309 4396 mouhid - ok
14:26:03.0325 4396 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
14:26:03.0325 4396 mountmgr - ok
14:26:03.0325 4396 [ 313265CF4F5F02ED927774DA1DB3FE00 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:26:03.0340 4396 MozillaMaintenance - ok
14:26:03.0340 4396 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
14:26:03.0340 4396 mpio - ok
14:26:03.0356 4396 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
14:26:03.0371 4396 mpsdrv - ok
14:26:03.0387 4396 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
14:26:03.0403 4396 MpsSvc - ok
14:26:03.0403 4396 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
14:26:03.0418 4396 MRxDAV - ok
14:26:03.0418 4396 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
14:26:03.0434 4396 mrxsmb - ok
14:26:03.0434 4396 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
14:26:03.0449 4396 mrxsmb10 - ok
14:26:03.0449 4396 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
14:26:03.0465 4396 mrxsmb20 - ok
14:26:03.0465 4396 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
14:26:03.0465 4396 msahci - ok
14:26:03.0465 4396 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
14:26:03.0481 4396 msdsm - ok
14:26:03.0481 4396 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
14:26:03.0496 4396 MSDTC - ok
14:26:03.0496 4396 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
14:26:03.0512 4396 Msfs - ok
14:26:03.0512 4396 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
14:26:03.0543 4396 mshidkmdf - ok
14:26:03.0543 4396 [ 87B9DAF6D123EC06C19B41D5295441AD ] MSI Foundation Service C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
14:26:03.0543 4396 MSI Foundation Service ( UnsignedFile.Multi.Generic ) - warning
14:26:03.0543 4396 MSI Foundation Service - detected UnsignedFile.Multi.Generic (1)
14:26:03.0543 4396 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
14:26:03.0559 4396 msisadrv - ok
14:26:03.0559 4396 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
14:26:03.0574 4396 MSiSCSI - ok
14:26:03.0574 4396 msiserver - ok
14:26:03.0590 4396 [ C72ADF8436182E12B1B7E04390CE4C5B ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
14:26:03.0590 4396 MSI_SuperCharger - ok
14:26:03.0605 4396 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
14:26:03.0621 4396 MSKSSRV - ok
14:26:03.0621 4396 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
14:26:03.0637 4396 MSPCLOCK - ok
14:26:03.0652 4396 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
14:26:03.0668 4396 MSPQM - ok
14:26:03.0668 4396 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
14:26:03.0683 4396 MsRPC - ok
14:26:03.0683 4396 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
14:26:03.0699 4396 mssmbios - ok
14:26:03.0699 4396 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
14:26:03.0715 4396 MSTEE - ok
14:26:03.0715 4396 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
14:26:03.0730 4396 MTConfig - ok
14:26:03.0730 4396 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
14:26:03.0730 4396 Mup - ok
14:26:03.0746 4396 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
14:26:03.0761 4396 napagent - ok
14:26:03.0777 4396 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
14:26:03.0777 4396 NativeWifiP - ok
14:26:03.0793 4396 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate
|
|
09.06.2013, 19:57
| #10 |
| | Trend Micro öffnet nicht und nun der Rest von TDSS: Code:
ATTFilter C:\Program Files (x86)\Nero\Update\NASvc.exe
14:26:03.0808 4396 NAUpdate - ok
14:26:03.0808 4396 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
14:26:03.0824 4396 NDIS - ok
14:26:03.0839 4396 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
14:26:03.0855 4396 NdisCap - ok
14:26:03.0855 4396 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
14:26:03.0886 4396 NdisTapi - ok
14:26:03.0886 4396 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
14:26:03.0902 4396 Ndisuio - ok
14:26:03.0902 4396 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
14:26:03.0933 4396 NdisWan - ok
14:26:03.0933 4396 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
14:26:03.0949 4396 NDProxy - ok
14:26:03.0949 4396 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
14:26:03.0980 4396 NetBIOS - ok
14:26:03.0980 4396 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
14:26:03.0995 4396 NetBT - ok
14:26:04.0011 4396 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
14:26:04.0011 4396 Netlogon - ok
14:26:04.0011 4396 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
14:26:04.0042 4396 Netman - ok
14:26:04.0042 4396 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
14:26:04.0073 4396 netprofm - ok
14:26:04.0073 4396 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:26:04.0089 4396 NetTcpPortSharing - ok
14:26:04.0167 4396 [ B51E9AD4F4E4F8DBE0AB882756BC5DAB ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
14:26:04.0245 4396 NETwNs64 - ok
14:26:04.0245 4396 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
14:26:04.0261 4396 nfrd960 - ok
14:26:04.0261 4396 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
14:26:04.0261 4396 NlaSvc - ok
14:26:04.0276 4396 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
14:26:04.0292 4396 Npfs - ok
14:26:04.0292 4396 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
14:26:04.0307 4396 nsi - ok
14:26:04.0323 4396 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
14:26:04.0339 4396 nsiproxy - ok
14:26:04.0354 4396 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
14:26:04.0370 4396 Ntfs - ok
14:26:04.0370 4396 [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
14:26:04.0385 4396 NTIOLib_1_0_3 - ok
14:26:04.0385 4396 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
14:26:04.0417 4396 Null - ok
14:26:04.0510 4396 [ 67428BB28210D22743CC5B3C032CBC57 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
14:26:04.0651 4396 nvlddmkm - ok
14:26:04.0651 4396 [ 2AFE430C06494691DD97CBB20A982544 ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
14:26:04.0666 4396 nvpciflt - ok
14:26:04.0666 4396 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
14:26:04.0682 4396 nvraid - ok
14:26:04.0682 4396 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
14:26:04.0682 4396 nvstor - ok
14:26:04.0697 4396 [ D594841129E5902A67430C01F59EB20C ] nvsvc C:\windows\system32\nvvsvc.exe
14:26:04.0713 4396 nvsvc - ok
14:26:04.0744 4396 [ CFE798F2095D6F23F9127CDED4547814 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:26:04.0775 4396 nvUpdatusService - ok
14:26:04.0775 4396 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
14:26:04.0775 4396 nv_agp - ok
14:26:04.0791 4396 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:26:04.0791 4396 odserv - ok
14:26:04.0807 4396 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
14:26:04.0807 4396 ohci1394 - ok
14:26:04.0807 4396 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:26:04.0822 4396 ose - ok
14:26:04.0822 4396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
14:26:04.0838 4396 p2pimsvc - ok
14:26:04.0838 4396 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
14:26:04.0853 4396 p2psvc - ok
14:26:04.0853 4396 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
14:26:04.0869 4396 Parport - ok
14:26:04.0869 4396 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
14:26:04.0869 4396 partmgr - ok
14:26:04.0869 4396 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
14:26:04.0885 4396 PcaSvc - ok
14:26:04.0885 4396 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
14:26:04.0900 4396 pci - ok
14:26:04.0900 4396 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
14:26:04.0900 4396 pciide - ok
14:26:04.0916 4396 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
14:26:04.0916 4396 pcmcia - ok
14:26:04.0916 4396 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
14:26:04.0931 4396 pcw - ok
14:26:04.0931 4396 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
14:26:04.0963 4396 PEAUTH - ok
14:26:04.0963 4396 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
14:26:04.0978 4396 PerfHost - ok
14:26:04.0994 4396 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
14:26:05.0025 4396 pla - ok
14:26:05.0025 4396 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
14:26:05.0041 4396 PlugPlay - ok
14:26:05.0041 4396 PnkBstrA - ok
14:26:05.0041 4396 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
14:26:05.0056 4396 PNRPAutoReg - ok
14:26:05.0056 4396 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
14:26:05.0072 4396 PNRPsvc - ok
14:26:05.0072 4396 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
14:26:05.0087 4396 PolicyAgent - ok
14:26:05.0103 4396 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
14:26:05.0119 4396 Power - ok
14:26:05.0119 4396 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
14:26:05.0150 4396 PptpMiniport - ok
14:26:05.0150 4396 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
14:26:05.0150 4396 Processor - ok
14:26:05.0165 4396 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
14:26:05.0165 4396 ProfSvc - ok
14:26:05.0181 4396 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
14:26:05.0181 4396 ProtectedStorage - ok
14:26:05.0181 4396 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
14:26:05.0212 4396 Psched - ok
14:26:05.0212 4396 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:26:05.0212 4396 PSI_SVC_2 - ok
14:26:05.0228 4396 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
14:26:05.0243 4396 ql2300 - ok
14:26:05.0259 4396 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
14:26:05.0259 4396 ql40xx - ok
14:26:05.0259 4396 [ 165BF7E379FAA483E0185B2A0B0970D8 ] Qualcomm Atheros Killer Service C:\Program Files\Qualcomm Atheros\Killer Network Manager\BFNService.exe
14:26:05.0275 4396 Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - warning
14:26:05.0275 4396 Qualcomm Atheros Killer Service - detected UnsignedFile.Multi.Generic (1)
14:26:05.0275 4396 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
14:26:05.0290 4396 QWAVE - ok
14:26:05.0290 4396 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
14:26:05.0306 4396 QWAVEdrv - ok
14:26:05.0306 4396 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
14:26:05.0321 4396 RasAcd - ok
14:26:05.0321 4396 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
14:26:05.0353 4396 RasAgileVpn - ok
14:26:05.0353 4396 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
14:26:05.0368 4396 RasAuto - ok
14:26:05.0384 4396 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
14:26:05.0399 4396 Rasl2tp - ok
14:26:05.0399 4396 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
14:26:05.0431 4396 RasMan - ok
14:26:05.0431 4396 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
14:26:05.0462 4396 RasPppoe - ok
14:26:05.0462 4396 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
14:26:05.0477 4396 RasSstp - ok
14:26:05.0493 4396 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
14:26:05.0509 4396 rdbss - ok
14:26:05.0509 4396 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
14:26:05.0524 4396 rdpbus - ok
14:26:05.0524 4396 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
14:26:05.0540 4396 RDPCDD - ok
14:26:05.0540 4396 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
14:26:05.0571 4396 RDPENCDD - ok
14:26:05.0571 4396 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
14:26:05.0587 4396 RDPREFMP - ok
14:26:05.0602 4396 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
14:26:05.0602 4396 RDPWD - ok
14:26:05.0618 4396 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
14:26:05.0618 4396 rdyboost - ok
14:26:05.0618 4396 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys
14:26:05.0633 4396 regi - ok
14:26:05.0633 4396 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
14:26:05.0665 4396 RemoteAccess - ok
14:26:05.0665 4396 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
14:26:05.0680 4396 RemoteRegistry - ok
14:26:05.0696 4396 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
14:26:05.0696 4396 RFCOMM - ok
14:26:05.0696 4396 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
14:26:05.0727 4396 RpcEptMapper - ok
14:26:05.0727 4396 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
14:26:05.0727 4396 RpcLocator - ok
14:26:05.0743 4396 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
14:26:05.0758 4396 RpcSs - ok
14:26:05.0774 4396 [ 33404B769915388BE7162D9ED58422AC ] RSPCIESTOR C:\windows\system32\DRIVERS\RtsPStor.sys
14:26:05.0789 4396 RSPCIESTOR - ok
14:26:05.0789 4396 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
14:26:05.0805 4396 rspndr - ok
14:26:05.0821 4396 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
14:26:05.0821 4396 SamSs - ok
14:26:05.0821 4396 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
14:26:05.0836 4396 sbp2port - ok
14:26:05.0836 4396 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
14:26:05.0852 4396 SCardSvr - ok
14:26:05.0867 4396 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
14:26:05.0883 4396 scfilter - ok
14:26:05.0899 4396 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
14:26:05.0914 4396 Schedule - ok
14:26:05.0930 4396 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
14:26:05.0945 4396 SCPolicySvc - ok
14:26:05.0945 4396 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
14:26:05.0961 4396 sdbus - ok
14:26:05.0961 4396 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
14:26:05.0977 4396 SDRSVC - ok
14:26:05.0977 4396 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
14:26:05.0992 4396 secdrv - ok
14:26:05.0992 4396 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
14:26:06.0023 4396 seclogon - ok
14:26:06.0023 4396 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
14:26:06.0039 4396 SENS - ok
14:26:06.0039 4396 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
14:26:06.0055 4396 SensrSvc - ok
14:26:06.0055 4396 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
14:26:06.0070 4396 Serenum - ok
14:26:06.0070 4396 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
14:26:06.0070 4396 Serial - ok
14:26:06.0070 4396 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
14:26:06.0086 4396 sermouse - ok
14:26:06.0086 4396 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
14:26:06.0117 4396 SessionEnv - ok
14:26:06.0117 4396 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
14:26:06.0133 4396 sffdisk - ok
14:26:06.0133 4396 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
14:26:06.0133 4396 sffp_mmc - ok
14:26:06.0133 4396 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
14:26:06.0148 4396 sffp_sd - ok
14:26:06.0148 4396 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
14:26:06.0164 4396 sfloppy - ok
14:26:06.0164 4396 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
14:26:06.0195 4396 SharedAccess - ok
14:26:06.0195 4396 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
14:26:06.0211 4396 ShellHWDetection - ok
14:26:06.0226 4396 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
14:26:06.0226 4396 SiSRaid2 - ok
14:26:06.0226 4396 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
14:26:06.0242 4396 SiSRaid4 - ok
14:26:06.0242 4396 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:26:06.0242 4396 SkypeUpdate - ok
14:26:06.0242 4396 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
14:26:06.0273 4396 Smb - ok
14:26:06.0273 4396 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
14:26:06.0289 4396 SNMPTRAP - ok
14:26:06.0289 4396 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
14:26:06.0289 4396 spldr - ok
14:26:06.0304 4396 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
14:26:06.0304 4396 Spooler - ok
14:26:06.0335 4396 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
14:26:06.0382 4396 sppsvc - ok
14:26:06.0382 4396 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
14:26:06.0413 4396 sppuinotify - ok
14:26:06.0413 4396 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
14:26:06.0429 4396 srv - ok
14:26:06.0429 4396 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
14:26:06.0445 4396 srv2 - ok
14:26:06.0445 4396 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
14:26:06.0460 4396 srvnet - ok
14:26:06.0460 4396 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
14:26:06.0476 4396 SSDPSRV - ok
14:26:06.0476 4396 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
14:26:06.0507 4396 SstpSvc - ok
14:26:06.0507 4396 Steam Client Service - ok
14:26:06.0507 4396 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
14:26:06.0523 4396 stexstor - ok
14:26:06.0523 4396 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
14:26:06.0538 4396 stisvc - ok
14:26:06.0538 4396 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
14:26:06.0554 4396 swenum - ok
14:26:06.0554 4396 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
14:26:06.0569 4396 swprv - ok
14:26:06.0585 4396 [ F4DB1D9E6A42D491F0F8E21854301C0B ] SynTP C:\windows\system32\drivers\SynTP.sys
14:26:06.0616 4396 SynTP - ok
14:26:06.0632 4396 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
14:26:06.0647 4396 SysMain - ok
14:26:06.0647 4396 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
14:26:06.0663 4396 TabletInputService - ok
14:26:06.0663 4396 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
14:26:06.0694 4396 TapiSrv - ok
14:26:06.0694 4396 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
14:26:06.0725 4396 TBS - ok
14:26:06.0741 4396 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
14:26:06.0757 4396 Tcpip - ok
14:26:06.0772 4396 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
14:26:06.0803 4396 TCPIP6 - ok
14:26:06.0803 4396 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
14:26:06.0803 4396 tcpipreg - ok
14:26:06.0819 4396 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
14:26:06.0819 4396 TDPIPE - ok
14:26:06.0819 4396 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
14:26:06.0835 4396 TDTCP - ok
14:26:06.0835 4396 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
14:26:06.0850 4396 tdx - ok
14:26:06.0866 4396 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
14:26:06.0866 4396 TermDD - ok
14:26:06.0866 4396 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
14:26:06.0897 4396 TermService - ok
14:26:06.0897 4396 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
14:26:06.0913 4396 Themes - ok
14:26:06.0913 4396 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
14:26:06.0944 4396 THREADORDER - ok
14:26:06.0944 4396 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
14:26:06.0959 4396 tmactmon - ok
14:26:06.0959 4396 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
14:26:06.0975 4396 tmcomm - ok
14:26:06.0975 4396 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
14:26:06.0991 4396 tmevtmgr - ok
14:26:06.0991 4396 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
14:26:07.0006 4396 tmtdi - ok
14:26:07.0006 4396 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
14:26:07.0022 4396 TrkWks - ok
14:26:07.0022 4396 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
14:26:07.0053 4396 TrustedInstaller - ok
14:26:07.0053 4396 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
14:26:07.0069 4396 tssecsrv - ok
14:26:07.0084 4396 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
14:26:07.0084 4396 TsUsbFlt - ok
14:26:07.0084 4396 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
14:26:07.0100 4396 TsUsbGD - ok
14:26:07.0100 4396 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
14:26:07.0115 4396 tunnel - ok
14:26:07.0115 4396 [ 20155CF5FB9F7902178D7D5CDC7C0F90 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
14:26:07.0131 4396 TurboB - ok
14:26:07.0131 4396 [ E00FC2B80837C29817A3A082717B8C48 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:26:07.0147 4396 TurboBoost - ok
14:26:07.0147 4396 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
14:26:07.0147 4396 uagp35 - ok
14:26:07.0162 4396 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
14:26:07.0178 4396 udfs - ok
14:26:07.0178 4396 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
14:26:07.0193 4396 UI0Detect - ok
14:26:07.0193 4396 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
14:26:07.0209 4396 uliagpkx - ok
14:26:07.0209 4396 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
14:26:07.0209 4396 umbus - ok
14:26:07.0209 4396 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
14:26:07.0225 4396 UmPass - ok
14:26:07.0225 4396 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
14:26:07.0256 4396 upnphost - ok
14:26:07.0256 4396 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
14:26:07.0271 4396 usbaudio - ok
14:26:07.0271 4396 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
14:26:07.0271 4396 usbccgp - ok
14:26:07.0287 4396 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
14:26:07.0287 4396 usbcir - ok
14:26:07.0287 4396 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
14:26:07.0303 4396 usbehci - ok
14:26:07.0303 4396 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys
14:26:07.0318 4396 usbhub - ok
14:26:07.0318 4396 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
14:26:07.0318 4396 usbohci - ok
14:26:07.0334 4396 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
14:26:07.0334 4396 usbprint - ok
14:26:07.0334 4396 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
14:26:07.0349 4396 USBSTOR - ok
14:26:07.0349 4396 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
14:26:07.0365 4396 usbuhci - ok
14:26:07.0365 4396 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
14:26:07.0381 4396 UxSms - ok
14:26:07.0381 4396 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
14:26:07.0396 4396 VaultSvc - ok
14:26:07.0396 4396 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
14:26:07.0396 4396 vdrvroot - ok
14:26:07.0412 4396 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
14:26:07.0427 4396 vds - ok
14:26:07.0443 4396 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
14:26:07.0443 4396 vga - ok
14:26:07.0443 4396 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
14:26:07.0474 4396 VgaSave - ok
14:26:07.0474 4396 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
14:26:07.0474 4396 vhdmp - ok
14:26:07.0490 4396 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
14:26:07.0490 4396 viaide - ok
14:26:07.0490 4396 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
14:26:07.0505 4396 volmgr - ok
14:26:07.0505 4396 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
14:26:07.0521 4396 volmgrx - ok
14:26:07.0521 4396 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
14:26:07.0521 4396 volsnap - ok
14:26:07.0537 4396 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
14:26:07.0537 4396 vsmraid - ok
14:26:07.0552 4396 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
14:26:07.0583 4396 VSS - ok
14:26:07.0583 4396 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
14:26:07.0599 4396 vwifibus - ok
14:26:07.0599 4396 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
14:26:07.0615 4396 vwififlt - ok
14:26:07.0615 4396 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
14:26:07.0646 4396 W32Time - ok
14:26:07.0646 4396 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
14:26:07.0646 4396 WacomPen - ok
14:26:07.0661 4396 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
14:26:07.0677 4396 WANARP - ok
14:26:07.0677 4396 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
14:26:07.0693 4396 Wanarpv6 - ok
14:26:07.0708 4396 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
14:26:07.0724 4396 wbengine - ok
14:26:07.0739 4396 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
14:26:07.0739 4396 WbioSrvc - ok
14:26:07.0755 4396 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
14:26:07.0771 4396 wcncsvc - ok
14:26:07.0771 4396 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
14:26:07.0771 4396 WcsPlugInService - ok
14:26:07.0786 4396 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
14:26:07.0786 4396 Wd - ok
14:26:07.0802 4396 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
14:26:07.0802 4396 Wdf01000 - ok
14:26:07.0817 4396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
14:26:07.0833 4396 WdiServiceHost - ok
14:26:07.0833 4396 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
14:26:07.0849 4396 WdiSystemHost - ok
14:26:07.0849 4396 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
14:26:07.0864 4396 WebClient - ok
14:26:07.0864 4396 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
14:26:07.0895 4396 Wecsvc - ok
14:26:07.0895 4396 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
14:26:07.0927 4396 wercplsupport - ok
14:26:07.0927 4396 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
14:26:07.0942 4396 WerSvc - ok
14:26:07.0942 4396 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
14:26:07.0973 4396 WfpLwf - ok
14:26:07.0973 4396 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
14:26:07.0973 4396 WIMMount - ok
14:26:07.0973 4396 WinDefend - ok
14:26:07.0989 4396 WinHttpAutoProxySvc - ok
14:26:07.0989 4396 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
14:26:08.0005 4396 Winmgmt - ok
14:26:08.0036 4396 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
14:26:08.0067 4396 WinRM - ok
14:26:08.0067 4396 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
14:26:08.0098 4396 Wlansvc - ok
14:26:08.0114 4396 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:26:08.0129 4396 wlidsvc - ok
14:26:08.0145 4396 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
14:26:08.0145 4396 WmiAcpi - ok
14:26:08.0145 4396 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
14:26:08.0161 4396 wmiApSrv - ok
14:26:08.0161 4396 WMPNetworkSvc - ok
14:26:08.0161 4396 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
14:26:08.0176 4396 WPCSvc - ok
14:26:08.0176 4396 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
14:26:08.0176 4396 WPDBusEnum - ok
14:26:08.0192 4396 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
14:26:08.0207 4396 ws2ifsl - ok
14:26:08.0207 4396 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
14:26:08.0223 4396 wscsvc - ok
14:26:08.0223 4396 WSearch - ok
14:26:08.0239 4396 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
14:26:08.0270 4396 wuauserv - ok
14:26:08.0270 4396 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
14:26:08.0285 4396 WudfPf - ok
14:26:08.0285 4396 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
14:26:08.0285 4396 WUDFRd - ok
14:26:08.0301 4396 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
14:26:08.0301 4396 wudfsvc - ok
14:26:08.0301 4396 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
14:26:08.0317 4396 WwanSvc - ok
14:26:08.0317 4396 ================ Scan global ===============================
14:26:08.0317 4396 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
14:26:08.0332 4396 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
14:26:08.0332 4396 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
14:26:08.0332 4396 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
14:26:08.0348 4396 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
14:26:08.0348 4396 [Global] - ok
14:26:08.0348 4396 ================ Scan MBR ==================================
14:26:08.0348 4396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:26:08.0426 4396 \Device\Harddisk0\DR0 - ok
14:26:08.0441 4396 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
14:26:08.0785 4396 \Device\Harddisk1\DR1 - ok
14:26:08.0785 4396 [ 891B3093BD51252D83AE4011A2A37D7E ] \Device\Harddisk2\DR5
14:26:14.0042 4396 \Device\Harddisk2\DR5 - ok
14:26:14.0042 4396 ================ Scan VBR ==================================
14:26:14.0042 4396 [ 65AFED333BB4C69BA2B03DED0B282C2C ] \Device\Harddisk0\DR0\Partition1
14:26:14.0042 4396 \Device\Harddisk0\DR0\Partition1 - ok
14:26:14.0042 4396 [ 60013B01AADB66E6DFACACB74AA3DE5D ] \Device\Harddisk0\DR0\Partition2
14:26:14.0057 4396 \Device\Harddisk0\DR0\Partition2 - ok
14:26:14.0323 4396 [ 6A4FEA070300D46C01C1A0DD095C1772 ] \Device\Harddisk1\DR1\Partition1
14:26:14.0323 4396 \Device\Harddisk1\DR1\Partition1 - ok
14:26:14.0323 4396 ============================================================
14:26:14.0323 4396 Scan finished
14:26:14.0323 4396 ============================================================
14:26:14.0323 4316 Detected object count: 4
14:26:14.0323 4316 Actual detected object count: 4
14:28:25.0269 4316 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
14:28:25.0269 4316 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:28:25.0269 4316 Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
14:28:25.0269 4316 Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:28:25.0269 4316 MSI Foundation Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:28:25.0269 4316 MSI Foundation Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:28:25.0269 4316 Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:28:25.0269 4316 Qualcomm Atheros Killer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:28:27.0874 4124 Deinitialize success
Und nun? |
|
09.06.2013, 20:10
| #11 | |
| /// TB-Ausbilder | Trend Micro öffnet nichtZitat:
Supportstopp Lesestoff:Cracks und Keygens Den Kopierschutz von Software zu umgehen ist nach geltendem Recht illegal. Die Logfiles deuten stark darauf hin, dass du nicht legal erworbene Software einsetzt. Zudem sind Cracks und Patches aus dubioser Quelle sehr oft mit Schädlingen versehen, womit man sich also fast vorsätzlich infiziert. Wir haben uns hier auf dem Board darauf geeinigt, dass wir an dieser Stelle nicht weiter bereinigen, da wir ein solches Vorgehen nicht unterstützen. Hinzu kommt, dass wir dich in unserer Anleitung und auch in diesem Wichtig-Thema unmissverständlich darauf hingewiesen haben, wie wir damit umgehen werden. Saubere, gute Software hat seinen Preis und die Softwarefirmen leben von diesen Einnahmen. Unsere Hilfe beschränkt sich daher nur auf das Neuaufsetzen und Absichern deines Systems. Fragen dazu beantworten wir dir aber weiterhin gerne und zwar in unserem Forum.
__________________ Digitale Freibeuter gegen Malware! Keine Hilfe per PM! |
|
| Themen zu Trend Micro öffnet nicht |
| anleitung, arten, inter, interne, internet, internet security, internet security 2012, leitung, logfiles, malware, micro, nicht mehr, problem, security, starte, starten, trend, trend micro, verdacht, öffnet, öffnet nicht |
Linear-Darstellung
