| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Legal Software DepartmentWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.06.2013, 08:39
| #1 |
 |  Legal Software Department Hallo zusammen! Auch wir hatten das zweifelhafte Glück, uns das Ding einzufangen... Habe gerade schon versucht (wie hier http://www.trojaner-board.de/133145-...nt-ratlos.html beschrieben) farbar herunterzuladen (klappt) und dann neu zu starten (F12, booten von externer Festplatte, wo eigentlich alles drauf sein sollte)... klappt nicht. Bildschirm bleibt schwarz mit kleinem weissen blinkendem Strich... was ham wir falsch gemacht? Wie kann ich jetzt weitermachen? Wäre super, wenn uns jemand helfen kann :-) |
|
10.06.2013, 09:30
| #2 |
| /// Malware-holic   | Legal Software Department Hi,
__________________kommst du an nen pc mit brenner? download: ISO Burner - Download - Filepony isoburner anleitung: http://www.trojaner-board.de/83208-b...ei-cd-dvd.html • Wenn der Download fertig ist mache ein doppel Klick auf die OTLPENet.exe, was ISOBurner öffnet um es auf die CD zu brennen. Starte dein System neu und boote von der CD die du gerade erstellt hast. Wenn du nicht weist wie du deinen Computer dazu bringst von der CD zu booten, http://www.trojaner-board.de/81857-c...cd-booten.html • Dein System sollte jetzt einen REATOGO-X-PE Desktop anzeigen. • Mache einen doppel Klick auf das OTLPE Icon. • Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes. • Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes. • entferne den haken bei "Automatically Load All Remaining Users" wenn er gesetzt ist. • OTL sollte nun starten. Kopiere nun den Inhalt in die  Textbox. Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
• Wenn er fertig ist werden die Dateien in C:\otl.txt gesichert • Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast. poste beide logs
__________________ |
|
10.06.2013, 13:53
| #3 |
| | Legal Software Department Hallo!
__________________Erstmal vielen Dank für die schnelle Antwort  Das hat jetzt auch fast geklappt, allerdings kommt nach dem Klicken auf das OTLPE Icon keine Frage, sondern direkt ein Menü?  (miese Qualität, nen Screenshot bekomm ich da iwie auch nich hin...  )Egal was ich aussuche, danach kommt ne Fehlermeldung (No Windows Installation found oder Target is not Windows 2000 or later) Was mach ich falsch? |
|
10.06.2013, 15:17
| #4 |
| /// Malware-holic | Legal Software Department klapp da mal alles auf, wähle dann windows bzw wind und dann gehts
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
10.06.2013, 19:41
| #5 |
| | Legal Software Department so, nu hats geklappt. hat nur etwas gedauert, muss zwischen mac und pc hin und herspringen, internet ging auf dem pc nicht. hier otl.txt Code:
ATTFilter OTL logfile created on: 6/10/2013 10:31:13 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.31 Mb Free Space | 74.32% Space Free | Partition Type: NTFS
Drive I: | 689.45 Gb Total Space | 573.66 Gb Free Space | 83.20% Space Free | Partition Type: NTFS
Drive J: | 689.71 Gb Total Space | 689.61 Gb Free Space | 99.98% Space Free | Partition Type: NTFS
Drive L: | 7.46 Gb Total Space | 7.45 Gb Free Space | 99.94% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/04/07 11:37:16 | 005,352,960 | ---- | M] (Native Instruments GmbH) [Auto] -- I:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2010/09/22 13:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled] -- I:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/01/28 19:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto] -- I:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2009/09/14 02:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- I:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04) EPSON V5 Service4(04)
SRV:64bit: - [2009/09/14 02:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- I:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04) EPSON V3 Service4(04)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/22 06:53:45 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand] -- I:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/15 14:35:12 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- I:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 06:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto] -- I:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/29 05:12:22 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/03/29 05:12:06 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/02/09 23:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/09 13:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/02/05 11:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand] -- I:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2011/10/01 03:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 03:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/06/01 18:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto] -- I:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/26 22:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand] -- I:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 15:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto] -- I:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/01/15 17:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand] -- I:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 09:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto] -- I:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/12/09 05:24:16 | 000,076,320 | ---- | M] () [Auto] -- I:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- I:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/06/10 07:57:34 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- I:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013/03/29 05:12:27 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/03/29 05:12:27 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/03/29 05:12:27 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- I:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012/12/19 01:41:52 | 000,194,488 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/12/13 08:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/04/20 07:53:00 | 000,047,208 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- I:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/04/20 07:52:56 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- I:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/04/20 07:52:56 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand] -- I:\Windows\System32\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/03/26 16:00:16 | 000,772,224 | ---- | M] (Line 6) [Kernel | On_Demand] -- I:\Windows\System32\drivers\L6TPortB64.sys -- (L6TPortB)
DRV:64bit: - [2011/10/01 03:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 03:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 03:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- I:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 03:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/04/19 12:04:44 | 000,012,032 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand] -- I:\Windows\System32\drivers\dadder.sys -- (DAdderFltr)
DRV:64bit: - [2010/03/04 09:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/21 16:50:00 | 000,007,552 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- I:\Windows\System32\drivers\vHidDev.sys -- (vhidmini)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- I:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/02 22:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- I:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 22:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- I:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 22:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- I:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41081&home=true&tid=378
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={1B0F4ADF-6308-11E2-8A34-1078D29B0153}
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=41081&tid=378&bs=true&q=
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=41081&tid=378&bs=true&q=
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41081&home=true&tid=378
IE - HKU\ori_ON_I\Software\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41081&home=true&tid=378
IE - HKU\ori_ON_I\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - Reg Error: Key error. File not found
IE - HKU\ori_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\ori_ON_I\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\System32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: I:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: I:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: I:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll (McAfee, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: I:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: I:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: I:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: I:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: I:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/01/27 05:31:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/05/22 06:53:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/22 06:53:43 | 000,000,000 | ---D | M]
[2013/05/22 06:53:46 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/05/22 06:53:46 | 000,000,000 | ---D | M] (Default) -- I:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/05/03 22:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/08/31 07:39:36 | 000,003,280 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - I:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - I:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - I:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - I:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - I:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\ori_ON_I\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - I:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [mwlDaemon] I:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] I:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] I:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] I:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] I:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] I:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DeathAdder] I:\Program Files (x86)\Razer\DeathAdder\razerhid.exe ()
O4 - HKLM..\Run: [EgisTecPMMUpdate] I:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] I:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] I:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [IAStorIcon] I:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [MDS_Menu] I:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Norton Online Backup] I:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] I:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [SweetIM] I:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] I:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKU\LocalService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\ori_ON_I..\Run: [EPSON S22 Series] File not found
O4 - HKU\UpdatusUser_ON_I..\Run: [Sidebar] I:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_I..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_I..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_I..\RunOnce: [mctadmin] File not found
O4 - HKU\UpdatusUser_ON_I..\RunOnce: [ScrSav] I:\Program Files (x86)\Acer\Screensaver\run_Acer.exe ()
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - I:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - I:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - ori_ON_I\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/06/10 07:57:34 | 000,834,544 | ---- | C] (Duplex Secure Ltd.) -- I:\Windows\System32\drivers\sptd.sys
[2013/06/10 07:56:59 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\LSoft Technologies
[2013/06/10 07:56:59 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2013/06/07 02:31:09 | 000,000,000 | ---D | C] -- I:\Users\ori\AppData\Local\Programs
[2013/05/22 06:53:42 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\Mozilla Firefox
[2013/05/18 13:44:29 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/18 13:44:20 | 000,000,000 | ---D | C] -- I:\Program Files\iPod
[2013/05/18 13:44:19 | 000,000,000 | ---D | C] -- I:\Program Files\iTunes
[2013/05/18 13:44:19 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\iTunes
[2013/05/18 13:44:19 | 000,000,000 | ---D | C] -- I:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/05/18 13:42:53 | 000,000,000 | -HSD | C] -- I:\Config.Msi
[2013/05/15 01:58:12 | 000,265,064 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\drivers\dxgmms1.sys
[2013/05/15 01:58:12 | 000,144,384 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\cdd.dll
[2013/05/15 01:57:53 | 001,930,752 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\authui.dll
[2013/05/15 01:57:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\shdocvw.dll
[2013/05/15 01:57:53 | 000,111,448 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\consent.exe
[2013/05/15 01:57:50 | 001,796,096 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\authui.dll
[2013/05/15 01:57:38 | 000,048,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\wwanprotdim.dll
[2013/05/15 01:57:25 | 000,735,232 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msfeeds.dll
[2013/05/15 01:57:25 | 000,627,712 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\msfeeds.dll
[2013/05/15 01:57:24 | 000,247,808 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll
[2013/05/15 01:57:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieui.dll
[2013/05/15 01:57:24 | 000,134,144 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\url.dll
[2013/05/15 01:57:24 | 000,132,096 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\url.dll
[2013/05/15 01:57:24 | 000,097,792 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mshtmled.dll
[2013/05/15 01:57:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\mshtmled.dll
========== Files - Modified Within 30 Days ==========
[2013/06/10 15:02:18 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2013/06/10 15:01:29 | 000,009,696 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/06/10 15:01:29 | 000,009,696 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/06/10 14:58:19 | 000,654,602 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2013/06/10 14:58:19 | 000,616,484 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2013/06/10 14:58:19 | 000,130,216 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2013/06/10 14:58:19 | 000,106,606 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2013/06/10 14:53:45 | 529,850,367 | -HS- | M] () -- I:\hiberfil.sys
[2013/06/10 07:56:59 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
[2013/06/10 04:35:00 | 000,000,884 | ---- | M] () -- I:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/22 11:34:32 | 000,002,048 | ---- | M] () -- I:\Users\ori\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/05/18 13:44:31 | 000,001,787 | ---- | M] () -- I:\Users\Public\Desktop\iTunes.lnk
[2013/05/18 13:44:31 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/05/18 04:35:13 | 000,002,441 | ---- | M] () -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/05/16 00:38:47 | 000,297,240 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2013/05/15 14:35:12 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerApp.exe
[2013/05/15 14:35:12 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerCPLApp.cpl
========== Files Created - No Company Name ==========
[2013/06/09 12:39:58 | 000,030,720 | ---- | C] () -- I:\Users\ori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\War Thunder Beta Hack.exe
[2013/01/20 09:53:08 | 000,000,016 | ---- | C] () -- I:\Windows\msocreg32.dat
[2012/11/19 15:03:13 | 000,000,422 | ---- | C] () -- I:\Windows\wininit.ini
[2012/10/07 12:41:22 | 000,000,859 | ---- | C] () -- I:\Windows\client.config.ini
[2012/06/01 11:32:54 | 000,000,357 | ---- | C] () -- I:\Windows\GearBox.ini
[2011/06/08 17:34:58 | 000,252,928 | ---- | C] () -- I:\Windows\SysWow64\DShowRdpFilter.dll
[2011/01/13 14:40:34 | 000,000,000 | ---- | C] () -- I:\Windows\nsreg.dat
[2011/01/13 05:25:53 | 001,526,976 | ---- | C] () -- I:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/31 06:56:33 | 000,131,984 | ---- | C] () -- I:\ProgramData\FullRemove.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- I:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- I:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- I:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- I:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\SysWow64\mlang.dat
[2005/09/28 14:34:28 | 000,998,400 | ---- | C] () -- I:\Windows\SysWow64\l6gpcon.exe
========== LOP Check ==========
[2013/05/18 13:44:27 | 000,000,000 | ---D | M] -- I:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2010/08/31 07:05:24 | 000,000,000 | ---D | M] -- I:\ProgramData\Acer
[2013/01/30 13:47:24 | 000,000,000 | ---D | M] -- I:\ProgramData\Acoustica
[2011/01/13 05:22:35 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Application Data
[2012/11/03 13:11:11 | 000,000,000 | -H-D | M] -- I:\ProgramData\Common Files
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Documents
[2011/01/13 05:22:35 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2010/12/13 10:41:52 | 000,000,000 | ---D | M] -- I:\ProgramData\EgisTec IPS
[2012/05/25 07:17:22 | 000,000,000 | ---D | M] -- I:\ProgramData\EPSON
[2010/08/31 06:55:16 | 000,000,000 | ---D | M] -- I:\ProgramData\eSobi
[2011/01/13 05:22:35 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favorites
[2012/06/01 14:04:48 | 000,000,000 | ---D | M] -- I:\ProgramData\Line 6
[2012/04/06 13:59:06 | 000,000,000 | ---D | M] -- I:\ProgramData\Napster
[2011/06/22 12:50:22 | 000,000,000 | ---D | M] -- I:\ProgramData\Native Instruments
[2010/08/31 07:02:44 | 000,000,000 | ---D | M] -- I:\ProgramData\OberonGameConsole
[2011/01/13 05:24:21 | 000,000,000 | ---D | M] -- I:\ProgramData\oem
[2012/05/05 12:23:48 | 000,000,000 | ---D | M] -- I:\ProgramData\RapidSolution
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Start Menu
[2011/01/13 05:22:35 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2013/01/20 09:49:26 | 000,000,000 | ---D | M] -- I:\ProgramData\SweetIM
[2010/12/13 10:56:07 | 000,000,000 | ---D | M] -- I:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Templates
[2012/11/03 13:11:21 | 000,000,000 | ---D | M] -- I:\ProgramData\TuneUp Software
[2012/05/25 07:07:35 | 000,000,000 | ---D | M] -- I:\ProgramData\UDL
[2011/01/13 08:17:35 | 000,000,000 | ---D | M] -- I:\ProgramData\VirtualizedApplications
[2011/01/13 05:22:35 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2013/04/01 04:08:16 | 000,000,000 | ---D | M] -- I:\ProgramData\WarThunder
[2012/11/04 05:16:36 | 000,000,000 | -H-D | M] -- I:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2012/11/04 05:16:36 | 000,000,000 | ---D | M] -- I:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012/11/04 05:16:36 | 000,000,000 | -H-D | M] -- I:\ProgramData\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
[2012/11/04 05:16:36 | 000,000,000 | -HSD | M] -- I:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012/11/04 05:16:36 | 000,000,000 | -H-D | M] -- I:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2012/11/04 05:16:36 | 000,000,000 | -H-D | M] -- I:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
[2012/11/04 05:16:37 | 000,000,000 | -H-D | M] -- I:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2012/11/04 05:16:37 | 000,000,000 | -H-D | M] -- I:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2013/06/09 16:05:59 | 000,032,632 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
|
10.06.2013, 21:49
| #6 |
| /// Malware-holic | Legal Software Department hi, auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort rein: Code:
ATTFilter :OTL
[2013/06/09 12:39:58 | 000,030,720 | ---- | C] () -- I:\Users\ori\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\War Thunder Beta Hack.exe
[2013/01/20 09:53:08 | 000,000,016 | ---- | C] () -- I:\Windows\msocreg32.dat
:Files
:Commands
[EMPTYFLASH]
[emptytemp]
falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ --> Legal Software Department |
|
11.06.2013, 09:10
| #7 |
| | Legal Software Department Der zweite PC ist aber ein Mac  hab das jetzt mal am pc gemacht, aber iwie komm ich nicht weiter... auf c gibt es keinen ordner, nur diese dateien:  wenn ich den kopierten text im editor eingebe, passiert gar nix...  sorry, ich bin blond und so |
|
11.06.2013, 11:11
| #8 |
| /// Malware-holic | Legal Software Department hast du den fix per Hand in otl eingetragen? und auf fix geklickt? ddann mal versuchen manuell neu zustarten falls er das nicht tut
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 11:32
| #9 |
| | Legal Software Department was ist der fix? der letzte text, den ich in den editor kopieren sollte? soll das dann in den editor, wenn ich von der cd gebootet habe, also in diesem reatogo? |
|
11.06.2013, 11:44
| #10 |
| /// Malware-holic | Legal Software Department na den fix den ich halt zuletzt angewiesen hab. und ja, der muss in das eingabefeld von otl
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 12:10
| #11 |
| | Legal Software Department aha, dann hab ichs jetzt ich brauch das wohl leider wirklich für doofe schritt für schritt erklärt, sry  |
|
11.06.2013, 12:20
| #12 |
| /// Malware-holic | Legal Software Department ok wenn du das dann gemacht hast, und der pc ganz normal ohne cd startet, musst du evtl. manuell machen, dann weiter mit dem upload der unter dem Script steht
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 12:34
| #13 |
| | Legal Software Department habs hochgeladen |
|
11.06.2013, 12:45
| #14 |
| /// Malware-holic | Legal Software Department bist du im normalen Modus? Dann: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
11.06.2013, 18:06
| #15 |
| | Legal Software Department fertig Code:
ATTFilter 22:02:04.0056 3960 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:02:04.0352 3960 ============================================================
22:02:04.0352 3960 Current date / time: 2013/06/11 22:02:04.0352
22:02:04.0352 3960 SystemInfo:
22:02:04.0352 3960
22:02:04.0352 3960 OS Version: 6.1.7601 ServicePack: 1.0
22:02:04.0352 3960 Product type: Workstation
22:02:04.0352 3960 ComputerName: HEINRICH
22:02:04.0352 3960 UserName: ori
22:02:04.0352 3960 Windows directory: C:\Windows
22:02:04.0352 3960 System windows directory: C:\Windows
22:02:04.0352 3960 Running under WOW64
22:02:04.0352 3960 Processor architecture: Intel x64
22:02:04.0352 3960 Number of processors: 4
22:02:04.0352 3960 Page size: 0x1000
22:02:04.0352 3960 Boot type: Normal boot
22:02:04.0352 3960 ============================================================
22:02:05.0694 3960 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:02:05.0741 3960 ============================================================
22:02:05.0741 3960 \Device\Harddisk0\DR0:
22:02:05.0741 3960 MBR partitions:
22:02:05.0741 3960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x32000
22:02:05.0741 3960 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2432800, BlocksNum 0x562E7000
22:02:05.0741 3960 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x58719800, BlocksNum 0x5636D800
22:02:05.0741 3960 ============================================================
22:02:05.0865 3960 C: <-> \Device\Harddisk0\DR0\Partition2
22:02:05.0912 3960 D: <-> \Device\Harddisk0\DR0\Partition3
22:02:05.0912 3960 ============================================================
22:02:05.0912 3960 Initialize success
22:02:05.0912 3960 ============================================================
22:02:28.0688 1508 ============================================================
22:02:28.0688 1508 Scan started
22:02:28.0688 1508 Mode: Manual; SigCheck; TDLFS;
22:02:28.0688 1508 ============================================================
22:02:29.0047 1508 ================ Scan system memory ========================
22:02:29.0047 1508 System memory - ok
22:02:29.0047 1508 ================ Scan services =============================
22:02:29.0219 1508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:02:29.0390 1508 1394ohci - ok
22:02:29.0437 1508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:02:29.0453 1508 ACPI - ok
22:02:29.0499 1508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:02:29.0577 1508 AcpiPmi - ok
22:02:29.0702 1508 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
22:02:29.0733 1508 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
22:02:29.0733 1508 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
22:02:29.0796 1508 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:02:29.0811 1508 AdobeARMservice - ok
22:02:29.0921 1508 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:02:29.0952 1508 AdobeFlashPlayerUpdateSvc - ok
22:02:29.0983 1508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:02:30.0014 1508 adp94xx - ok
22:02:30.0045 1508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:02:30.0077 1508 adpahci - ok
22:02:30.0108 1508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:02:30.0123 1508 adpu320 - ok
22:02:30.0155 1508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:02:30.0295 1508 AeLookupSvc - ok
22:02:30.0357 1508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:02:30.0467 1508 AFD - ok
22:02:30.0498 1508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:02:30.0529 1508 agp440 - ok
22:02:30.0545 1508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:02:30.0607 1508 ALG - ok
22:02:30.0623 1508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:02:30.0654 1508 aliide - ok
22:02:30.0669 1508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:02:30.0685 1508 amdide - ok
22:02:30.0716 1508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:02:30.0763 1508 AmdK8 - ok
22:02:30.0779 1508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:02:30.0810 1508 AmdPPM - ok
22:02:30.0857 1508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:02:30.0872 1508 amdsata - ok
22:02:30.0888 1508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:02:30.0919 1508 amdsbs - ok
22:02:30.0935 1508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:02:30.0950 1508 amdxata - ok
22:02:31.0013 1508 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:02:31.0028 1508 AntiVirSchedulerService - ok
22:02:31.0075 1508 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:02:31.0091 1508 AntiVirService - ok
22:02:31.0137 1508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:02:31.0309 1508 AppID - ok
22:02:31.0340 1508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:02:31.0387 1508 AppIDSvc - ok
22:02:31.0434 1508 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
22:02:31.0481 1508 Appinfo - ok
22:02:31.0543 1508 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:02:31.0559 1508 Apple Mobile Device - ok
22:02:31.0605 1508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:02:31.0637 1508 arc - ok
22:02:31.0652 1508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:02:31.0668 1508 arcsas - ok
22:02:31.0683 1508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:02:31.0761 1508 AsyncMac - ok
22:02:31.0793 1508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:02:31.0808 1508 atapi - ok
22:02:31.0855 1508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:02:31.0933 1508 AudioEndpointBuilder - ok
22:02:31.0933 1508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:02:31.0980 1508 AudioSrv - ok
22:02:32.0058 1508 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:02:32.0151 1508 avgntflt - ok
22:02:32.0183 1508 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:02:32.0214 1508 avipbb - ok
22:02:32.0245 1508 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:02:32.0261 1508 avkmgr - ok
22:02:32.0292 1508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:02:32.0385 1508 AxInstSV - ok
22:02:32.0432 1508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:02:32.0510 1508 b06bdrv - ok
22:02:32.0557 1508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:02:32.0619 1508 b57nd60a - ok
22:02:32.0651 1508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:02:32.0713 1508 BDESVC - ok
22:02:32.0729 1508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:02:32.0791 1508 Beep - ok
22:02:32.0869 1508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:02:32.0978 1508 BFE - ok
22:02:32.0994 1508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
22:02:33.0056 1508 BITS - ok
22:02:33.0072 1508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:02:33.0103 1508 blbdrive - ok
22:02:33.0197 1508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:02:33.0228 1508 Bonjour Service - ok
22:02:33.0259 1508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:02:33.0290 1508 bowser - ok
22:02:33.0337 1508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:02:33.0399 1508 BrFiltLo - ok
22:02:33.0415 1508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:02:33.0431 1508 BrFiltUp - ok
22:02:33.0462 1508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:02:33.0524 1508 Browser - ok
22:02:33.0540 1508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:02:33.0618 1508 Brserid - ok
22:02:33.0633 1508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:02:33.0665 1508 BrSerWdm - ok
22:02:33.0696 1508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:02:33.0743 1508 BrUsbMdm - ok
22:02:33.0743 1508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:02:33.0774 1508 BrUsbSer - ok
22:02:33.0789 1508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:02:33.0821 1508 BTHMODEM - ok
22:02:33.0852 1508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:02:33.0930 1508 bthserv - ok
22:02:33.0961 1508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:02:33.0992 1508 cdfs - ok
22:02:34.0039 1508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:02:34.0070 1508 cdrom - ok
22:02:34.0117 1508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:02:34.0195 1508 CertPropSvc - ok
22:02:34.0211 1508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:02:34.0226 1508 circlass - ok
22:02:34.0257 1508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:02:34.0273 1508 CLFS - ok
22:02:34.0320 1508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:02:34.0351 1508 clr_optimization_v2.0.50727_32 - ok
22:02:34.0398 1508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:02:34.0429 1508 clr_optimization_v2.0.50727_64 - ok
22:02:34.0491 1508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:02:34.0538 1508 clr_optimization_v4.0.30319_32 - ok
22:02:34.0569 1508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:02:34.0585 1508 clr_optimization_v4.0.30319_64 - ok
22:02:34.0616 1508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:02:34.0647 1508 CmBatt - ok
22:02:34.0663 1508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:02:34.0679 1508 cmdide - ok
22:02:34.0725 1508 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:02:34.0788 1508 CNG - ok
22:02:34.0788 1508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:02:34.0803 1508 Compbatt - ok
22:02:34.0819 1508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
22:02:34.0866 1508 CompositeBus - ok
22:02:34.0881 1508 COMSysApp - ok
22:02:34.0897 1508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:02:34.0913 1508 crcdisk - ok
22:02:34.0944 1508 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:02:35.0006 1508 CryptSvc - ok
22:02:35.0084 1508 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
22:02:35.0115 1508 cvhsvc - ok
22:02:35.0162 1508 [ FBCB29A76E8105D682B02C69BA9B5C22 ] DAdderFltr C:\Windows\system32\drivers\dadder.sys
22:02:35.0209 1508 DAdderFltr - ok
22:02:35.0240 1508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:02:35.0303 1508 DcomLaunch - ok
22:02:35.0334 1508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:02:35.0365 1508 defragsvc - ok
22:02:35.0396 1508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:02:35.0474 1508 DfsC - ok
22:02:35.0505 1508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:02:35.0552 1508 Dhcp - ok
22:02:35.0583 1508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:02:35.0630 1508 discache - ok
22:02:35.0646 1508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:02:35.0646 1508 Disk - ok
22:02:35.0677 1508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:02:35.0755 1508 Dnscache - ok
22:02:35.0786 1508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:02:35.0849 1508 dot3svc - ok
22:02:35.0880 1508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:02:35.0911 1508 DPS - ok
22:02:35.0927 1508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:02:35.0958 1508 drmkaud - ok
22:02:35.0989 1508 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:02:36.0020 1508 DXGKrnl - ok
22:02:36.0036 1508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:02:36.0083 1508 EapHost - ok
22:02:36.0129 1508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:02:36.0239 1508 ebdrv - ok
22:02:36.0270 1508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:02:36.0332 1508 EFS - ok
22:02:36.0395 1508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:02:36.0488 1508 ehRecvr - ok
22:02:36.0519 1508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:02:36.0582 1508 ehSched - ok
22:02:36.0629 1508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:02:36.0660 1508 elxstor - ok
22:02:36.0738 1508 [ 7DB097F4F6786307168C0DDDEC43A565 ] EPSON_EB_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
22:02:36.0785 1508 EPSON_EB_RPCV4_04 - ok
22:02:36.0800 1508 [ 258AA65A0862E19B7DE6981FDA3758AD ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
22:02:36.0831 1508 EPSON_PM_RPCV4_04 - ok
22:02:36.0847 1508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:02:36.0878 1508 ErrDev - ok
22:02:36.0909 1508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:02:36.0987 1508 EventSystem - ok
22:02:37.0019 1508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:02:37.0065 1508 exfat - ok
22:02:37.0081 1508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:02:37.0128 1508 fastfat - ok
22:02:37.0190 1508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:02:37.0253 1508 Fax - ok
22:02:37.0253 1508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:02:37.0268 1508 fdc - ok
22:02:37.0284 1508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:02:37.0331 1508 fdPHost - ok
22:02:37.0346 1508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:02:37.0409 1508 FDResPub - ok
22:02:37.0440 1508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:02:37.0455 1508 FileInfo - ok
22:02:37.0455 1508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:02:37.0518 1508 Filetrace - ok
22:02:37.0518 1508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:02:37.0549 1508 flpydisk - ok
22:02:37.0580 1508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:02:37.0627 1508 FltMgr - ok
22:02:37.0689 1508 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
22:02:37.0736 1508 FontCache - ok
22:02:37.0783 1508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:02:37.0799 1508 FontCache3.0.0.0 - ok
22:02:37.0814 1508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:02:37.0830 1508 FsDepends - ok
22:02:37.0845 1508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:02:37.0877 1508 Fs_Rec - ok
22:02:37.0908 1508 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:02:37.0939 1508 fvevol - ok
22:02:37.0970 1508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:02:37.0986 1508 gagp30kx - ok
22:02:38.0001 1508 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:02:38.0017 1508 GEARAspiWDM - ok
22:02:38.0048 1508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:02:38.0111 1508 gpsvc - ok
22:02:38.0173 1508 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:02:38.0189 1508 GREGService - ok
22:02:38.0235 1508 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:02:38.0267 1508 gusvc - ok
22:02:38.0282 1508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:02:38.0298 1508 hcw85cir - ok
22:02:38.0345 1508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:02:38.0376 1508 HdAudAddService - ok
22:02:38.0407 1508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
22:02:38.0438 1508 HDAudBus - ok
22:02:38.0454 1508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:02:38.0469 1508 HidBatt - ok
22:02:38.0485 1508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:02:38.0501 1508 HidBth - ok
22:02:38.0532 1508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:02:38.0563 1508 HidIr - ok
22:02:38.0579 1508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:02:38.0641 1508 hidserv - ok
22:02:38.0672 1508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
22:02:38.0703 1508 HidUsb - ok
22:02:38.0735 1508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:02:38.0813 1508 hkmsvc - ok
22:02:38.0859 1508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:02:38.0906 1508 HomeGroupListener - ok
22:02:38.0937 1508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:02:38.0984 1508 HomeGroupProvider - ok
22:02:39.0015 1508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:02:39.0047 1508 HpSAMD - ok
22:02:39.0078 1508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:02:39.0156 1508 HTTP - ok
22:02:39.0171 1508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:02:39.0187 1508 hwpolicy - ok
22:02:39.0218 1508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
22:02:39.0249 1508 i8042prt - ok
22:02:39.0281 1508 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
22:02:39.0296 1508 iaStor - ok
22:02:39.0359 1508 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:02:39.0374 1508 IAStorDataMgrSvc - ok
22:02:39.0405 1508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:02:39.0437 1508 iaStorV - ok
22:02:39.0499 1508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:02:39.0577 1508 idsvc - ok
22:02:39.0624 1508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:02:39.0639 1508 iirsp - ok
22:02:39.0686 1508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:02:39.0795 1508 IKEEXT - ok
22:02:39.0858 1508 [ DCF6AFBA140AF3F880A427C2656BE44D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:02:39.0920 1508 IntcAzAudAddService - ok
22:02:39.0936 1508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:02:39.0951 1508 intelide - ok
22:02:39.0967 1508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:02:39.0998 1508 intelppm - ok
22:02:40.0029 1508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:02:40.0123 1508 IPBusEnum - ok
22:02:40.0139 1508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:02:40.0201 1508 IpFilterDriver - ok
22:02:40.0263 1508 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:02:40.0310 1508 iphlpsvc - ok
22:02:40.0341 1508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:02:40.0373 1508 IPMIDRV - ok
22:02:40.0388 1508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:02:40.0435 1508 IPNAT - ok
22:02:40.0497 1508 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:02:40.0529 1508 iPod Service - ok
22:02:40.0544 1508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:02:40.0575 1508 IRENUM - ok
22:02:40.0591 1508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:02:40.0607 1508 isapnp - ok
22:02:40.0622 1508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:02:40.0653 1508 iScsiPrt - ok
22:02:40.0669 1508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
22:02:40.0685 1508 kbdclass - ok
22:02:40.0731 1508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
22:02:40.0763 1508 kbdhid - ok
22:02:40.0778 1508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:02:40.0794 1508 KeyIso - ok
22:02:40.0809 1508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:02:40.0825 1508 KSecDD - ok
22:02:40.0841 1508 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:02:40.0872 1508 KSecPkg - ok
22:02:40.0872 1508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:02:40.0919 1508 ksthunk - ok
22:02:40.0950 1508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:02:41.0012 1508 KtmRm - ok
22:02:41.0075 1508 [ 07265E0B1A6D30453539F7DFB4942BF2 ] L6TPortB C:\Windows\system32\Drivers\L6TPortB64.sys
22:02:41.0137 1508 L6TPortB - ok
22:02:41.0184 1508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:02:41.0246 1508 LanmanServer - ok
22:02:41.0262 1508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:02:41.0324 1508 LanmanWorkstation - ok
22:02:41.0355 1508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:02:41.0402 1508 lltdio - ok
22:02:41.0449 1508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:02:41.0480 1508 lltdsvc - ok
22:02:41.0496 1508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:02:41.0527 1508 lmhosts - ok
22:02:41.0558 1508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:02:41.0574 1508 LSI_FC - ok
22:02:41.0574 1508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:02:41.0589 1508 LSI_SAS - ok
22:02:41.0605 1508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:02:41.0621 1508 LSI_SAS2 - ok
22:02:41.0636 1508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:02:41.0652 1508 LSI_SCSI - ok
22:02:41.0667 1508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:02:41.0714 1508 luafv - ok
22:02:41.0792 1508 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
22:02:41.0823 1508 McComponentHostService - ok
22:02:41.0855 1508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:02:41.0886 1508 Mcx2Svc - ok
22:02:41.0917 1508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:02:41.0933 1508 megasas - ok
22:02:41.0948 1508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:02:41.0979 1508 MegaSR - ok
22:02:41.0995 1508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:02:42.0026 1508 MMCSS - ok
22:02:42.0057 1508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:02:42.0104 1508 Modem - ok
22:02:42.0120 1508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:02:42.0151 1508 monitor - ok
22:02:42.0167 1508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
22:02:42.0182 1508 mouclass - ok
22:02:42.0198 1508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:02:42.0229 1508 mouhid - ok
22:02:42.0276 1508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:02:42.0307 1508 mountmgr - ok
22:02:42.0369 1508 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:02:42.0401 1508 MozillaMaintenance - ok
22:02:42.0416 1508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:02:42.0447 1508 mpio - ok
22:02:42.0463 1508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:02:42.0525 1508 mpsdrv - ok
22:02:42.0572 1508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:02:42.0619 1508 MpsSvc - ok
22:02:42.0650 1508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:02:42.0666 1508 MRxDAV - ok
22:02:42.0681 1508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:02:42.0713 1508 mrxsmb - ok
22:02:42.0744 1508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:02:42.0775 1508 mrxsmb10 - ok
22:02:42.0791 1508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:02:42.0806 1508 mrxsmb20 - ok
22:02:42.0822 1508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:02:42.0837 1508 msahci - ok
22:02:42.0853 1508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:02:42.0869 1508 msdsm - ok
22:02:42.0884 1508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:02:42.0915 1508 MSDTC - ok
22:02:42.0947 1508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:02:42.0978 1508 Msfs - ok
22:02:42.0993 1508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:02:43.0025 1508 mshidkmdf - ok
22:02:43.0056 1508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:02:43.0071 1508 msisadrv - ok
22:02:43.0087 1508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:02:43.0165 1508 MSiSCSI - ok
22:02:43.0165 1508 msiserver - ok
22:02:43.0196 1508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:02:43.0227 1508 MSKSSRV - ok
22:02:43.0243 1508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:02:43.0290 1508 MSPCLOCK - ok
22:02:43.0305 1508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:02:43.0352 1508 MSPQM - ok
22:02:43.0383 1508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:02:43.0399 1508 MsRPC - ok
22:02:43.0415 1508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
22:02:43.0415 1508 mssmbios - ok
22:02:43.0430 1508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:02:43.0493 1508 MSTEE - ok
22:02:43.0493 1508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:02:43.0508 1508 MTConfig - ok
22:02:43.0524 1508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:02:43.0539 1508 Mup - ok
22:02:43.0586 1508 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:02:43.0602 1508 mwlPSDFilter - ok
22:02:43.0602 1508 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:02:43.0617 1508 mwlPSDNServ - ok
22:02:43.0617 1508 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:02:43.0633 1508 mwlPSDVDisk - ok
22:02:43.0695 1508 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
22:02:43.0727 1508 MWLService - ok
22:02:43.0758 1508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:02:43.0805 1508 napagent - ok
22:02:43.0836 1508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:02:43.0867 1508 NativeWifiP - ok
22:02:43.0914 1508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:02:43.0961 1508 NDIS - ok
22:02:43.0976 1508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:02:44.0039 1508 NdisCap - ok
22:02:44.0054 1508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:02:44.0101 1508 NdisTapi - ok
22:02:44.0148 1508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:02:44.0195 1508 Ndisuio - ok
22:02:44.0241 1508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:02:44.0288 1508 NdisWan - ok
22:02:44.0304 1508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:02:44.0382 1508 NDProxy - ok
22:02:44.0460 1508 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
22:02:44.0522 1508 Nero BackItUp Scheduler 4.0 - ok
22:02:44.0538 1508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:02:44.0585 1508 NetBIOS - ok
22:02:44.0600 1508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:02:44.0663 1508 NetBT - ok
22:02:44.0678 1508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:02:44.0694 1508 Netlogon - ok
22:02:44.0725 1508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:02:44.0756 1508 Netman - ok
22:02:44.0772 1508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:02:44.0819 1508 netprofm - ok
22:02:44.0850 1508 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:02:44.0850 1508 NetTcpPortSharing - ok
22:02:44.0881 1508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:02:44.0897 1508 nfrd960 - ok
22:02:45.0053 1508 [ 0BCB418C2906852C6F9347A258FD5711 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
22:02:45.0146 1508 NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
22:02:45.0146 1508 NIHardwareService - detected UnsignedFile.Multi.Generic (1)
22:02:45.0177 1508 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:02:45.0224 1508 NlaSvc - ok
22:02:45.0302 1508 [ 5839A8027D6D324A7CD494051A96628C ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
22:02:45.0396 1508 NOBU - ok
22:02:45.0396 1508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:02:45.0427 1508 Npfs - ok
22:02:45.0458 1508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:02:45.0552 1508 nsi - ok
22:02:45.0567 1508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:02:45.0614 1508 nsiproxy - ok
22:02:45.0677 1508 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:02:45.0770 1508 Ntfs - ok
22:02:45.0770 1508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:02:45.0848 1508 Null - ok
22:02:45.0864 1508 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:02:45.0879 1508 NVHDA - ok
22:02:46.0082 1508 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:02:46.0223 1508 nvlddmkm - ok
22:02:46.0269 1508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:02:46.0285 1508 nvraid - ok
22:02:46.0301 1508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:02:46.0316 1508 nvstor - ok
22:02:46.0347 1508 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:02:46.0363 1508 nvsvc - ok
22:02:46.0441 1508 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:02:46.0535 1508 nvUpdatusService - ok
22:02:46.0581 1508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:02:46.0597 1508 nv_agp - ok
22:02:46.0628 1508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:02:46.0675 1508 ohci1394 - ok
22:02:46.0706 1508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:02:46.0737 1508 ose - ok
22:02:47.0065 1508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:02:47.0221 1508 osppsvc - ok
22:02:47.0283 1508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:02:47.0315 1508 p2pimsvc - ok
22:02:47.0330 1508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:02:47.0346 1508 p2psvc - ok
22:02:47.0377 1508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:02:47.0393 1508 Parport - ok
22:02:47.0408 1508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:02:47.0424 1508 partmgr - ok
22:02:47.0439 1508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:02:47.0486 1508 PcaSvc - ok
22:02:47.0517 1508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:02:47.0533 1508 pci - ok
22:02:47.0549 1508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:02:47.0564 1508 pciide - ok
22:02:47.0595 1508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:02:47.0611 1508 pcmcia - ok
22:02:47.0611 1508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:02:47.0627 1508 pcw - ok
22:02:47.0642 1508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:02:47.0689 1508 PEAUTH - ok
22:02:47.0767 1508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:02:47.0814 1508 PerfHost - ok
22:02:47.0876 1508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:02:47.0970 1508 pla - ok
22:02:48.0017 1508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:02:48.0063 1508 PlugPlay - ok
22:02:48.0095 1508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:02:48.0110 1508 PNRPAutoReg - ok
22:02:48.0141 1508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:02:48.0157 1508 PNRPsvc - ok
22:02:48.0173 1508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:02:48.0235 1508 PolicyAgent - ok
22:02:48.0251 1508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:02:48.0313 1508 Power - ok
22:02:48.0360 1508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:02:48.0422 1508 PptpMiniport - ok
22:02:48.0516 1508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:02:48.0594 1508 Processor - ok
22:02:48.0734 1508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:02:48.0812 1508 ProfSvc - ok
22:02:48.0828 1508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:02:48.0843 1508 ProtectedStorage - ok
22:02:48.0875 1508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:02:48.0921 1508 Psched - ok
22:02:48.0968 1508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:02:49.0015 1508 ql2300 - ok
22:02:49.0062 1508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:02:49.0077 1508 ql40xx - ok
22:02:49.0124 1508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:02:49.0171 1508 QWAVE - ok
22:02:49.0187 1508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:02:49.0202 1508 QWAVEdrv - ok
22:02:49.0233 1508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:02:49.0280 1508 RasAcd - ok
22:02:49.0311 1508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:02:49.0374 1508 RasAgileVpn - ok
22:02:49.0405 1508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:02:49.0436 1508 RasAuto - ok
22:02:49.0467 1508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:02:49.0530 1508 Rasl2tp - ok
22:02:49.0577 1508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:02:49.0639 1508 RasMan - ok
22:02:49.0670 1508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:02:49.0717 1508 RasPppoe - ok
22:02:49.0748 1508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:02:49.0811 1508 RasSstp - ok
22:02:49.0826 1508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:02:49.0889 1508 rdbss - ok
22:02:49.0904 1508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:02:49.0920 1508 rdpbus - ok
22:02:49.0935 1508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:02:49.0967 1508 RDPCDD - ok
22:02:49.0998 1508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:02:50.0060 1508 RDPENCDD - ok
22:02:50.0091 1508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:02:50.0154 1508 RDPREFMP - ok
22:02:50.0185 1508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:02:50.0232 1508 RDPWD - ok
22:02:50.0263 1508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:02:50.0294 1508 rdyboost - ok
22:02:50.0310 1508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:02:50.0372 1508 RemoteAccess - ok
22:02:50.0403 1508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:02:50.0450 1508 RemoteRegistry - ok
22:02:50.0497 1508 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
22:02:50.0513 1508 RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:02:50.0513 1508 RichVideo - detected UnsignedFile.Multi.Generic (1)
22:02:50.0544 1508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:02:50.0591 1508 RpcEptMapper - ok
22:02:50.0622 1508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:02:50.0637 1508 RpcLocator - ok
22:02:50.0669 1508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:02:50.0700 1508 RpcSs - ok
22:02:50.0747 1508 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCap C:\Windows\system32\DRIVERS\rrnetcap.sys
22:02:50.0762 1508 RRNetCap - ok
22:02:50.0762 1508 [ 2ABD2B3BA2EF0C3BA82284C2A5E28675 ] RRNetCapMP C:\Windows\system32\DRIVERS\rrnetcap.sys
22:02:50.0778 1508 RRNetCapMP - ok
22:02:50.0809 1508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:02:50.0856 1508 rspndr - ok
22:02:50.0887 1508 [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:02:50.0918 1508 RTL8167 - ok
22:02:50.0934 1508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:02:50.0949 1508 SamSs - ok
22:02:50.0965 1508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:02:50.0996 1508 sbp2port - ok
22:02:51.0012 1508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:02:51.0059 1508 SCardSvr - ok
22:02:51.0090 1508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:02:51.0137 1508 scfilter - ok
22:02:51.0199 1508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:02:51.0308 1508 Schedule - ok
22:02:51.0339 1508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:02:51.0386 1508 SCPolicySvc - ok
22:02:51.0417 1508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:02:51.0449 1508 SDRSVC - ok
22:02:51.0464 1508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:02:51.0495 1508 secdrv - ok
22:02:51.0527 1508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:02:51.0605 1508 seclogon - ok
22:02:51.0636 1508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:02:51.0698 1508 SENS - ok
22:02:51.0698 1508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:02:51.0745 1508 SensrSvc - ok
22:02:51.0745 1508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:02:51.0776 1508 Serenum - ok
22:02:51.0807 1508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:02:51.0854 1508 Serial - ok
22:02:51.0885 1508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:02:51.0917 1508 sermouse - ok
22:02:51.0963 1508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:02:52.0041 1508 SessionEnv - ok
22:02:52.0073 1508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:02:52.0119 1508 sffdisk - ok
22:02:52.0119 1508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:02:52.0151 1508 sffp_mmc - ok
22:02:52.0166 1508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:02:52.0197 1508 sffp_sd - ok
22:02:52.0229 1508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:02:52.0260 1508 sfloppy - ok
22:02:52.0307 1508 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
22:02:52.0338 1508 Sftfs - ok
22:02:52.0369 1508 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
22:02:52.0385 1508 sftlist - ok
22:02:52.0400 1508 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
22:02:52.0416 1508 Sftplay - ok
22:02:52.0431 1508 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
22:02:52.0447 1508 Sftredir - ok
22:02:52.0447 1508 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
22:02:52.0463 1508 Sftvol - ok
22:02:52.0478 1508 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
22:02:52.0478 1508 sftvsa - ok
22:02:52.0494 1508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:02:52.0556 1508 SharedAccess - ok
22:02:52.0587 1508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:02:52.0650 1508 ShellHWDetection - ok
22:02:52.0681 1508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:02:52.0697 1508 SiSRaid2 - ok
22:02:52.0697 1508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:02:52.0712 1508 SiSRaid4 - ok
22:02:52.0743 1508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:02:52.0775 1508 Smb - ok
22:02:52.0806 1508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:02:52.0821 1508 SNMPTRAP - ok
22:02:52.0821 1508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:02:52.0837 1508 spldr - ok
22:02:52.0884 1508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:02:52.0946 1508 Spooler - ok
22:02:53.0024 1508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:02:53.0180 1508 sppsvc - ok
22:02:53.0196 1508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:02:53.0258 1508 sppuinotify - ok
22:02:53.0321 1508 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
22:02:53.0321 1508 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
22:02:53.0321 1508 sptd ( LockedFile.Multi.Generic ) - warning
22:02:53.0321 1508 sptd - detected LockedFile.Multi.Generic (1)
22:02:53.0352 1508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:02:53.0414 1508 srv - ok
22:02:53.0414 1508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:02:53.0461 1508 srv2 - ok
22:02:53.0461 1508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:02:53.0492 1508 srvnet - ok
22:02:53.0523 1508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:02:53.0586 1508 SSDPSRV - ok
22:02:53.0601 1508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:02:53.0633 1508 SstpSvc - ok
22:02:53.0695 1508 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:02:53.0726 1508 Stereo Service - ok
22:02:53.0742 1508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:02:53.0757 1508 stexstor - ok
22:02:53.0789 1508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:02:53.0851 1508 stisvc - ok
22:02:53.0867 1508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
22:02:53.0882 1508 swenum - ok
22:02:53.0913 1508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:02:53.0976 1508 swprv - ok
22:02:54.0038 1508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:02:54.0132 1508 SysMain - ok
22:02:54.0163 1508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:02:54.0179 1508 TabletInputService - ok
22:02:54.0210 1508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:02:54.0272 1508 TapiSrv - ok
22:02:54.0319 1508 [ 4430E9B4C60AAB672D16E801BAD0555E ] tbhsd C:\Windows\system32\drivers\tbhsd.sys
22:02:54.0319 1508 tbhsd - ok
22:02:54.0335 1508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:02:54.0381 1508 TBS - ok
22:02:54.0444 1508 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:02:54.0506 1508 Tcpip - ok
22:02:54.0553 1508 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:02:54.0584 1508 TCPIP6 - ok
22:02:54.0600 1508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:02:54.0631 1508 tcpipreg - ok
22:02:54.0662 1508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:02:54.0693 1508 TDPIPE - ok
22:02:54.0725 1508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:02:54.0771 1508 TDTCP - ok
22:02:54.0787 1508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:02:54.0834 1508 tdx - ok
22:02:54.0865 1508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
22:02:54.0865 1508 TermDD - ok
22:02:54.0912 1508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:02:55.0021 1508 TermService - ok
22:02:55.0037 1508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:02:55.0083 1508 Themes - ok
22:02:55.0099 1508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:02:55.0130 1508 THREADORDER - ok
22:02:55.0146 1508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:02:55.0193 1508 TrkWks - ok
22:02:55.0224 1508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:02:55.0302 1508 TrustedInstaller - ok
22:02:55.0333 1508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:02:55.0411 1508 tssecsrv - ok
22:02:55.0458 1508 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:02:55.0489 1508 TsUsbFlt - ok
22:02:55.0551 1508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:02:55.0629 1508 tunnel - ok
22:02:55.0645 1508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:02:55.0661 1508 uagp35 - ok
22:02:55.0692 1508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:02:55.0754 1508 udfs - ok
22:02:55.0785 1508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:02:55.0801 1508 UI0Detect - ok
22:02:55.0832 1508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:02:55.0848 1508 uliagpkx - ok
22:02:55.0879 1508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
22:02:55.0910 1508 umbus - ok
22:02:55.0941 1508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:02:55.0973 1508 UmPass - ok
22:02:56.0019 1508 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:02:56.0035 1508 Updater Service - ok
22:02:56.0051 1508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:02:56.0113 1508 upnphost - ok
22:02:56.0175 1508 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
22:02:56.0207 1508 USBAAPL64 - ok
22:02:56.0222 1508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:02:56.0285 1508 usbccgp - ok
22:02:56.0300 1508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:02:56.0347 1508 usbcir - ok
22:02:56.0378 1508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
22:02:56.0409 1508 usbehci - ok
22:02:56.0456 1508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:02:56.0503 1508 usbhub - ok
22:02:56.0503 1508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:02:56.0534 1508 usbohci - ok
22:02:56.0565 1508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:02:56.0612 1508 usbprint - ok
22:02:56.0643 1508 [ B5E6C4F280EBF0B16F74A5B415F2E0DF ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
22:02:56.0659 1508 USBS3S4Detection - ok
22:02:56.0675 1508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:02:56.0721 1508 USBSTOR - ok
22:02:56.0721 1508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:02:56.0768 1508 usbuhci - ok
22:02:56.0799 1508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:02:56.0877 1508 UxSms - ok
22:02:56.0877 1508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:02:56.0893 1508 VaultSvc - ok
22:02:56.0924 1508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:02:56.0955 1508 vdrvroot - ok
22:02:56.0987 1508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:02:57.0065 1508 vds - ok
22:02:57.0080 1508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:02:57.0096 1508 vga - ok
22:02:57.0111 1508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:02:57.0174 1508 VgaSave - ok
22:02:57.0205 1508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:02:57.0221 1508 vhdmp - ok
22:02:57.0252 1508 [ 1161ACFF728D97F75D74D2F1465F8A46 ] vhidmini C:\Windows\system32\DRIVERS\vHidDev.sys
22:02:57.0299 1508 vhidmini - ok
22:02:57.0299 1508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:02:57.0330 1508 viaide - ok
22:02:57.0345 1508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:02:57.0361 1508 volmgr - ok
22:02:57.0392 1508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:02:57.0408 1508 volmgrx - ok
22:02:57.0423 1508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:02:57.0439 1508 volsnap - ok
22:02:57.0470 1508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:02:57.0486 1508 vsmraid - ok
22:02:57.0533 1508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:02:57.0626 1508 VSS - ok
22:02:57.0642 1508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:02:57.0673 1508 vwifibus - ok
22:02:57.0720 1508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:02:57.0798 1508 W32Time - ok
22:02:57.0813 1508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:02:57.0829 1508 WacomPen - ok
22:02:57.0860 1508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:02:57.0907 1508 WANARP - ok
22:02:57.0923 1508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:02:57.0969 1508 Wanarpv6 - ok
22:02:58.0016 1508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:02:58.0079 1508 wbengine - ok
22:02:58.0110 1508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:02:58.0125 1508 WbioSrvc - ok
22:02:58.0157 1508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:02:58.0172 1508 wcncsvc - ok
22:02:58.0188 1508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:02:58.0203 1508 WcsPlugInService - ok
22:02:58.0219 1508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:02:58.0235 1508 Wd - ok
22:02:58.0281 1508 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:02:58.0313 1508 Wdf01000 - ok
22:02:58.0328 1508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:02:58.0422 1508 WdiServiceHost - ok
22:02:58.0437 1508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:02:58.0453 1508 WdiSystemHost - ok
22:02:58.0484 1508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:02:58.0547 1508 WebClient - ok
22:02:58.0547 1508 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:02:58.0609 1508 Wecsvc - ok
22:02:58.0625 1508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:02:58.0671 1508 wercplsupport - ok
22:02:58.0687 1508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:02:58.0765 1508 WerSvc - ok
22:02:58.0796 1508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:02:58.0843 1508 WfpLwf - ok
22:02:58.0859 1508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:02:58.0874 1508 WIMMount - ok
22:02:58.0890 1508 WinDefend - ok
22:02:58.0890 1508 WinHttpAutoProxySvc - ok
22:02:58.0952 1508 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:02:59.0030 1508 Winmgmt - ok
22:02:59.0108 1508 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:02:59.0313 1508 WinRM - ok
22:02:59.0375 1508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
22:02:59.0407 1508 WinUsb - ok
22:02:59.0438 1508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:02:59.0485 1508 Wlansvc - ok
22:02:59.0500 1508 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:02:59.0516 1508 wlcrasvc - ok
22:02:59.0641 1508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:02:59.0719 1508 wlidsvc - ok
22:02:59.0750 1508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:02:59.0781 1508 WmiAcpi - ok
22:02:59.0812 1508 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:02:59.0828 1508 wmiApSrv - ok
22:02:59.0859 1508 WMPNetworkSvc - ok
22:02:59.0875 1508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:02:59.0906 1508 WPCSvc - ok
22:02:59.0937 1508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:02:59.0953 1508 WPDBusEnum - ok
22:02:59.0968 1508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:03:00.0015 1508 ws2ifsl - ok
22:03:00.0031 1508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
22:03:00.0062 1508 wscsvc - ok
22:03:00.0062 1508 WSearch - ok
22:03:00.0124 1508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:03:00.0218 1508 wuauserv - ok
22:03:00.0249 1508 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:03:00.0265 1508 WudfPf - ok
22:03:00.0296 1508 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:00.0311 1508 WUDFRd - ok
22:03:00.0343 1508 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:03:00.0389 1508 wudfsvc - ok
22:03:00.0421 1508 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
22:03:00.0483 1508 WwanSvc - ok
22:03:00.0483 1508 ================ Scan global ===============================
22:03:00.0514 1508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:03:00.0545 1508 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:03:00.0561 1508 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
22:03:00.0592 1508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:03:00.0608 1508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:03:00.0623 1508 [Global] - ok
22:03:00.0623 1508 ================ Scan MBR ==================================
22:03:00.0639 1508 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:03:00.0873 1508 \Device\Harddisk0\DR0 - ok
22:03:00.0873 1508 ================ Scan VBR ==================================
22:03:00.0873 1508 [ 586B0CADCF50F22ED448BF83F11EBB65 ] \Device\Harddisk0\DR0\Partition1
22:03:00.0873 1508 \Device\Harddisk0\DR0\Partition1 - ok
22:03:00.0889 1508 [ 6A7169E29300129D964DA2833A17B5DB ] \Device\Harddisk0\DR0\Partition2
22:03:00.0904 1508 \Device\Harddisk0\DR0\Partition2 - ok
22:03:00.0904 1508 [ C2470B5078D77089D865CF092E489F06 ] \Device\Harddisk0\DR0\Partition3
22:03:00.0920 1508 \Device\Harddisk0\DR0\Partition3 - ok
22:03:00.0920 1508 ============================================================
22:03:00.0920 1508 Scan finished
22:03:00.0920 1508 ============================================================
22:03:00.0920 3528 Detected object count: 4
22:03:00.0920 3528 Actual detected object count: 4
22:03:29.0374 3528 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:03:29.0374 3528 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:03:29.0374 3528 NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
22:03:29.0374 3528 NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:03:29.0374 3528 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:03:29.0374 3528 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:03:29.0374 3528 sptd ( LockedFile.Multi.Generic ) - skipped by user
22:03:29.0374 3528 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:03:56.0768 3492 Deinitialize success
|
|
| Themen zu Legal Software Department |
| arten, bildschirm, bli, booten, department, externer, falsch, farbar, festplatte, hallo zusammen, legal, legal software department, neu, platte, schwarz, software, starte, starten, super, versuch, versucht, weisse, zusammen |
Linear-Darstellung
