| |
| |||||||
Log-Analyse und Auswertung: delta searchWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.06.2013, 19:44
| #1 |
 |  delta search Hallo ich habe mir einen Virus? eingefangen. Auf meiner Toolleiste hat sich ein "Delta-search.com" eingenistet. Angefangen hat es damit, dass ich mir sims3 aus der Stadtbibliothek besorgt habe und aufgespielt habe. Zuerst habe ich es gar nicht richtig bemerkt. Dann habe ich den Rechner über Systemsteuerung einen Monat zurückgesetzt. Das hat auch nicht geholfen. Zwischendurch ist auch mein Outlook nicht mehr zu öffnen gewesen. Im Internet habe ich über Youtube einen Film angesehen wonach das Löschen über Systemsteuerung/Programme deinstallieren geht. Bei mir funktionierte das aber nicht. Ich habe dann von "Ryder" gelesen wie es gemacht werden soll und diesen angeschrieben, da ich das nicht verstanden habe (bin Anfänger). Im nachhinein habe ich erst gelesen, dass ich ein neues Thema öffnen muss. Bitte um Entschuldigung. Ich habe übrigens Window 7 als Betriebssystem und habe sonst immer Google crome. Bitte helft mir wie ich dieses Delta-search wieder loswerden kann. Ich habe Angst um meine Daten. Vielen Dank und liebe Grüsse Anfänger 341 |
|
13.06.2013, 19:45
| #2 |
| /// Malware-holic   | delta search Hi,
__________________finger weg von der swh bei schädlingen. Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
13.06.2013, 20:03
| #3 |
| | delta search Hallo,
__________________bitte wie lade ich OTL herunter? Danke Anfänger 31 |
|
13.06.2013, 20:27
| #4 |
| /// Malware-holic | delta search da sind 2 links in der anleitung.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 21:03
| #5 |
| | delta search Hallo Markus, ich habe jetzt alles so gemacht wie es da steht. Das ist eine ziemlich große Datei u. a. mit meinen Namen. Soll ich meinen Namen durch Sternchen ersetzten? Und ist mit "in das Theard kopieren" diese Seite gemeint oder muss ich irgendwoanders hin kopieren? Danke, dass Du so spät noch auf bist und mir hilfst! Anfänger 341 |
|
13.06.2013, 21:14
| #6 |
| /// Malware-holic | delta search genau, auf bearbeiten gehen, suchen und ersetzen, ins obere feld namen eingeben, aber nur wenn du vor und nachname hast, vorname kann bleiben, ins nächste feld *** und dann alle ersetzen und hier ins thema kopieren.
__________________ --> delta search |
|
13.06.2013, 21:19
| #7 |
| | delta search Hallo hier die DateiOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 13.Jun.2013 21:44:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karola\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MMM.yyyy
3,00 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 60,70% Memory free
6,00 Gb Paging File | 4,68 Gb Available in Paging File | 77,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 890,41 Gb Total Space | 808,01 Gb Free Space | 90,75% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 23,53 Gb Free Space | 58,82% Space Free | Partition Type: NTFS
Drive F: | 931,28 Gb Total Space | 918,31 Gb Free Space | 98,61% Space Free | Partition Type: FAT32
Computer Name: KAROLA-PC | User Name: Karola | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [CEWE FOTOSCHAU] -- "C:\Users\Karola\Desktop\Foto\Meine CEWE FOTOWELT\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Meine CEWE FOTOWELT] -- "C:\Users\Karola\Desktop\Foto\Meine CEWE FOTOWELT\Meine CEWE FOTOWELT.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0354961A-BB40-4D8B-A305-FA2B2664E25B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1EDBA4C5-8626-43E4-9917-B34A93920F51}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1FD6B8D7-DAD9-423A-9335-4CF58A78C5A2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2A5422DF-F83C-4950-B7BC-535767A7704C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2AAA52F9-F152-4B64-8855-D1B41168869A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2E529FCC-28AF-4343-ACB8-3F22FB56D4F2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{327F7D2F-DB6D-4D5C-B02B-9A3DB7989C9C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{37C522BF-B9DC-44BD-8F2A-0449F9D7B0A1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{49EBDC60-5494-4A99-BEA4-E99FB71760A4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{82799CCE-EF1D-46DD-8ECB-DB57D5AB49BC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{87B81872-5B53-4171-860F-A412590BDB30}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{99ADE214-A354-4297-BE04-F3FAB965C442}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A169B9E7-A080-4BD3-B1F8-8F7FF48AC18A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B11AA14C-16A0-448E-9F0C-BA8C79077681}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CA8BD925-B000-414E-A0A1-E8AB1DFE9BFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CBA39608-4CF8-4032-8314-FCD55E4EA992}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0031F457-0487-4422-9F4D-0F3DB8272407}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{16A90CF1-E4F4-41E2-9E11-782FAC13E159}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicator.exe |
"{16C63ABB-1C4E-48D4-BFDD-AFCB7DB6B23E}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{1E8CFDDA-E8EB-4AB7-AA23-9ED9CA40F4E5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2507069E-F5D6-4C18-A046-C571CEDD20C6}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\faxapplications.exe |
"{262166ED-6490-4FB6-AB1F-8008F54430D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{26B1ABA4-D804-40FD-B9BE-0FB10A4C6322}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\digitalwizards.exe |
"{278D2A6E-601B-4C24-B8C1-9AD2926F6E6C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28C5C8E2-BF81-411F-968E-4930B29796A0}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{2A5D01EA-ADBA-40A8-8E50-14E1B00EE505}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{2E262167-8195-4073-8128-9378D273EE4F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{35D62B33-56F0-497E-AF0B-7237961305F5}" = dir=in | app=c:\program files\cyberlink\mediasync\mediasyncagent.exe |
"{3638CC8F-8B50-4730-B651-AC06B74956CD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{38510A7A-6BA4-4F26-A3FA-AC2B2096B6FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{48A3CFC3-3126-4DB4-BB4C-F15E2298475B}" = dir=in | app=c:\program files\cyberlink\mediasync\mediasync.exe |
"{60109C3D-EADA-4362-B1B1-017BE4881D50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{67DC4D90-7E17-43FB-8811-8D4612F94AB0}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\hpnetworkcommunicatorcom.exe |
"{7511CB1A-3719-4D80-AD9F-61DB3859FFC6}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{7E5EDD8D-A53D-49F5-9AD4-C730946288FA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7F506247-538C-48CE-9A85-742BD232986C}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{85994D35-4C29-4D83-84F7-76A440486EAC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8A457385-ACD8-401C-B1C1-9D1BD9A11177}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8AE247A8-AAAC-4F6A-ACC9-4DA50E6828A7}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{90768193-03B0-4634-8AB5-1A6ACDDB573B}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\devicesetup.exe |
"{96B9A377-AB0B-4B7A-BB26-0A9A1CAE6EBF}" = protocol=6 | dir=out | app=system |
"{9D392AB6-BA57-49A1-834B-986B41E38CCA}" = dir=in | app=c:\program files\hp\hp officejet 4620 series\bin\sendafax.exe |
"{A1DAAD47-D0DD-40D4-A820-0FEB155078AF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B950EE33-10E9-4094-BE00-54E48F59314F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C8279932-D624-41E5-9284-D13DA478545D}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{D72B3F61-A288-4918-8105-EFC22E886FD2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{DDC3E153-BAF3-4146-8993-3A6A8B664539}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{E11A6B91-1D5C-46AC-B98D-F64BB310EF50}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E447785F-FF95-4A11-AAD7-1577C601DCC0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F24A8D75-C900-4999-83DF-A5A2AC3EEC88}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F488FC0E-AD09-4577-912D-A59836A9BDAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{8DEF3BFB-EC59-44CF-B343-E97972818192}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{B205E628-24AB-48EC-83DE-A472D2B9907C}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{C82D3542-0E3C-427B-9F05-C48BA063015B}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{27F48712-55C4-4AF2-B84A-6868168A5F8E}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{3E5CD6BC-4416-4BC4-BB75-4214B33BD5B7}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{CFC47996-085B-49E3-9A82-FA57B936EC64}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{05F47394-298E-43F5-82A1-249969CCB6ED}" = MAGIX Speed burnR (MSI)
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{093561FF-BC54-CD42-77BD-4885F16C60B7}" = CCC Help Danish
"{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}" = SweetIM for Messenger 3.6
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{12DA6AE3-4BE5-4422-937A-74713F656DF1}" = MAGIX Foto Manager 10
"{17D39326-BF2B-FCE9-DE84-58EE76F945CD}" = CCC Help French
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}" = Windows Live Family Safety
"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A33A7E1-C756-473A-B233-E3AE5554C7C7}" = MAGIX Foto & Grafik Designer 6
"{4A4940D6-418E-867B-F214-2B0C58E7961D}" = CCC Help Swedish
"{4D605B2E-DC56-45f6-809C-E29BF9470DB9}" = CyberLink MediaSync
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{701BDB1B-8D00-8C67-6F64-BDD3B58EC827}" = CCC Help Norwegian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{717130C7-FEA7-4D63-AEE3-00EF2F41ACDD}" = HP Officejet 4620 series - Grundlegende Software für das Gerät
"{72EDA2AC-2908-4BB3-97E5-4F9DDEBF9731}" = HP Officejet 4620 series Hilfe
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Search-Results Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.OUTLOOKR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.OUTLOOKR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOKR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.OUTLOOKR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.OUTLOOKR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006D-0407-0000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.OUTLOOKR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{91140000-001A-0000-0000-0000000FF1CE}" = Microsoft Office Outlook 2010
"{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B17F7230-4A61-4F4A-8B7F-ADEA26974DA2}" = Erfolgreich_bewerben_bei_Banken
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B20F9D1C-A0A5-4cd8-8306-DE95842311B1}" = REALTEK Wireless LAN Driver
"{B355AD55-ED88-4A46-015D-51AAD00EB57D}" = CCC Help Japanese
"{B95FB6E3-8373-52BC-C824-8DDB1D6DD049}" = CCC Help Dutch
"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoplus
"{B995F1C0-7AAC-4378-AD11-9A0ECF05A4B6}" = MAGIX Online Druck Service
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BE4AE3A7-190D-BCB8-A953-A708C9E8E8AA}" = ATI Catalyst Install Manager
"{BE89CC37-B5F6-4AC9-8E5B-1152DCA35AEA}" = MAGIX Foto Premium 10
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C09C15F5-DDB7-3820-CF1A-798051174EC7}" = CCC Help Italian
"{C2214950-8342-4878-1286-31D0F07FDC34}" = Catalyst Control Center Localization All
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C39F6C00-142E-48AC-633F-15E6AA7E24D8}" = Catalyst Control Center Graphics Previews Vista
"{C47D990B-5D5C-B6A6-A04D-676379D39170}" = CCC Help English
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C7105B49-9E6E-C93C-74E6-858B0863F604}" = Catalyst Control Center InstallProxy
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE7F2CA3-ADA3-4907-9013-8B61C370B6E4}" = Haufe Formular-Manager
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}" = CorelDRAW Essentials 4 - Windows Shell Extension
"{CF52C7EA-BDEF-A58F-6F33-0431076766C8}" = ccc-utility
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7C7EA35-4C51-F874-3AB7-95DC40DDA494}" = CCC Help German
"{D81845B4-5239-AD56-39A5-9FCFE528330F}" = ccc-core-static
"{DD1D7C0C-1AA0-40E5-ADA6-F95230D0CBB2}" = Studie zur Verbesserung von HP Officejet 4620 series Produkten
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DFD284CD-501F-B36C-67D9-05D4D7D590AB}" = CCC Help Spanish
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = Babylon Chrome Toolbar
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EAC1A606-1D31-AC37-90DD-5684A6E7D2E8}" = CCC Help Finnish
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F394BEFF-527E-4038-A6D4-A68D795A4E40}" = MAGIX Screenshare
"{F5A4F780-DF0C-444F-BA82-637CCF5C8052}" = Windows Live Family Safety
"{F6A6DFF9-F71C-4BA6-B437-F18872866D3D}" = Bing Bar
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}" = WISO Bewerbung
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AOL Deutschland Toolbar" = AOL Deutschland Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFG-Azada" = Azada
"Daub Ages" = Daub Ages! 1.53
"Digital Editions" = Adobe Digital Editions
"DTGDesktop-Android" = Documents To Go Desktop for Android
"ElsterFormular 13.0.0.8086p" = ElsterFormular
"ElsterFormular für Privatanwender 12.2.0.6412p" = ElsterFormular-Upgrade
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"Franzis Lebenslauf" = Franzis Lebenslauf
"Genealogie-Service Lexikon" = Genealogie-Service Lexikon
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{4D605B2E-DC56-45f6-809C-E29BF9470DB9}" = CyberLink MediaSync
"InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}" = Medion Home Cinema
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"Lateinische Ausgangsschrift LA_is1" = Pelikan Schulschriften
"MAGIX_MSI_Foto_Grafik_Designer_6_FP10" = MAGIX Foto & Grafik Designer 6
"MAGIX_MSI_Foto_Manager_10" = MAGIX Foto Manager 10
"MAGIX_MSI_Foto_Premium_10" = MAGIX Foto Premium 10
"Meine CEWE FOTOWELT" = Meine CEWE FOTOWELT
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MPE" = MyPhoneExplorer
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.OUTLOOKR" = Microsoft Outlook 2010
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.0b
"phase-6" = phase-6 2.3.0
"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena
"SoftwareUpdUtility" = Download Updater (AOL Inc.)
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Deutschland Toolbar" = AOL Deutschland Toolbar
"DrKawashima" = Dr Kawashima
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.Jun.2013 10:27:42 | Computer Name = Karola-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ipmGui.exe, Version: 13.6.0.986,
Zeitstempel: 0x5138c26f Name des fehlerhaften Moduls: mfc100u.dll, Version: 10.0.40219.325,
Zeitstempel: 0x4df2e0e6 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001ebd89 ID des fehlerhaften
Prozesses: 0x534 Startzeit der fehlerhaften Anwendung: 0x01ce68422a1dfaa5 Pfad der
fehlerhaften Anwendung: C:\program files\avira\antivir desktop\ipmGui.exe Pfad des
fehlerhaften Moduls: C:\Windows\system32\mfc100u.dll Berichtskennung: 67f7bfaa-d435-11e2-a997-6c626d5f3b8e
Error - 13.Jun.2013 11:26:41 | Computer Name = Karola-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
"System Writer". Details: AddCoreCsiFiles : GetNextFileMapContent() failed. System
Error: Falscher Parameter. .
Error - 13.Jun.2013 11:31:22 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 12:19:34 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 12:24:23 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 12:24:42 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 12:36:37 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 13:01:30 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 14:04:34 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
Error - 13.Jun.2013 14:05:46 | Computer Name = Karola-PC | Source = Avira Antivirus | ID = 4110
Description = Während der Initialisierung der Suchengine trat ein unbekannter Fehler
auf! Fehlercode: 0x35
[ System Events ]
Error - 13.Jun.2013 12:40:31 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2845690)
Error - 13.Jun.2013 12:41:20 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2839229)
Error - 13.Jun.2013 12:41:20 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 (KB2836502)
Error - 13.Jun.2013 12:44:20 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2813430)
Error - 13.Jun.2013 12:44:20 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2839894)
Error - 13.Jun.2013 12:47:58 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 (KB2808679)
Error - 13.Jun.2013 12:47:58 | Computer Name = Karola-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 (KB2834140)
Error - 13.Jun.2013 13:01:30 | Computer Name = Karola-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.
Error - 13.Jun.2013 14:04:34 | Computer Name = Karola-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.
Error - 13.Jun.2013 14:05:46 | Computer Name = Karola-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.
< End of report >
Und hier die andere Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.Jun.2013 21:44:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karola\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MMM.yyyy 3,00 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 60,70% Memory free 6,00 Gb Paging File | 4,68 Gb Available in Paging File | 77,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 890,41 Gb Total Space | 808,01 Gb Free Space | 90,75% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 23,53 Gb Free Space | 58,82% Space Free | Partition Type: NTFS Drive F: | 931,28 Gb Total Space | 918,31 Gb Free Space | 98,61% Space Free | Partition Type: FAT32 Computer Name: KAROLA-PC | User Name: Karola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Karola\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger) PRC - C:\Programme\MyPhoneExplorer\DLL\adb.exe () PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Search-Results) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f7cb3ae5de64f8cbde3ccc57c780743a\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\MyPhoneExplorer\DLL\adb.exe () MOD - C:\Programme\MyPhoneExplorer\IconLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV - (RTL8192su) -- C:\Windows\System32\drivers\rtl8192su.sys (Realtek Semiconductor Corporation ) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110231&tt=5212_2&babsrc=SP_ss&mntrId=5ef7949100000000000074f06d53fe49 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de IE - HKCU\..\SearchScopes\{8B24905B-8F38-449B-B9EE-8CBF958A868D}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.8\FF [2012.12.28 14:04:05 | 000,000,000 | ---D | M] [2013.03.05 21:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions [2013.03.05 21:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions\{847441a0-668c-4f1e-857f-7fb5fabebdb9} [2013.01.20 12:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.12.28 14:03:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: Delta Search CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Lord of the Rings = C:\Users\Karola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjlpffkkkndaegmljeiheebaedgdiab\2.8_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (AOL Deutschland Toolbar Loader) - {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (AOL Deutschland Toolbar) - {567d4d94-8077-4682-b887-945f3d644116} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Deutschland Toolbar) - {567D4D94-8077-4682-B887-945F3D644116} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Search-Results) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [MediaSyncAgent] C:\Program Files\CyberLink\MediaSync\MediaSyncAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKCU..\Run: [Alamandi tray notifier] C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe File not found O4 - HKCU..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [MyPhoneExplorer] C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger) O4 - HKCU..\Run: [Spiele Post] C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe File not found O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Users\Karola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Programme\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Programme\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: pytalhost.de ([www.tc-sepia-re] http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: tc-sepia-re.de ([www] http in Vertrauenswürdige Sites) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{da232390-7cc7-11e2-8b55-6c626d5f3b8e}\Shell - "" = AutoRun O33 - MountPoints2\{da232390-7cc7-11e2-8b55-6c626d5f3b8e}\Shell\AutoRun\command - "" = K:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2013.06.13 21:23:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Karola\Desktop\OTL.exe [2013.06.13 18:37:29 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{5D037CCD-75C6-4BFC-A4AC-5848E255E148} [2013.06.13 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FF308AF4-E237-41F8-A5DD-608C2ECEF8B9} [2013.06.13 16:27:02 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{4DB5DFDB-C3B0-4457-9545-F05AC4538624} [2013.06.11 17:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2013.06.11 17:32:10 | 000,000,000 | ---D | C] -- C:\Users\Karola\Documents\Electronic Arts [2013.06.11 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games [2013.06.11 17:23:52 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\Origin [2013.06.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\Origin [2013.06.11 17:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2013.06.11 17:23:07 | 000,000,000 | ---D | C] -- C:\Program Files\Origin [2013.06.11 17:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2013.06.11 17:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2013.06.11 17:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2013.06.11 09:51:31 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{7E9DE9E7-CA7D-4B24-9196-796248EC0C16} [2013.06.10 20:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoSaver [2013.06.10 20:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.06.10 20:11:49 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\WebCake [2013.06.10 20:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake [2013.06.10 20:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.06.10 16:59:11 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{618B6DFA-9ED0-4D46-BA17-2ECBE5744FF5} [2013.06.09 20:09:26 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{103F5722-A52A-4054-8415-8BDE340F2BA8} [2013.06.08 11:29:48 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E5DB783E-253E-4825-B5F5-4163AF9B9938} [2013.06.07 07:00:33 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{5E8ADAD5-C47A-4539-92C0-1C23B29B12A1} [2013.06.05 10:25:38 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E73459B9-9D68-4E6E-90A0-594C2E844E37} [2013.06.04 13:06:04 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{B53AFC72-CFB4-48CC-A930-3E0C26DBF1ED} [2013.06.03 17:12:58 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{3B1F3B09-0F35-475F-8101-65F5584804FC} [2013.06.03 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{D0E4CC83-8FB9-4E58-998E-FA206A2B5FB1} [2013.06.02 16:54:23 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FA42D718-1B2C-46A1-A13F-5EFF618375E6} [2013.05.31 18:13:43 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{97822941-626C-40E2-AF7A-992C81313586} [2013.05.29 12:14:58 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{F9E97AE5-CF3E-456D-9036-4E31DA32FBA7} [2013.05.28 23:08:35 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\UClick [2013.05.28 23:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\UClick [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations [2013.05.28 19:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Fugazo [2013.05.28 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{36935F0F-2CDC-41B3-A518-56C2A0117502} [2013.05.27 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\casanova [2013.05.27 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{DE24F584-C8CE-4660-B704-55CB5329D5E8} [2013.05.26 13:20:59 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{7565C5A5-CEA4-4665-896F-726918643439} [2013.05.25 15:56:48 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{ADCEC41A-C6E3-453D-B448-D0014A1CEB82} [2013.05.24 10:24:22 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{C98A95D2-9AAF-4360-9A5C-C3B9AB7F4928} [2013.05.22 07:03:49 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{93C81D0F-BBDD-44DF-937B-828C75514229} [2013.05.21 18:22:15 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{545155BE-0156-4B92-A206-B6F21400D07C} [2013.05.18 09:54:22 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{82C4BE1A-339E-4A59-ACEF-F82A6A13AB71} [2013.05.17 09:13:45 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E8D9DF2A-30B6-4179-8878-695A14A88B19} [2013.05.16 17:12:41 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{CBF8D8D0-14ED-4ACB-B712-E2E04D8A0109} [2013.05.15 15:15:05 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FCB15F81-8185-413F-8A1A-A26BC831EFCB} [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Users\Karola\Documents\*.tmp files -> C:\Users\Karola\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.13 21:45:41 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 21:45:41 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 21:38:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.13 21:37:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.13 21:37:30 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys [2013.06.13 21:23:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karola\Desktop\OTL.exe [2013.06.13 20:58:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.12 17:32:50 | 000,000,054 | ---- | M] () -- C:\Users\Karola\Desktop\Dortmund (English-speaking church).url [2013.06.12 17:31:40 | 000,000,063 | ---- | M] () -- C:\Users\Karola\Desktop\Hamm - Evangelisch-methodistische Kirche.url [2013.06.12 17:30:57 | 000,000,064 | ---- | M] () -- C:\Users\Karola\Desktop\Willkommen.url [2013.06.12 17:30:14 | 000,000,065 | ---- | M] () -- C:\Users\Karola\Desktop\Bochum - Evangelisch-methodistische Kirche.url [2013.06.12 17:29:51 | 000,000,072 | ---- | M] () -- C:\Users\Karola\Desktop\Gelsenkirchen - Evangelisch-methodistische Kirche.url [2013.06.11 12:00:56 | 000,000,131 | ---- | M] () -- C:\Users\Karola\Desktop\FHBund Berufsperspektiven.url [2013.05.28 19:49:38 | 000,000,327 | ---- | M] () -- C:\Users\Karola\Desktop\HP Druckerdiagnosetools.url [2013.05.28 19:49:06 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2013.05.16 17:09:13 | 000,497,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.15 22:11:19 | 000,654,594 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.15 22:11:19 | 000,616,476 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.15 22:11:19 | 000,130,208 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.15 22:11:19 | 000,106,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Users\Karola\Documents\*.tmp files -> C:\Users\Karola\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.12 17:32:50 | 000,000,054 | ---- | C] () -- C:\Users\Karola\Desktop\Dortmund (English-speaking church).url [2013.06.12 17:31:40 | 000,000,063 | ---- | C] () -- C:\Users\Karola\Desktop\Hamm - Evangelisch-methodistische Kirche.url [2013.06.12 17:30:57 | 000,000,064 | ---- | C] () -- C:\Users\Karola\Desktop\Willkommen.url [2013.06.12 17:30:14 | 000,000,065 | ---- | C] () -- C:\Users\Karola\Desktop\Bochum - Evangelisch-methodistische Kirche.url [2013.06.12 17:29:51 | 000,000,072 | ---- | C] () -- C:\Users\Karola\Desktop\Gelsenkirchen - Evangelisch-methodistische Kirche.url [2013.06.11 12:00:56 | 000,000,131 | ---- | C] () -- C:\Users\Karola\Desktop\FHBund Berufsperspektiven.url [2013.05.28 19:49:38 | 000,000,327 | ---- | C] () -- C:\Users\Karola\Desktop\HP Druckerdiagnosetools.url [2013.05.28 19:49:06 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2013.05.05 20:26:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2013.04.18 16:48:46 | 000,000,266 | ---- | C] () -- C:\Windows\BUHL.INI [2013.04.06 20:36:50 | 000,032,211 | ---- | C] () -- C:\Users\Karola\Elster ESt2012_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola 1.elfo [2013.03.05 21:08:18 | 000,063,488 | ---- | C] () -- C:\Windows\System32\Eztw32.dll [2012.09.05 20:43:46 | 000,000,083 | ---- | C] () -- C:\Windows\GU.INI [2012.07.18 20:20:48 | 000,235,870 | ---- | C] () -- C:\Users\Karola\ESt2011_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karolay.elfo [2012.07.18 10:00:22 | 000,032,781 | ---- | C] () -- C:\Users\Karola\ESt2011_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola.elfo [2012.07.14 20:24:21 | 000,002,625 | ---- | C] () -- C:\Users\Karola\ESt20011 Kreutzenbeck Rolf und Kreutzenbeck Karola.elfo [2012.05.27 17:58:24 | 000,000,680 | RHS- | C] () -- C:\Users\Karola\ntuser.pol [2012.02.04 20:22:10 | 000,017,408 | ---- | C] () -- C:\Users\Karola\AppData\Local\WebpageIcons.db [2011.07.06 12:56:35 | 000,027,071 | ---- | C] () -- C:\Users\Karola\ESt2010_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola.elfo ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.12.28 14:03:40 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\BabSolution [2012.12.28 14:03:00 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Babylon [2011.10.17 15:22:27 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Big Fish Games [2013.05.27 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\casanova [2013.03.20 18:16:44 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\DocumentsToGoDesktopAndroid [2012.07.14 19:22:08 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\elsterformular [2012.11.25 12:16:45 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\GetRightToGo [2013.03.05 21:07:43 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Haufe Mediengruppe [2012.02.02 15:44:35 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\iMaxGen [2012.09.28 16:48:17 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic Academy [2012.09.28 18:09:36 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic Academy 2 [2012.11.07 17:30:23 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic3 [2011.04.07 20:52:29 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\MAGIX [2013.06.13 18:35:31 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\MyPhoneExplorer [2012.12.26 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Nitreal Games [2013.06.11 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Origin [2012.11.20 15:13:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Orneon [2012.11.05 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Phase6 [2011.10.17 15:31:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Playrix Entertainment [2010.10.06 21:22:38 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\SoftGrid Client [2013.01.20 12:55:05 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\TomTom [2010.10.03 20:44:46 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\TP [2013.05.28 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\UClick [2010.12.14 08:01:04 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Uniblue [2012.11.02 17:45:50 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\V-Games [2013.06.13 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\WebCake [2012.07.25 21:27:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:0EC7A545 @Alternate Data Stream - 174 bytes -> C:\ProgramData\Temp:AECF4772 @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:D987CB43 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:70E897B5 < End of report > Und hier die andere Datei:OTL Logfile: Code:
ATTFilter OTL logfile created on: 13.Jun.2013 21:44:14 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Karola\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MMM.yyyy 3,00 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 60,70% Memory free 6,00 Gb Paging File | 4,68 Gb Available in Paging File | 77,98% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 890,41 Gb Total Space | 808,01 Gb Free Space | 90,75% Space Free | Partition Type: NTFS Drive D: | 40,00 Gb Total Space | 23,53 Gb Free Space | 58,82% Space Free | Partition Type: NTFS Drive F: | 931,28 Gb Total Space | 918,31 Gb Free Space | 98,61% Space Free | Partition Type: FAT32 Computer Name: KAROLA-PC | User Name: Karola | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Karola\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger) PRC - C:\Programme\MyPhoneExplorer\DLL\adb.exe () PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Programme\Ask.com\Updater\Updater.exe (Search-Results) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\System32\atieclxx.exe (AMD) PRC - C:\Windows\System32\atiesrxx.exe (AMD) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\f7cb3ae5de64f8cbde3ccc57c780743a\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Programme\MyPhoneExplorer\DLL\adb.exe () MOD - C:\Programme\MyPhoneExplorer\IconLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation) SRV - (cvhsvc) -- C:\Programme\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) SRV - (sftvsa) -- C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Programme\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD) SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (YahooAUService) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (Sftvol) -- C:\Windows\System32\drivers\Sftvollh.sys (Microsoft Corporation) DRV - (Sftredir) -- C:\Windows\System32\drivers\Sftredirlh.sys (Microsoft Corporation) DRV - (Sftplay) -- C:\Windows\System32\drivers\Sftplaylh.sys (Microsoft Corporation) DRV - (Sftfs) -- C:\Windows\System32\drivers\Sftfslh.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.) DRV - (RTL8192su) -- C:\Windows\System32\drivers\rtl8192su.sys (Realtek Semiconductor Corporation ) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. [binary data] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=110231&tt=5212_2&babsrc=SP_ss&mntrId=5ef7949100000000000074f06d53fe49 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_de IE - HKCU\..\SearchScopes\{8B24905B-8F38-449B-B9EE-8CBF958A868D}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}: C:\Program Files\PriceGong\2.6.8\FF [2012.12.28 14:04:05 | 000,000,000 | ---D | M] [2013.03.05 21:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions [2013.03.05 21:07:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions\{847441a0-668c-4f1e-857f-7fb5fabebdb9} [2013.01.20 12:55:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Karola\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.12.28 14:03:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: Delta Search CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: InoViewer Plugin (Enabled) = C:\Program Files\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - Extension: Lord of the Rings = C:\Users\Karola\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjlpffkkkndaegmljeiheebaedgdiab\2.8_0\ O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O2 - BHO: (AOL Deutschland Toolbar Loader) - {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (AOL Deutschland Toolbar) - {567d4d94-8077-4682-b887-945f3d644116} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (AOL Deutschland Toolbar) - {567D4D94-8077-4682-B887-945F3D644116} - C:\Programme\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Search-Results) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Search-Results) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [MediaSyncAgent] C:\Program Files\CyberLink\MediaSync\MediaSyncAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKCU..\Run: [Alamandi tray notifier] C:\Program Files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe File not found O4 - HKCU..\Run: [EPSON Stylus DX8400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION) O4 - HKCU..\Run: [MyPhoneExplorer] C:\Program Files\MyPhoneExplorer\MyPhoneExplorer.exe (F.J. Wechselberger) O4 - HKCU..\Run: [Spiele Post] C:\Program Files\OXXOGames\GPlayer\GameCenterNotifier.exe File not found O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O4 - Startup: C:\Users\Karola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Programme\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Programme\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: pytalhost.de ([www.tc-sepia-re] http in Vertrauenswürdige Sites) O15 - HKCU\..Trusted Domains: tc-sepia-re.de ([www] http in Vertrauenswürdige Sites) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C7E6CD9-BDFA-4788-AA0F-146DE9693532}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF3F26A8-CAA2-45C6-9B8B-7AC9D5B5A0FF}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{da232390-7cc7-11e2-8b55-6c626d5f3b8e}\Shell - "" = AutoRun O33 - MountPoints2\{da232390-7cc7-11e2-8b55-6c626d5f3b8e}\Shell\AutoRun\command - "" = K:\setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) NetSvcs: FastUserSwitchingCompatibility - File not found NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation) NetSvcs: Nla - File not found NetSvcs: Ntmssvc - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: SRService - File not found NetSvcs: WmdmPmSp - File not found NetSvcs: LogonHours - File not found NetSvcs: PCAudit - File not found NetSvcs: helpsvc - File not found NetSvcs: uploadmgr - File not found ========== Files/Folders - Created Within 30 Days ========== [2013.06.13 21:23:19 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Karola\Desktop\OTL.exe [2013.06.13 18:37:29 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{5D037CCD-75C6-4BFC-A4AC-5848E255E148} [2013.06.13 18:20:51 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FF308AF4-E237-41F8-A5DD-608C2ECEF8B9} [2013.06.13 16:27:02 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{4DB5DFDB-C3B0-4457-9545-F05AC4538624} [2013.06.11 17:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core [2013.06.11 17:32:10 | 000,000,000 | ---D | C] -- C:\Users\Karola\Documents\Electronic Arts [2013.06.11 17:27:25 | 000,000,000 | ---D | C] -- C:\Program Files\Origin Games [2013.06.11 17:23:52 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\Origin [2013.06.11 17:23:51 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\Origin [2013.06.11 17:23:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin [2013.06.11 17:23:07 | 000,000,000 | ---D | C] -- C:\Program Files\Origin [2013.06.11 17:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts [2013.06.11 17:18:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft WSE [2013.06.11 17:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2013.06.11 09:51:31 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{7E9DE9E7-CA7D-4B24-9196-796248EC0C16} [2013.06.10 20:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\VideoSaver [2013.06.10 20:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.06.10 20:11:49 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\WebCake [2013.06.10 20:11:48 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake [2013.06.10 20:11:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.06.10 16:59:11 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{618B6DFA-9ED0-4D46-BA17-2ECBE5744FF5} [2013.06.09 20:09:26 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{103F5722-A52A-4054-8415-8BDE340F2BA8} [2013.06.08 11:29:48 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E5DB783E-253E-4825-B5F5-4163AF9B9938} [2013.06.07 07:00:33 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{5E8ADAD5-C47A-4539-92C0-1C23B29B12A1} [2013.06.05 10:25:38 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E73459B9-9D68-4E6E-90A0-594C2E844E37} [2013.06.04 13:06:04 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{B53AFC72-CFB4-48CC-A930-3E0C26DBF1ED} [2013.06.03 17:12:58 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{3B1F3B09-0F35-475F-8101-65F5584804FC} [2013.06.03 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{D0E4CC83-8FB9-4E58-998E-FA206A2B5FB1} [2013.06.02 16:54:23 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FA42D718-1B2C-46A1-A13F-5EFF618375E6} [2013.05.31 18:13:43 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{97822941-626C-40E2-AF7A-992C81313586} [2013.05.29 12:14:58 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{F9E97AE5-CF3E-456D-9036-4E31DA32FBA7} [2013.05.28 23:08:35 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\UClick [2013.05.28 23:08:35 | 000,000,000 | ---D | C] -- C:\ProgramData\UClick [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Visan [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations [2013.05.28 19:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations [2013.05.28 19:19:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Fugazo [2013.05.28 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{36935F0F-2CDC-41B3-A518-56C2A0117502} [2013.05.27 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Roaming\casanova [2013.05.27 15:48:50 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{DE24F584-C8CE-4660-B704-55CB5329D5E8} [2013.05.26 13:20:59 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{7565C5A5-CEA4-4665-896F-726918643439} [2013.05.25 15:56:48 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{ADCEC41A-C6E3-453D-B448-D0014A1CEB82} [2013.05.24 10:24:22 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{C98A95D2-9AAF-4360-9A5C-C3B9AB7F4928} [2013.05.22 07:03:49 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{93C81D0F-BBDD-44DF-937B-828C75514229} [2013.05.21 18:22:15 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{545155BE-0156-4B92-A206-B6F21400D07C} [2013.05.18 09:54:22 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{82C4BE1A-339E-4A59-ACEF-F82A6A13AB71} [2013.05.17 09:13:45 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{E8D9DF2A-30B6-4179-8878-695A14A88B19} [2013.05.16 17:12:41 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{CBF8D8D0-14ED-4ACB-B712-E2E04D8A0109} [2013.05.15 15:15:05 | 000,000,000 | ---D | C] -- C:\Users\Karola\AppData\Local\{FCB15F81-8185-413F-8A1A-A26BC831EFCB} [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Users\Karola\Documents\*.tmp files -> C:\Users\Karola\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.06.13 21:45:41 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 21:45:41 | 000,009,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.13 21:38:53 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.13 21:37:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.13 21:37:30 | 2415,321,088 | -HS- | M] () -- C:\hiberfil.sys [2013.06.13 21:23:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Karola\Desktop\OTL.exe [2013.06.13 20:58:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.12 17:32:50 | 000,000,054 | ---- | M] () -- C:\Users\Karola\Desktop\Dortmund (English-speaking church).url [2013.06.12 17:31:40 | 000,000,063 | ---- | M] () -- C:\Users\Karola\Desktop\Hamm - Evangelisch-methodistische Kirche.url [2013.06.12 17:30:57 | 000,000,064 | ---- | M] () -- C:\Users\Karola\Desktop\Willkommen.url [2013.06.12 17:30:14 | 000,000,065 | ---- | M] () -- C:\Users\Karola\Desktop\Bochum - Evangelisch-methodistische Kirche.url [2013.06.12 17:29:51 | 000,000,072 | ---- | M] () -- C:\Users\Karola\Desktop\Gelsenkirchen - Evangelisch-methodistische Kirche.url [2013.06.11 12:00:56 | 000,000,131 | ---- | M] () -- C:\Users\Karola\Desktop\FHBund Berufsperspektiven.url [2013.05.28 19:49:38 | 000,000,327 | ---- | M] () -- C:\Users\Karola\Desktop\HP Druckerdiagnosetools.url [2013.05.28 19:49:06 | 000,001,953 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2013.05.16 17:09:13 | 000,497,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.15 22:11:19 | 000,654,594 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.15 22:11:19 | 000,616,476 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.15 22:11:19 | 000,130,208 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.15 22:11:19 | 000,106,598 | ---- | M] () -- C:\Windows\System32\perfc009.dat [1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [1 C:\Users\Karola\Documents\*.tmp files -> C:\Users\Karola\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.06.12 17:32:50 | 000,000,054 | ---- | C] () -- C:\Users\Karola\Desktop\Dortmund (English-speaking church).url [2013.06.12 17:31:40 | 000,000,063 | ---- | C] () -- C:\Users\Karola\Desktop\Hamm - Evangelisch-methodistische Kirche.url [2013.06.12 17:30:57 | 000,000,064 | ---- | C] () -- C:\Users\Karola\Desktop\Willkommen.url [2013.06.12 17:30:14 | 000,000,065 | ---- | C] () -- C:\Users\Karola\Desktop\Bochum - Evangelisch-methodistische Kirche.url [2013.06.12 17:29:51 | 000,000,072 | ---- | C] () -- C:\Users\Karola\Desktop\Gelsenkirchen - Evangelisch-methodistische Kirche.url [2013.06.11 12:00:56 | 000,000,131 | ---- | C] () -- C:\Users\Karola\Desktop\FHBund Berufsperspektiven.url [2013.05.28 19:49:38 | 000,000,327 | ---- | C] () -- C:\Users\Karola\Desktop\HP Druckerdiagnosetools.url [2013.05.28 19:49:06 | 000,001,953 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk [2013.05.05 20:26:41 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2013.04.18 16:48:46 | 000,000,266 | ---- | C] () -- C:\Windows\BUHL.INI [2013.04.06 20:36:50 | 000,032,211 | ---- | C] () -- C:\Users\Karola\Elster ESt2012_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola 1.elfo [2013.03.05 21:08:18 | 000,063,488 | ---- | C] () -- C:\Windows\System32\Eztw32.dll [2012.09.05 20:43:46 | 000,000,083 | ---- | C] () -- C:\Windows\GU.INI [2012.07.18 20:20:48 | 000,235,870 | ---- | C] () -- C:\Users\Karola\ESt2011_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karolay.elfo [2012.07.18 10:00:22 | 000,032,781 | ---- | C] () -- C:\Users\Karola\ESt2011_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola.elfo [2012.07.14 20:24:21 | 000,002,625 | ---- | C] () -- C:\Users\Karola\ESt20011 Kreutzenbeck Rolf und Kreutzenbeck Karola.elfo [2012.05.27 17:58:24 | 000,000,680 | RHS- | C] () -- C:\Users\Karola\ntuser.pol [2012.02.04 20:22:10 | 000,017,408 | ---- | C] () -- C:\Users\Karola\AppData\Local\WebpageIcons.db [2011.07.06 12:56:35 | 000,027,071 | ---- | C] () -- C:\Users\Karola\ESt2010_Kreutzenbeck_Rolf_und_Kreutzenbeck_Karola.elfo ========== ZeroAccess Check ========== [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2012.12.28 14:03:40 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\BabSolution [2012.12.28 14:03:00 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Babylon [2011.10.17 15:22:27 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Big Fish Games [2013.05.27 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\casanova [2013.03.20 18:16:44 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\DocumentsToGoDesktopAndroid [2012.07.14 19:22:08 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\elsterformular [2012.11.25 12:16:45 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\GetRightToGo [2013.03.05 21:07:43 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Haufe Mediengruppe [2012.02.02 15:44:35 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\iMaxGen [2012.09.28 16:48:17 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic Academy [2012.09.28 18:09:36 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic Academy 2 [2012.11.07 17:30:23 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Magic3 [2011.04.07 20:52:29 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\MAGIX [2013.06.13 18:35:31 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\MyPhoneExplorer [2012.12.26 16:26:03 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Nitreal Games [2013.06.11 17:23:51 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Origin [2012.11.20 15:13:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Orneon [2012.11.05 17:21:31 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Phase6 [2011.10.17 15:31:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Playrix Entertainment [2010.10.06 21:22:38 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\SoftGrid Client [2013.01.20 12:55:05 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\TomTom [2010.10.03 20:44:46 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\TP [2013.05.28 23:08:35 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\UClick [2010.12.14 08:01:04 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Uniblue [2012.11.02 17:45:50 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\V-Games [2013.06.13 18:35:26 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\WebCake [2012.07.25 21:27:13 | 000,000,000 | ---D | M] -- C:\Users\Karola\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:0EC7A545 @Alternate Data Stream - 174 bytes -> C:\ProgramData\Temp:AECF4772 @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:D987CB43 @Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:70E897B5 < End of report > |
|
13.06.2013, 21:27
| #8 |
| /// Malware-holic | delta search Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 21:58
| #9 |
| | delta search Hallo, hier was in Laufwerk C: TDSSKiller ... steht: 22:54:15.0243 5584 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33 22:54:15.0377 5584 ============================================================ 22:54:15.0377 5584 Current date / time: 2013/06/13 22:54:15.0377 22:54:15.0377 5584 SystemInfo: 22:54:15.0377 5584 22:54:15.0377 5584 OS Version: 6.1.7601 ServicePack: 1.0 22:54:15.0378 5584 Product type: Workstation 22:54:15.0378 5584 ComputerName: KAROLA-PC 22:54:15.0378 5584 UserName: Karola 22:54:15.0378 5584 Windows directory: C:\Windows 22:54:15.0378 5584 System windows directory: C:\Windows 22:54:15.0378 5584 Processor architecture: Intel x86 22:54:15.0378 5584 Number of processors: 2 22:54:15.0378 5584 Page size: 0x1000 22:54:15.0378 5584 Boot type: Normal boot 22:54:15.0378 5584 ============================================================ 22:54:15.0913 5584 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 22:54:15.0913 5584 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 22:54:15.0923 5584 ============================================================ 22:54:15.0923 5584 \Device\Harddisk0\DR0: 22:54:15.0923 5584 MBR partitions: 22:54:15.0923 5584 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 22:54:15.0923 5584 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F4D3000 22:54:15.0923 5584 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6F505800, BlocksNum 0x5000000 22:54:15.0923 5584 \Device\Harddisk1\DR1: 22:54:15.0924 5584 MBR partitions: 22:54:15.0924 5584 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982 22:54:15.0924 5584 ============================================================ 22:54:15.0955 5584 C: <-> \Device\Harddisk0\DR0\Partition2 22:54:16.0013 5584 D: <-> \Device\Harddisk0\DR0\Partition3 22:54:16.0014 5584 F: <-> \Device\Harddisk1\DR1\Partition1 22:54:16.0015 5584 ============================================================ 22:54:16.0015 5584 Initialize success 22:54:16.0015 5584 ============================================================ 22:54:22.0956 7088 ============================================================ 22:54:22.0956 7088 Scan started 22:54:22.0956 7088 Mode: Manual; 22:54:22.0956 7088 ============================================================ 22:54:23.0905 7088 ================ Scan system memory ======================== 22:54:23.0905 7088 System memory - ok 22:54:23.0905 7088 ================ Scan services ============================= 22:54:24.0151 7088 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 22:54:24.0155 7088 1394ohci - ok 22:54:24.0232 7088 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 22:54:24.0237 7088 ACPI - ok 22:54:24.0288 7088 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 22:54:24.0290 7088 AcpiPmi - ok 22:54:24.0488 7088 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 22:54:24.0490 7088 AdobeARMservice - ok 22:54:24.0548 7088 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 22:54:24.0555 7088 adp94xx - ok 22:54:24.0570 7088 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 22:54:24.0575 7088 adpahci - ok 22:54:24.0590 7088 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 22:54:24.0594 7088 adpu320 - ok 22:54:24.0625 7088 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 22:54:24.0627 7088 AeLookupSvc - ok 22:54:24.0694 7088 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 22:54:24.0700 7088 AFD - ok 22:54:24.0731 7088 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 22:54:24.0733 7088 agp440 - ok 22:54:24.0794 7088 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 22:54:24.0796 7088 aic78xx - ok 22:54:24.0843 7088 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 22:54:24.0845 7088 ALG - ok 22:54:24.0893 7088 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 22:54:24.0895 7088 aliide - ok 22:54:24.0948 7088 [ 60201AD353105D8C6796C1B69E6C49F0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 22:54:24.0950 7088 AMD External Events Utility - ok 22:54:24.0963 7088 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 22:54:24.0965 7088 amdagp - ok 22:54:24.0984 7088 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 22:54:24.0985 7088 amdide - ok 22:54:25.0023 7088 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 22:54:25.0024 7088 AmdK8 - ok 22:54:25.0134 7088 [ 51610B74A9A1D84DC86FCE1019BEAFF4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 22:54:25.0188 7088 amdkmdag - ok 22:54:25.0242 7088 [ CD1D86AB81EECE67D7BD6F7EF9786CCC ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 22:54:25.0249 7088 amdkmdap - ok 22:54:25.0301 7088 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 22:54:25.0302 7088 AmdPPM - ok 22:54:25.0363 7088 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 22:54:25.0364 7088 amdsata - ok 22:54:25.0398 7088 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 22:54:25.0400 7088 amdsbs - ok 22:54:25.0414 7088 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 22:54:25.0415 7088 amdxata - ok 22:54:25.0503 7088 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 22:54:25.0506 7088 AntiVirSchedulerService - ok 22:54:25.0574 7088 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 22:54:25.0576 7088 AntiVirService - ok 22:54:25.0635 7088 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 22:54:25.0637 7088 AppID - ok 22:54:25.0691 7088 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 22:54:25.0693 7088 AppIDSvc - ok 22:54:25.0732 7088 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll 22:54:25.0734 7088 Appinfo - ok 22:54:25.0798 7088 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 22:54:25.0800 7088 arc - ok 22:54:25.0810 7088 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 22:54:25.0812 7088 arcsas - ok 22:54:25.0828 7088 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 22:54:25.0829 7088 AsyncMac - ok 22:54:25.0891 7088 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 22:54:25.0892 7088 atapi - ok 22:54:25.0952 7088 [ 8DF873D0587596C1D35A9CECECC61DA1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 22:54:25.0954 7088 AtiHdmiService - ok 22:54:26.0018 7088 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 22:54:26.0025 7088 AudioEndpointBuilder - ok 22:54:26.0037 7088 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 22:54:26.0042 7088 Audiosrv - ok 22:54:26.0116 7088 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 22:54:26.0118 7088 avgntflt - ok 22:54:26.0195 7088 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 22:54:26.0197 7088 avipbb - ok 22:54:26.0207 7088 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 22:54:26.0208 7088 avkmgr - ok 22:54:26.0287 7088 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 22:54:26.0293 7088 AxInstSV - ok 22:54:26.0356 7088 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 22:54:26.0364 7088 b06bdrv - ok 22:54:26.0423 7088 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 22:54:26.0427 7088 b57nd60x - ok 22:54:26.0513 7088 [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE 22:54:26.0517 7088 BBSvc - ok 22:54:26.0540 7088 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE 22:54:26.0544 7088 BBUpdate - ok 22:54:26.0577 7088 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 22:54:26.0580 7088 BDESVC - ok 22:54:26.0595 7088 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 22:54:26.0597 7088 Beep - ok 22:54:26.0655 7088 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 22:54:26.0663 7088 BFE - ok 22:54:26.0682 7088 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 22:54:26.0695 7088 BITS - ok 22:54:26.0708 7088 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 22:54:26.0709 7088 blbdrive - ok 22:54:26.0729 7088 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 22:54:26.0730 7088 bowser - ok 22:54:26.0757 7088 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 22:54:26.0759 7088 BrFiltLo - ok 22:54:26.0767 7088 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 22:54:26.0768 7088 BrFiltUp - ok 22:54:26.0819 7088 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 22:54:26.0821 7088 Browser - ok 22:54:26.0977 7088 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe 22:54:27.0000 7088 BrowserDefendert - ok 22:54:27.0022 7088 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 22:54:27.0024 7088 Brserid - ok 22:54:27.0039 7088 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 22:54:27.0040 7088 BrSerWdm - ok 22:54:27.0049 7088 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 22:54:27.0050 7088 BrUsbMdm - ok 22:54:27.0080 7088 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 22:54:27.0081 7088 BrUsbSer - ok 22:54:27.0099 7088 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 22:54:27.0101 7088 BTHMODEM - ok 22:54:27.0161 7088 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 22:54:27.0164 7088 bthserv - ok 22:54:27.0207 7088 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 22:54:27.0210 7088 cdfs - ok 22:54:27.0323 7088 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 22:54:27.0326 7088 cdrom - ok 22:54:27.0382 7088 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 22:54:27.0384 7088 CertPropSvc - ok 22:54:27.0399 7088 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 22:54:27.0401 7088 circlass - ok 22:54:27.0419 7088 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 22:54:27.0423 7088 CLFS - ok 22:54:27.0500 7088 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:54:27.0502 7088 clr_optimization_v2.0.50727_32 - ok 22:54:27.0568 7088 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:54:27.0571 7088 clr_optimization_v4.0.30319_32 - ok 22:54:27.0602 7088 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 22:54:27.0604 7088 CmBatt - ok 22:54:27.0642 7088 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 22:54:27.0644 7088 cmdide - ok 22:54:27.0672 7088 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 22:54:27.0678 7088 CNG - ok 22:54:27.0697 7088 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 22:54:27.0698 7088 Compbatt - ok 22:54:27.0752 7088 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 22:54:27.0753 7088 CompositeBus - ok 22:54:27.0780 7088 COMSysApp - ok 22:54:27.0814 7088 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 22:54:27.0815 7088 crcdisk - ok 22:54:27.0851 7088 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll 22:54:27.0854 7088 CryptSvc - ok 22:54:27.0929 7088 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 22:54:27.0939 7088 cvhsvc - ok 22:54:27.0965 7088 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 22:54:27.0972 7088 DcomLaunch - ok 22:54:28.0003 7088 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 22:54:28.0006 7088 defragsvc - ok 22:54:28.0031 7088 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 22:54:28.0032 7088 DfsC - ok 22:54:28.0077 7088 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 22:54:28.0082 7088 Dhcp - ok 22:54:28.0115 7088 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 22:54:28.0117 7088 discache - ok 22:54:28.0172 7088 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 22:54:28.0174 7088 Disk - ok 22:54:28.0191 7088 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 22:54:28.0195 7088 Dnscache - ok 22:54:28.0220 7088 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 22:54:28.0225 7088 dot3svc - ok 22:54:28.0250 7088 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 22:54:28.0252 7088 DPS - ok 22:54:28.0297 7088 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 22:54:28.0298 7088 drmkaud - ok 22:54:28.0341 7088 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 22:54:28.0351 7088 DXGKrnl - ok 22:54:28.0413 7088 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 22:54:28.0417 7088 EapHost - ok 22:54:28.0538 7088 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 22:54:28.0582 7088 ebdrv - ok 22:54:28.0607 7088 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 22:54:28.0609 7088 EFS - ok 22:54:28.0687 7088 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 22:54:28.0696 7088 ehRecvr - ok 22:54:28.0733 7088 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 22:54:28.0735 7088 ehSched - ok 22:54:28.0802 7088 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 22:54:28.0810 7088 elxstor - ok 22:54:28.0875 7088 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE 22:54:28.0877 7088 EPSON_PM_RPCV4_01 - ok 22:54:28.0909 7088 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 22:54:28.0910 7088 ErrDev - ok 22:54:28.0996 7088 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 22:54:29.0002 7088 EventSystem - ok 22:54:29.0018 7088 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 22:54:29.0022 7088 exfat - ok 22:54:29.0083 7088 Fabs - ok 22:54:29.0101 7088 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 22:54:29.0104 7088 fastfat - ok 22:54:29.0138 7088 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 22:54:29.0147 7088 Fax - ok 22:54:29.0176 7088 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 22:54:29.0178 7088 fdc - ok 22:54:29.0197 7088 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 22:54:29.0199 7088 fdPHost - ok 22:54:29.0228 7088 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 22:54:29.0231 7088 FDResPub - ok 22:54:29.0246 7088 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 22:54:29.0248 7088 FileInfo - ok 22:54:29.0264 7088 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 22:54:29.0266 7088 Filetrace - ok 22:54:29.0331 7088 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe 22:54:29.0368 7088 FirebirdServerMAGIXInstance - ok 22:54:29.0382 7088 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 22:54:29.0383 7088 flpydisk - ok 22:54:29.0442 7088 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 22:54:29.0444 7088 FltMgr - ok 22:54:29.0518 7088 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll 22:54:29.0529 7088 FontCache - ok 22:54:29.0609 7088 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 22:54:29.0611 7088 FontCache3.0.0.0 - ok 22:54:29.0623 7088 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 22:54:29.0625 7088 FsDepends - ok 22:54:29.0685 7088 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 22:54:29.0686 7088 fssfltr - ok 22:54:29.0749 7088 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 22:54:29.0771 7088 fsssvc - ok 22:54:29.0792 7088 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 22:54:29.0794 7088 Fs_Rec - ok 22:54:29.0822 7088 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 22:54:29.0825 7088 fvevol - ok 22:54:29.0889 7088 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 22:54:29.0891 7088 gagp30kx - ok 22:54:29.0926 7088 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 22:54:29.0937 7088 gpsvc - ok 22:54:29.0984 7088 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 22:54:29.0987 7088 gupdate - ok 22:54:30.0013 7088 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 22:54:30.0015 7088 gupdatem - ok 22:54:30.0057 7088 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 22:54:30.0061 7088 gusvc - ok 22:54:30.0080 7088 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 22:54:30.0082 7088 hcw85cir - ok 22:54:30.0108 7088 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 22:54:30.0113 7088 HdAudAddService - ok 22:54:30.0167 7088 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 22:54:30.0169 7088 HDAudBus - ok 22:54:30.0199 7088 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 22:54:30.0200 7088 HidBatt - ok 22:54:30.0218 7088 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 22:54:30.0220 7088 HidBth - ok 22:54:30.0234 7088 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 22:54:30.0236 7088 HidIr - ok 22:54:30.0269 7088 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 22:54:30.0271 7088 hidserv - ok 22:54:30.0335 7088 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys 22:54:30.0336 7088 HidUsb - ok 22:54:30.0359 7088 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 22:54:30.0363 7088 hkmsvc - ok 22:54:30.0383 7088 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 22:54:30.0388 7088 HomeGroupListener - ok 22:54:30.0417 7088 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 22:54:30.0424 7088 HomeGroupProvider - ok 22:54:30.0457 7088 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 22:54:30.0459 7088 HpSAMD - ok 22:54:30.0518 7088 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 22:54:30.0525 7088 HTTP - ok 22:54:30.0549 7088 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 22:54:30.0551 7088 hwpolicy - ok 22:54:30.0602 7088 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 22:54:30.0605 7088 i8042prt - ok 22:54:30.0639 7088 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 22:54:30.0643 7088 iaStor - ok 22:54:30.0722 7088 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 22:54:30.0724 7088 IAStorDataMgrSvc - ok 22:54:30.0774 7088 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 22:54:30.0780 7088 iaStorV - ok 22:54:30.0907 7088 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 22:54:30.0909 7088 IDriverT - ok 22:54:30.0950 7088 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:54:30.0969 7088 idsvc - ok 22:54:31.0076 7088 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 22:54:31.0122 7088 igfx - ok 22:54:31.0183 7088 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 22:54:31.0188 7088 iirsp - ok 22:54:31.0271 7088 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 22:54:31.0283 7088 IKEEXT - ok 22:54:31.0427 7088 [ F4427E5DF32CDE359B2E2E5512D18001 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 22:54:31.0459 7088 IntcAzAudAddService - ok 22:54:31.0493 7088 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 22:54:31.0494 7088 intelide - ok 22:54:31.0546 7088 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 22:54:31.0548 7088 intelppm - ok 22:54:31.0583 7088 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 22:54:31.0587 7088 IPBusEnum - ok 22:54:31.0603 7088 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:54:31.0605 7088 IpFilterDriver - ok 22:54:31.0633 7088 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 22:54:31.0639 7088 iphlpsvc - ok 22:54:31.0652 7088 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 22:54:31.0654 7088 IPMIDRV - ok 22:54:31.0666 7088 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 22:54:31.0668 7088 IPNAT - ok 22:54:31.0723 7088 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 22:54:31.0725 7088 IRENUM - ok 22:54:31.0741 7088 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 22:54:31.0742 7088 isapnp - ok 22:54:31.0760 7088 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 22:54:31.0763 7088 iScsiPrt - ok 22:54:31.0806 7088 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 22:54:31.0807 7088 kbdclass - ok 22:54:31.0861 7088 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 22:54:31.0863 7088 kbdhid - ok 22:54:31.0873 7088 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 22:54:31.0877 7088 KeyIso - ok 22:54:31.0892 7088 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 22:54:31.0894 7088 KSecDD - ok 22:54:31.0909 7088 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 22:54:31.0912 7088 KSecPkg - ok 22:54:31.0946 7088 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 22:54:31.0953 7088 KtmRm - ok 22:54:31.0974 7088 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 22:54:31.0980 7088 LanmanServer - ok 22:54:32.0000 7088 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 22:54:32.0006 7088 LanmanWorkstation - ok 22:54:32.0078 7088 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 22:54:32.0080 7088 lltdio - ok 22:54:32.0099 7088 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 22:54:32.0105 7088 lltdsvc - ok 22:54:32.0111 7088 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 22:54:32.0115 7088 lmhosts - ok 22:54:32.0162 7088 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 22:54:32.0164 7088 LSI_FC - ok 22:54:32.0171 7088 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 22:54:32.0173 7088 LSI_SAS - ok 22:54:32.0188 7088 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 22:54:32.0189 7088 LSI_SAS2 - ok 22:54:32.0206 7088 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 22:54:32.0208 7088 LSI_SCSI - ok 22:54:32.0255 7088 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 22:54:32.0256 7088 luafv - ok 22:54:32.0280 7088 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 22:54:32.0282 7088 Mcx2Svc - ok 22:54:32.0310 7088 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 22:54:32.0311 7088 megasas - ok 22:54:32.0323 7088 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 22:54:32.0326 7088 MegaSR - ok 22:54:32.0351 7088 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 22:54:32.0353 7088 MMCSS - ok 22:54:32.0368 7088 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 22:54:32.0369 7088 Modem - ok 22:54:32.0407 7088 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 22:54:32.0408 7088 monitor - ok 22:54:32.0473 7088 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys 22:54:32.0475 7088 mouclass - ok 22:54:32.0517 7088 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 22:54:32.0518 7088 mouhid - ok 22:54:32.0539 7088 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 22:54:32.0542 7088 mountmgr - ok 22:54:32.0571 7088 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 22:54:32.0574 7088 mpio - ok 22:54:32.0586 7088 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 22:54:32.0588 7088 mpsdrv - ok 22:54:32.0625 7088 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 22:54:32.0633 7088 MpsSvc - ok 22:54:32.0651 7088 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 22:54:32.0653 7088 MRxDAV - ok 22:54:32.0710 7088 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 22:54:32.0713 7088 mrxsmb - ok 22:54:32.0731 7088 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:54:32.0736 7088 mrxsmb10 - ok 22:54:32.0750 7088 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:54:32.0753 7088 mrxsmb20 - ok 22:54:32.0763 7088 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 22:54:32.0764 7088 msahci - ok 22:54:32.0782 7088 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 22:54:32.0784 7088 msdsm - ok 22:54:32.0798 7088 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 22:54:32.0800 7088 MSDTC - ok 22:54:32.0837 7088 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 22:54:32.0839 7088 Msfs - ok 22:54:32.0852 7088 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 22:54:32.0853 7088 mshidkmdf - ok 22:54:32.0876 7088 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 22:54:32.0878 7088 msisadrv - ok 22:54:32.0909 7088 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 22:54:32.0911 7088 MSiSCSI - ok 22:54:32.0916 7088 msiserver - ok 22:54:32.0963 7088 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 22:54:32.0964 7088 MSKSSRV - ok 22:54:32.0975 7088 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 22:54:32.0976 7088 MSPCLOCK - ok 22:54:32.0982 7088 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 22:54:32.0983 7088 MSPQM - ok 22:54:32.0997 7088 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 22:54:32.0999 7088 MsRPC - ok 22:54:33.0015 7088 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 22:54:33.0016 7088 mssmbios - ok 22:54:33.0031 7088 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 22:54:33.0032 7088 MSTEE - ok 22:54:33.0045 7088 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 22:54:33.0046 7088 MTConfig - ok 22:54:33.0057 7088 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 22:54:33.0058 7088 Mup - ok 22:54:33.0084 7088 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 22:54:33.0089 7088 napagent - ok 22:54:33.0150 7088 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 22:54:33.0155 7088 NativeWifiP - ok 22:54:33.0199 7088 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 22:54:33.0211 7088 NDIS - ok 22:54:33.0235 7088 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 22:54:33.0236 7088 NdisCap - ok 22:54:33.0279 7088 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 22:54:33.0280 7088 NdisTapi - ok 22:54:33.0293 7088 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 22:54:33.0294 7088 Ndisuio - ok 22:54:33.0317 7088 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 22:54:33.0319 7088 NdisWan - ok 22:54:33.0331 7088 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 22:54:33.0333 7088 NDProxy - ok 22:54:33.0346 7088 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 22:54:33.0347 7088 NetBIOS - ok 22:54:33.0371 7088 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 22:54:33.0374 7088 NetBT - ok 22:54:33.0382 7088 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 22:54:33.0384 7088 Netlogon - ok 22:54:33.0452 7088 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 22:54:33.0459 7088 Netman - ok 22:54:33.0476 7088 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 22:54:33.0484 7088 netprofm - ok 22:54:33.0499 7088 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:54:33.0502 7088 NetTcpPortSharing - ok 22:54:33.0563 7088 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 22:54:33.0564 7088 nfrd960 - ok 22:54:33.0588 7088 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 22:54:33.0595 7088 NlaSvc - ok 22:54:33.0606 7088 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 22:54:33.0608 7088 Npfs - ok 22:54:33.0620 7088 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 22:54:33.0625 7088 nsi - ok 22:54:33.0629 7088 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 22:54:33.0630 7088 nsiproxy - ok 22:54:33.0677 7088 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 22:54:33.0689 7088 Ntfs - ok 22:54:33.0694 7088 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 22:54:33.0695 7088 Null - ok 22:54:33.0717 7088 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 22:54:33.0718 7088 nvraid - ok 22:54:33.0734 7088 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 22:54:33.0737 7088 nvstor - ok 22:54:33.0743 7088 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 22:54:33.0744 7088 nv_agp - ok 22:54:33.0767 7088 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 22:54:33.0768 7088 ohci1394 - ok 22:54:33.0804 7088 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:54:33.0806 7088 ose - ok 22:54:33.0914 7088 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 22:54:33.0964 7088 osppsvc - ok 22:54:34.0023 7088 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 22:54:34.0027 7088 p2pimsvc - ok 22:54:34.0042 7088 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 22:54:34.0047 7088 p2psvc - ok 22:54:34.0077 7088 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 22:54:34.0078 7088 Parport - ok 22:54:34.0094 7088 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 22:54:34.0095 7088 partmgr - ok 22:54:34.0106 7088 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 22:54:34.0107 7088 Parvdm - ok 22:54:34.0124 7088 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 22:54:34.0127 7088 PcaSvc - ok 22:54:34.0158 7088 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 22:54:34.0160 7088 pci - ok 22:54:34.0169 7088 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 22:54:34.0170 7088 pciide - ok 22:54:34.0186 7088 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 22:54:34.0189 7088 pcmcia - ok 22:54:34.0207 7088 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 22:54:34.0208 7088 pcw - ok 22:54:34.0260 7088 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 22:54:34.0267 7088 PEAUTH - ok 22:54:34.0319 7088 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 22:54:34.0335 7088 pla - ok 22:54:34.0360 7088 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 22:54:34.0364 7088 PlugPlay - ok 22:54:34.0386 7088 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 22:54:34.0388 7088 PNRPAutoReg - ok 22:54:34.0407 7088 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 22:54:34.0409 7088 PNRPsvc - ok 22:54:34.0421 7088 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 22:54:34.0426 7088 PolicyAgent - ok 22:54:34.0439 7088 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 22:54:34.0442 7088 Power - ok 22:54:34.0502 7088 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 22:54:34.0504 7088 PptpMiniport - ok 22:54:34.0524 7088 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 22:54:34.0526 7088 Processor - ok 22:54:34.0581 7088 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 22:54:34.0587 7088 ProfSvc - ok 22:54:34.0598 7088 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 22:54:34.0602 7088 ProtectedStorage - ok 22:54:34.0618 7088 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 22:54:34.0620 7088 Psched - ok 22:54:34.0660 7088 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 22:54:34.0662 7088 PSI_SVC_2 - ok 22:54:34.0697 7088 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 22:54:34.0712 7088 ql2300 - ok 22:54:34.0729 7088 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 22:54:34.0731 7088 ql40xx - ok 22:54:34.0760 7088 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 22:54:34.0765 7088 QWAVE - ok 22:54:34.0778 7088 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 22:54:34.0779 7088 QWAVEdrv - ok 22:54:34.0847 7088 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 22:54:34.0850 7088 RapiMgr - ok 22:54:34.0863 7088 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 22:54:34.0864 7088 RasAcd - ok 22:54:34.0923 7088 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 22:54:34.0924 7088 RasAgileVpn - ok 22:54:34.0942 7088 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 22:54:34.0947 7088 RasAuto - ok 22:54:34.0973 7088 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 22:54:34.0975 7088 Rasl2tp - ok 22:54:35.0026 7088 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 22:54:35.0031 7088 RasMan - ok 22:54:35.0041 7088 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 22:54:35.0043 7088 RasPppoe - ok 22:54:35.0051 7088 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 22:54:35.0052 7088 RasSstp - ok 22:54:35.0072 7088 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 22:54:35.0075 7088 rdbss - ok 22:54:35.0090 7088 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 22:54:35.0091 7088 rdpbus - ok 22:54:35.0110 7088 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 22:54:35.0111 7088 RDPCDD - ok 22:54:35.0158 7088 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 22:54:35.0159 7088 RDPENCDD - ok 22:54:35.0170 7088 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 22:54:35.0172 7088 RDPREFMP - ok 22:54:35.0199 7088 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 22:54:35.0201 7088 RDPWD - ok 22:54:35.0269 7088 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 22:54:35.0271 7088 rdyboost - ok 22:54:35.0303 7088 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 22:54:35.0307 7088 RemoteAccess - ok 22:54:35.0342 7088 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 22:54:35.0348 7088 RemoteRegistry - ok 22:54:35.0375 7088 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 22:54:35.0380 7088 RpcEptMapper - ok 22:54:35.0409 7088 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 22:54:35.0411 7088 RpcLocator - ok 22:54:35.0432 7088 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 22:54:35.0436 7088 RpcSs - ok 22:54:35.0464 7088 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 22:54:35.0465 7088 rspndr - ok 22:54:35.0532 7088 [ BCEBD5D1AABCE4EFB7597635E347C44B ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 22:54:35.0536 7088 RTL8167 - ok 22:54:35.0597 7088 [ 51ADEF77E4C929535FD50DA153774E79 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 22:54:35.0607 7088 RTL8192su - ok 22:54:35.0623 7088 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 22:54:35.0627 7088 SamSs - ok 22:54:35.0665 7088 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 22:54:35.0667 7088 sbp2port - ok 22:54:35.0700 7088 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 22:54:35.0707 7088 SCardSvr - ok 22:54:35.0725 7088 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 22:54:35.0727 7088 scfilter - ok 22:54:35.0761 7088 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 22:54:35.0774 7088 Schedule - ok 22:54:35.0798 7088 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 22:54:35.0799 7088 SCPolicySvc - ok 22:54:35.0812 7088 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 22:54:35.0815 7088 SDRSVC - ok 22:54:35.0843 7088 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 22:54:35.0844 7088 secdrv - ok 22:54:35.0860 7088 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 22:54:35.0862 7088 seclogon - ok 22:54:35.0903 7088 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 22:54:35.0905 7088 SENS - ok 22:54:35.0918 7088 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 22:54:35.0923 7088 SensrSvc - ok 22:54:35.0935 7088 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 22:54:35.0936 7088 Serenum - ok 22:54:35.0953 7088 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 22:54:35.0955 7088 Serial - ok 22:54:35.0989 7088 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 22:54:35.0990 7088 sermouse - ok 22:54:36.0025 7088 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 22:54:36.0029 7088 SessionEnv - ok 22:54:36.0060 7088 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 22:54:36.0061 7088 sffdisk - ok 22:54:36.0074 7088 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 22:54:36.0075 7088 sffp_mmc - ok 22:54:36.0085 7088 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 22:54:36.0086 7088 sffp_sd - ok 22:54:36.0096 7088 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 22:54:36.0098 7088 sfloppy - ok 22:54:36.0133 7088 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 22:54:36.0138 7088 Sftfs - ok 22:54:36.0197 7088 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe 22:54:36.0204 7088 sftlist - ok 22:54:36.0243 7088 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 22:54:36.0247 7088 Sftplay - ok 22:54:36.0261 7088 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 22:54:36.0262 7088 Sftredir - ok 22:54:36.0276 7088 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 22:54:36.0277 7088 Sftvol - ok 22:54:36.0288 7088 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe 22:54:36.0290 7088 sftvsa - ok 22:54:36.0324 7088 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 22:54:36.0328 7088 SharedAccess - ok 22:54:36.0357 7088 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 22:54:36.0362 7088 ShellHWDetection - ok 22:54:36.0389 7088 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 22:54:36.0391 7088 sisagp - ok 22:54:36.0434 7088 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 22:54:36.0435 7088 SiSRaid2 - ok 22:54:36.0449 7088 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 22:54:36.0451 7088 SiSRaid4 - ok 22:54:36.0498 7088 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 22:54:36.0499 7088 Smb - ok 22:54:36.0536 7088 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 22:54:36.0539 7088 SNMPTRAP - ok 22:54:36.0550 7088 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 22:54:36.0551 7088 spldr - ok 22:54:36.0612 7088 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 22:54:36.0621 7088 Spooler - ok 22:54:36.0687 7088 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 22:54:36.0726 7088 sppsvc - ok 22:54:36.0781 7088 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 22:54:36.0786 7088 sppuinotify - ok 22:54:36.0817 7088 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 22:54:36.0823 7088 srv - ok 22:54:36.0839 7088 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 22:54:36.0845 7088 srv2 - ok 22:54:36.0856 7088 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 22:54:36.0860 7088 srvnet - ok 22:54:36.0899 7088 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 22:54:36.0906 7088 SSDPSRV - ok 22:54:36.0967 7088 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 22:54:36.0969 7088 ssmdrv - ok 22:54:36.0990 7088 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 22:54:36.0997 7088 SstpSvc - ok 22:54:37.0028 7088 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 22:54:37.0029 7088 stexstor - ok 22:54:37.0092 7088 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 22:54:37.0101 7088 StiSvc - ok 22:54:37.0131 7088 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 22:54:37.0133 7088 swenum - ok 22:54:37.0153 7088 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 22:54:37.0160 7088 swprv - ok 22:54:37.0203 7088 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 22:54:37.0227 7088 SysMain - ok 22:54:37.0244 7088 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 22:54:37.0250 7088 TabletInputService - ok 22:54:37.0280 7088 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 22:54:37.0285 7088 TapiSrv - ok 22:54:37.0311 7088 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 22:54:37.0314 7088 TBS - ok 22:54:37.0356 7088 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys 22:54:37.0371 7088 Tcpip - ok 22:54:37.0416 7088 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 22:54:37.0429 7088 TCPIP6 - ok 22:54:37.0470 7088 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 22:54:37.0472 7088 tcpipreg - ok 22:54:37.0498 7088 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 22:54:37.0501 7088 TDPIPE - ok 22:54:37.0521 7088 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 22:54:37.0523 7088 TDTCP - ok 22:54:37.0547 7088 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 22:54:37.0549 7088 tdx - ok 22:54:37.0567 7088 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 22:54:37.0569 7088 TermDD - ok 22:54:37.0600 7088 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 22:54:37.0610 7088 TermService - ok 22:54:37.0638 7088 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 22:54:37.0643 7088 Themes - ok 22:54:37.0648 7088 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 22:54:37.0652 7088 THREADORDER - ok 22:54:37.0762 7088 [ A21E58F345F337316A98C5121CBE17E8 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 22:54:37.0764 7088 TomTomHOMEService - ok 22:54:37.0816 7088 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 22:54:37.0820 7088 TrkWks - ok 22:54:37.0858 7088 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 22:54:37.0862 7088 TrustedInstaller - ok 22:54:37.0881 7088 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 22:54:37.0883 7088 tssecsrv - ok 22:54:37.0909 7088 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 22:54:37.0911 7088 TsUsbFlt - ok 22:54:37.0968 7088 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 22:54:37.0971 7088 tunnel - ok 22:54:38.0001 7088 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 22:54:38.0005 7088 uagp35 - ok 22:54:38.0033 7088 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 22:54:38.0038 7088 udfs - ok 22:54:38.0078 7088 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 22:54:38.0083 7088 UI0Detect - ok 22:54:38.0129 7088 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 22:54:38.0132 7088 uliagpkx - ok 22:54:38.0195 7088 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 22:54:38.0197 7088 umbus - ok 22:54:38.0210 7088 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 22:54:38.0212 7088 UmPass - ok 22:54:38.0235 7088 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 22:54:38.0244 7088 upnphost - ok 22:54:38.0257 7088 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 22:54:38.0260 7088 usbccgp - ok 22:54:38.0292 7088 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 22:54:38.0294 7088 usbcir - ok 22:54:38.0311 7088 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 22:54:38.0313 7088 usbehci - ok 22:54:38.0331 7088 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 22:54:38.0337 7088 usbhub - ok 22:54:38.0348 7088 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 22:54:38.0349 7088 usbohci - ok 22:54:38.0406 7088 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 22:54:38.0408 7088 usbprint - ok 22:54:38.0467 7088 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 22:54:38.0469 7088 usbscan - ok 22:54:38.0480 7088 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:54:38.0483 7088 USBSTOR - ok 22:54:38.0514 7088 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 22:54:38.0516 7088 usbuhci - ok 22:54:38.0548 7088 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 22:54:38.0553 7088 UxSms - ok 22:54:38.0565 7088 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 22:54:38.0568 7088 VaultSvc - ok 22:54:38.0618 7088 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 22:54:38.0621 7088 vdrvroot - ok 22:54:38.0648 7088 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 22:54:38.0659 7088 vds - ok 22:54:38.0671 7088 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 22:54:38.0672 7088 vga - ok 22:54:38.0709 7088 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 22:54:38.0711 7088 VgaSave - ok 22:54:38.0743 7088 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 22:54:38.0746 7088 vhdmp - ok 22:54:38.0791 7088 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 22:54:38.0793 7088 viaagp - ok 22:54:38.0810 7088 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 22:54:38.0812 7088 ViaC7 - ok 22:54:38.0847 7088 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 22:54:38.0848 7088 viaide - ok 22:54:38.0868 7088 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 22:54:38.0870 7088 volmgr - ok 22:54:38.0890 7088 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 22:54:38.0896 7088 volmgrx - ok 22:54:38.0913 7088 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 22:54:38.0918 7088 volsnap - ok 22:54:38.0970 7088 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 22:54:38.0973 7088 vsmraid - ok 22:54:39.0015 7088 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 22:54:39.0034 7088 VSS - ok 22:54:39.0050 7088 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 22:54:39.0052 7088 vwifibus - ok 22:54:39.0100 7088 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 22:54:39.0102 7088 vwififlt - ok 22:54:39.0149 7088 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 22:54:39.0151 7088 vwifimp - ok 22:54:39.0185 7088 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 22:54:39.0194 7088 W32Time - ok 22:54:39.0231 7088 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 22:54:39.0232 7088 WacomPen - ok 22:54:39.0289 7088 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 22:54:39.0291 7088 WANARP - ok 22:54:39.0296 7088 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 22:54:39.0297 7088 Wanarpv6 - ok 22:54:39.0328 7088 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 22:54:39.0345 7088 wbengine - ok 22:54:39.0360 7088 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 22:54:39.0364 7088 WbioSrvc - ok 22:54:39.0424 7088 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 22:54:39.0429 7088 WcesComm - ok 22:54:39.0458 7088 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 22:54:39.0467 7088 wcncsvc - ok 22:54:39.0499 7088 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 22:54:39.0503 7088 WcsPlugInService - ok 22:54:39.0533 7088 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 22:54:39.0534 7088 Wd - ok 22:54:39.0562 7088 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 22:54:39.0570 7088 Wdf01000 - ok 22:54:39.0582 7088 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 22:54:39.0587 7088 WdiServiceHost - ok 22:54:39.0591 7088 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 22:54:39.0596 7088 WdiSystemHost - ok 22:54:39.0617 7088 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 22:54:39.0620 7088 WebClient - ok 22:54:39.0635 7088 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 22:54:39.0639 7088 Wecsvc - ok 22:54:39.0651 7088 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 22:54:39.0654 7088 wercplsupport - ok 22:54:39.0669 7088 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 22:54:39.0672 7088 WerSvc - ok 22:54:39.0714 7088 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 22:54:39.0716 7088 WfpLwf - ok 22:54:39.0734 7088 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 22:54:39.0736 7088 WIMMount - ok 22:54:39.0793 7088 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 22:54:39.0804 7088 WinDefend - ok 22:54:39.0813 7088 WinHttpAutoProxySvc - ok 22:54:39.0867 7088 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 22:54:39.0870 7088 Winmgmt - ok 22:54:39.0917 7088 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 22:54:39.0940 7088 WinRM - ok 22:54:40.0006 7088 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 22:54:40.0007 7088 WinUsb - ok 22:54:40.0054 7088 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 22:54:40.0071 7088 Wlansvc - ok 22:54:40.0165 7088 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 22:54:40.0168 7088 wlcrasvc - ok 22:54:40.0261 7088 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 22:54:40.0287 7088 wlidsvc - ok 22:54:40.0301 7088 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 22:54:40.0302 7088 WmiAcpi - ok 22:54:40.0340 7088 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 22:54:40.0342 7088 wmiApSrv - ok 22:54:40.0429 7088 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 22:54:40.0446 7088 WMPNetworkSvc - ok 22:54:40.0479 7088 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 22:54:40.0485 7088 WPCSvc - ok 22:54:40.0506 7088 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 22:54:40.0513 7088 WPDBusEnum - ok 22:54:40.0544 7088 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 22:54:40.0546 7088 ws2ifsl - ok 22:54:40.0558 7088 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 22:54:40.0565 7088 wscsvc - ok 22:54:40.0571 7088 WSearch - ok 22:54:40.0623 7088 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 22:54:40.0644 7088 wuauserv - ok 22:54:40.0662 7088 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 22:54:40.0663 7088 WudfPf - ok 22:54:40.0711 7088 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 22:54:40.0715 7088 WUDFRd - ok 22:54:40.0732 7088 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 22:54:40.0738 7088 wudfsvc - ok 22:54:40.0775 7088 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll 22:54:40.0783 7088 WwanSvc - ok 22:54:40.0862 7088 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 22:54:40.0872 7088 YahooAUService - ok 22:54:40.0884 7088 ================ Scan global =============================== 22:54:40.0934 7088 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 22:54:40.0961 7088 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 22:54:40.0972 7088 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 22:54:41.0000 7088 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 22:54:41.0026 7088 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 22:54:41.0030 7088 [Global] - ok 22:54:41.0031 7088 ================ Scan MBR ================================== 22:54:41.0039 7088 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:54:41.0280 7088 \Device\Harddisk0\DR0 - ok 22:54:41.0285 7088 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 22:54:41.0290 7088 \Device\Harddisk1\DR1 - ok 22:54:41.0291 7088 ================ Scan VBR ================================== 22:54:41.0295 7088 [ A96290B5401C2DA5A08BB9471D76D503 ] \Device\Harddisk0\DR0\Partition1 22:54:41.0298 7088 \Device\Harddisk0\DR0\Partition1 - ok 22:54:41.0309 7088 [ 046BBD7303F14EB983A3F0C302651470 ] \Device\Harddisk0\DR0\Partition2 22:54:41.0311 7088 \Device\Harddisk0\DR0\Partition2 - ok 22:54:41.0345 7088 [ 376B50B18DD730F4A63E4B8227F4638C ] \Device\Harddisk0\DR0\Partition3 22:54:41.0346 7088 \Device\Harddisk0\DR0\Partition3 - ok 22:54:41.0349 7088 [ C63C0C92F43797AD576ADAC2FE17B860 ] \Device\Harddisk1\DR1\Partition1 22:54:41.0350 7088 \Device\Harddisk1\DR1\Partition1 - ok 22:54:41.0351 7088 ============================================================ 22:54:41.0351 7088 Scan finished 22:54:41.0351 7088 ============================================================ 22:54:41.0362 7060 Detected object count: 0 22:54:41.0362 7060 Actual detected object count: 0 |
|
13.06.2013, 22:02
| #10 |
| /// Malware-holic | delta search bitte nach anleitung konfigurieren und erneut ausführen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 22:23
| #11 |
| | delta search Hallo Markus, habe wieder so eine lange Datei wie vorher. Habe jetzt nach der Anleitung alles gemacht, ich hoffe richtig? Soll ich Dir diese lange Datei jetzt wieder senden oder ist das falsch? Liebe Grüsse (wenn es Dir zu spät wird, sage bitte Bescheid). Anfänger 341 |
|
13.06.2013, 22:24
| #12 |
| /// Malware-holic | delta search na wenn ich sie auswerten soll, währ das schon günstig :-)
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.06.2013, 22:26
| #13 |
| | delta search 23:12:12.0077 6336 TDSS rootkit removing tool 2.8.14.0 Oct 30 2012 13:37:33 23:12:12.0187 6336 ============================================================ 23:12:12.0187 6336 Current date / time: 2013/06/13 23:12:12.0187 23:12:12.0187 6336 SystemInfo: 23:12:12.0187 6336 23:12:12.0187 6336 OS Version: 6.1.7601 ServicePack: 1.0 23:12:12.0187 6336 Product type: Workstation 23:12:12.0187 6336 ComputerName: KAROLA-PC 23:12:12.0187 6336 UserName: Karola 23:12:12.0187 6336 Windows directory: C:\Windows 23:12:12.0187 6336 System windows directory: C:\Windows 23:12:12.0187 6336 Processor architecture: Intel x86 23:12:12.0187 6336 Number of processors: 2 23:12:12.0187 6336 Page size: 0x1000 23:12:12.0187 6336 Boot type: Normal boot 23:12:12.0187 6336 ============================================================ 23:12:12.0577 6336 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:12:12.0592 6336 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 23:12:12.0592 6336 ============================================================ 23:12:12.0592 6336 \Device\Harddisk0\DR0: 23:12:12.0592 6336 MBR partitions: 23:12:12.0592 6336 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 23:12:12.0592 6336 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x6F4D3000 23:12:12.0592 6336 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x6F505800, BlocksNum 0x5000000 23:12:12.0592 6336 \Device\Harddisk1\DR1: 23:12:12.0592 6336 MBR partitions: 23:12:12.0592 6336 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x74705982 23:12:12.0592 6336 ============================================================ 23:12:12.0623 6336 C: <-> \Device\Harddisk0\DR0\Partition2 23:12:12.0670 6336 D: <-> \Device\Harddisk0\DR0\Partition3 23:12:12.0670 6336 F: <-> \Device\Harddisk1\DR1\Partition1 23:12:12.0686 6336 ============================================================ 23:12:12.0686 6336 Initialize success 23:12:12.0686 6336 ============================================================ 23:12:42.0575 2312 ============================================================ 23:12:42.0575 2312 Scan started 23:12:42.0575 2312 Mode: Manual; SigCheck; TDLFS; 23:12:42.0575 2312 ============================================================ 23:12:42.0825 2312 ================ Scan system memory ======================== 23:12:42.0825 2312 System memory - ok 23:12:42.0825 2312 ================ Scan services ============================= 23:12:43.0012 2312 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 23:12:43.0121 2312 1394ohci - ok 23:12:43.0153 2312 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys 23:12:43.0199 2312 ACPI - ok 23:12:43.0215 2312 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 23:12:43.0246 2312 AcpiPmi - ok 23:12:43.0355 2312 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 23:12:43.0387 2312 AdobeARMservice - ok 23:12:43.0465 2312 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 23:12:43.0496 2312 adp94xx - ok 23:12:43.0511 2312 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 23:12:43.0527 2312 adpahci - ok 23:12:43.0558 2312 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 23:12:43.0558 2312 adpu320 - ok 23:12:43.0636 2312 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:12:43.0714 2312 AeLookupSvc - ok 23:12:43.0777 2312 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys 23:12:43.0839 2312 AFD - ok 23:12:43.0886 2312 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys 23:12:43.0917 2312 agp440 - ok 23:12:43.0979 2312 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys 23:12:43.0995 2312 aic78xx - ok 23:12:44.0057 2312 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe 23:12:44.0135 2312 ALG - ok 23:12:44.0182 2312 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys 23:12:44.0213 2312 aliide - ok 23:12:44.0291 2312 [ 60201AD353105D8C6796C1B69E6C49F0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 23:12:44.0338 2312 AMD External Events Utility - ok 23:12:44.0369 2312 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys 23:12:44.0385 2312 amdagp - ok 23:12:44.0432 2312 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys 23:12:44.0447 2312 amdide - ok 23:12:44.0479 2312 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 23:12:44.0541 2312 AmdK8 - ok 23:12:44.0650 2312 [ 51610B74A9A1D84DC86FCE1019BEAFF4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 23:12:44.0744 2312 amdkmdag - ok 23:12:44.0791 2312 [ CD1D86AB81EECE67D7BD6F7EF9786CCC ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 23:12:44.0837 2312 amdkmdap - ok 23:12:44.0884 2312 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 23:12:44.0931 2312 AmdPPM - ok 23:12:44.0993 2312 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:12:45.0025 2312 amdsata - ok 23:12:45.0040 2312 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 23:12:45.0056 2312 amdsbs - ok 23:12:45.0056 2312 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:12:45.0071 2312 amdxata - ok 23:12:45.0165 2312 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 23:12:45.0196 2312 AntiVirSchedulerService - ok 23:12:45.0259 2312 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 23:12:45.0274 2312 AntiVirService - ok 23:12:45.0337 2312 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys 23:12:45.0399 2312 AppID - ok 23:12:45.0430 2312 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:12:45.0508 2312 AppIDSvc - ok 23:12:45.0539 2312 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll 23:12:45.0602 2312 Appinfo - ok 23:12:45.0649 2312 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys 23:12:45.0664 2312 arc - ok 23:12:45.0664 2312 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 23:12:45.0680 2312 arcsas - ok 23:12:45.0727 2312 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:12:45.0789 2312 AsyncMac - ok 23:12:45.0836 2312 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys 23:12:45.0851 2312 atapi - ok 23:12:45.0914 2312 [ 8DF873D0587596C1D35A9CECECC61DA1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys 23:12:45.0945 2312 AtiHdmiService - ok 23:12:46.0007 2312 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:12:46.0085 2312 AudioEndpointBuilder - ok 23:12:46.0085 2312 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll 23:12:46.0117 2312 Audiosrv - ok 23:12:46.0163 2312 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 23:12:46.0179 2312 avgntflt - ok 23:12:46.0226 2312 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 23:12:46.0257 2312 avipbb - ok 23:12:46.0273 2312 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 23:12:46.0288 2312 avkmgr - ok 23:12:46.0335 2312 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:12:46.0429 2312 AxInstSV - ok 23:12:46.0491 2312 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys 23:12:46.0553 2312 b06bdrv - ok 23:12:46.0585 2312 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys 23:12:46.0647 2312 b57nd60x - ok 23:12:46.0741 2312 [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE 23:12:46.0772 2312 BBSvc - ok 23:12:46.0787 2312 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE 23:12:46.0803 2312 BBUpdate - ok 23:12:46.0834 2312 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll 23:12:46.0881 2312 BDESVC - ok 23:12:46.0897 2312 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys 23:12:46.0959 2312 Beep - ok 23:12:47.0006 2312 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll 23:12:47.0099 2312 BFE - ok 23:12:47.0131 2312 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll 23:12:47.0162 2312 BITS - ok 23:12:47.0209 2312 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:12:47.0209 2312 blbdrive - ok 23:12:47.0240 2312 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:12:47.0271 2312 bowser - ok 23:12:47.0318 2312 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 23:12:47.0349 2312 BrFiltLo - ok 23:12:47.0380 2312 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 23:12:47.0427 2312 BrFiltUp - ok 23:12:47.0458 2312 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll 23:12:47.0536 2312 Browser - ok 23:12:47.0677 2312 [ 013A330F16B1CECBDE5CB6F921689523 ] BrowserDefendert C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe 23:12:47.0739 2312 BrowserDefendert - ok 23:12:47.0755 2312 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:12:47.0817 2312 Brserid - ok 23:12:47.0848 2312 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:12:47.0911 2312 BrSerWdm - ok 23:12:47.0926 2312 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:12:47.0973 2312 BrUsbMdm - ok 23:12:47.0989 2312 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:12:48.0035 2312 BrUsbSer - ok 23:12:48.0051 2312 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 23:12:48.0067 2312 BTHMODEM - ok 23:12:48.0129 2312 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll 23:12:48.0176 2312 bthserv - ok 23:12:48.0207 2312 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:12:48.0254 2312 cdfs - ok 23:12:48.0301 2312 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:12:48.0347 2312 cdrom - ok 23:12:48.0379 2312 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll 23:12:48.0457 2312 CertPropSvc - ok 23:12:48.0488 2312 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys 23:12:48.0535 2312 circlass - ok 23:12:48.0566 2312 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys 23:12:48.0597 2312 CLFS - ok 23:12:48.0675 2312 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:12:48.0691 2312 clr_optimization_v2.0.50727_32 - ok 23:12:48.0831 2312 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:12:48.0847 2312 clr_optimization_v4.0.30319_32 - ok 23:12:48.0878 2312 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 23:12:48.0940 2312 CmBatt - ok 23:12:48.0971 2312 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:12:48.0987 2312 cmdide - ok 23:12:49.0018 2312 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys 23:12:49.0049 2312 CNG - ok 23:12:49.0081 2312 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 23:12:49.0081 2312 Compbatt - ok 23:12:49.0127 2312 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 23:12:49.0159 2312 CompositeBus - ok 23:12:49.0174 2312 COMSysApp - ok 23:12:49.0205 2312 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 23:12:49.0205 2312 crcdisk - ok 23:12:49.0268 2312 [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:12:49.0346 2312 CryptSvc - ok 23:12:49.0424 2312 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 23:12:49.0455 2312 cvhsvc - ok 23:12:49.0471 2312 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll 23:12:49.0533 2312 DcomLaunch - ok 23:12:49.0564 2312 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll 23:12:49.0627 2312 defragsvc - ok 23:12:49.0673 2312 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:12:49.0736 2312 DfsC - ok 23:12:49.0783 2312 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll 23:12:49.0798 2312 Dhcp - ok 23:12:49.0829 2312 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys 23:12:49.0892 2312 discache - ok 23:12:49.0939 2312 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys 23:12:49.0939 2312 Disk - ok 23:12:49.0954 2312 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:12:50.0032 2312 Dnscache - ok 23:12:50.0063 2312 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll 23:12:50.0079 2312 dot3svc - ok 23:12:50.0110 2312 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll 23:12:50.0188 2312 DPS - ok 23:12:50.0219 2312 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:12:50.0266 2312 drmkaud - ok 23:12:50.0313 2312 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:12:50.0344 2312 DXGKrnl - ok 23:12:50.0407 2312 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll 23:12:50.0469 2312 EapHost - ok 23:12:50.0547 2312 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys 23:12:50.0625 2312 ebdrv - ok 23:12:50.0656 2312 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe 23:12:50.0719 2312 EFS - ok 23:12:50.0765 2312 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:12:50.0843 2312 ehRecvr - ok 23:12:50.0875 2312 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe 23:12:50.0953 2312 ehSched - ok 23:12:51.0015 2312 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 23:12:51.0046 2312 elxstor - ok 23:12:51.0109 2312 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE 23:12:51.0187 2312 EPSON_PM_RPCV4_01 - ok 23:12:51.0218 2312 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys 23:12:51.0265 2312 ErrDev - ok 23:12:51.0327 2312 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll 23:12:51.0389 2312 EventSystem - ok 23:12:51.0421 2312 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys 23:12:51.0452 2312 exfat - ok 23:12:51.0499 2312 Fabs - ok 23:12:51.0499 2312 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:12:51.0545 2312 fastfat - ok 23:12:51.0592 2312 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe 23:12:51.0670 2312 Fax - ok 23:12:51.0733 2312 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys 23:12:51.0764 2312 fdc - ok 23:12:51.0795 2312 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll 23:12:51.0842 2312 fdPHost - ok 23:12:51.0873 2312 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll 23:12:51.0935 2312 FDResPub - ok 23:12:51.0951 2312 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:12:51.0967 2312 FileInfo - ok 23:12:51.0982 2312 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:12:52.0013 2312 Filetrace - ok 23:12:52.0091 2312 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe 23:12:52.0154 2312 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning 23:12:52.0154 2312 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1) 23:12:52.0185 2312 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 23:12:52.0216 2312 flpydisk - ok 23:12:52.0279 2312 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:12:52.0310 2312 FltMgr - ok 23:12:52.0372 2312 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll 23:12:52.0466 2312 FontCache - ok 23:12:52.0513 2312 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 23:12:52.0513 2312 FontCache3.0.0.0 - ok 23:12:52.0528 2312 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:12:52.0544 2312 FsDepends - ok 23:12:52.0591 2312 [ B0082808A6856A252F7CDD939892CE50 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 23:12:52.0606 2312 fssfltr - ok 23:12:52.0669 2312 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe 23:12:52.0715 2312 fsssvc - ok 23:12:52.0731 2312 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:12:52.0747 2312 Fs_Rec - ok 23:12:52.0809 2312 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:12:52.0840 2312 fvevol - ok 23:12:52.0903 2312 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 23:12:52.0918 2312 gagp30kx - ok 23:12:52.0949 2312 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll 23:12:53.0012 2312 gpsvc - ok 23:12:53.0074 2312 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 23:12:53.0090 2312 gupdate - ok 23:12:53.0121 2312 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 23:12:53.0121 2312 gupdatem - ok 23:12:53.0168 2312 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 23:12:53.0183 2312 gusvc - ok 23:12:53.0215 2312 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:12:53.0293 2312 hcw85cir - ok 23:12:53.0308 2312 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:12:53.0355 2312 HdAudAddService - ok 23:12:53.0402 2312 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 23:12:53.0449 2312 HDAudBus - ok 23:12:53.0464 2312 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 23:12:53.0511 2312 HidBatt - ok 23:12:53.0542 2312 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 23:12:53.0573 2312 HidBth - ok 23:12:53.0589 2312 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 23:12:53.0620 2312 HidIr - ok 23:12:53.0651 2312 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll 23:12:53.0698 2312 hidserv - ok 23:12:53.0761 2312 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys 23:12:53.0807 2312 HidUsb - ok 23:12:53.0854 2312 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:12:53.0917 2312 hkmsvc - ok 23:12:53.0948 2312 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:12:53.0995 2312 HomeGroupListener - ok 23:12:54.0057 2312 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:12:54.0135 2312 HomeGroupProvider - ok 23:12:54.0166 2312 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 23:12:54.0182 2312 HpSAMD - ok 23:12:54.0244 2312 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:12:54.0275 2312 HTTP - ok 23:12:54.0307 2312 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:12:54.0322 2312 hwpolicy - ok 23:12:54.0369 2312 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 23:12:54.0431 2312 i8042prt - ok 23:12:54.0463 2312 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 23:12:54.0478 2312 iaStor - ok 23:12:54.0556 2312 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 23:12:54.0587 2312 IAStorDataMgrSvc - ok 23:12:54.0634 2312 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:12:54.0665 2312 iaStorV - ok 23:12:54.0790 2312 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 23:12:54.0821 2312 IDriverT ( UnsignedFile.Multi.Generic ) - warning 23:12:54.0821 2312 IDriverT - detected UnsignedFile.Multi.Generic (1) 23:12:54.0868 2312 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 23:12:54.0899 2312 idsvc - ok 23:12:54.0993 2312 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys 23:12:55.0102 2312 igfx - ok 23:12:55.0149 2312 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 23:12:55.0180 2312 iirsp - ok 23:12:55.0227 2312 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll 23:12:55.0305 2312 IKEEXT - ok 23:12:55.0383 2312 [ F4427E5DF32CDE359B2E2E5512D18001 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys 23:12:55.0461 2312 IntcAzAudAddService - ok 23:12:55.0523 2312 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys 23:12:55.0539 2312 intelide - ok 23:12:55.0601 2312 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 23:12:55.0617 2312 intelppm - ok 23:12:55.0648 2312 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:12:55.0711 2312 IPBusEnum - ok 23:12:55.0726 2312 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:12:55.0757 2312 IpFilterDriver - ok 23:12:55.0820 2312 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:12:55.0882 2312 iphlpsvc - ok 23:12:55.0913 2312 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 23:12:55.0960 2312 IPMIDRV - ok 23:12:55.0991 2312 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:12:56.0054 2312 IPNAT - ok 23:12:56.0101 2312 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:12:56.0116 2312 IRENUM - ok 23:12:56.0163 2312 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:12:56.0194 2312 isapnp - ok 23:12:56.0210 2312 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 23:12:56.0225 2312 iScsiPrt - ok 23:12:56.0272 2312 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 23:12:56.0288 2312 kbdclass - ok 23:12:56.0319 2312 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 23:12:56.0350 2312 kbdhid - ok 23:12:56.0381 2312 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe 23:12:56.0397 2312 KeyIso - ok 23:12:56.0397 2312 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:12:56.0413 2312 KSecDD - ok 23:12:56.0428 2312 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:12:56.0444 2312 KSecPkg - ok 23:12:56.0475 2312 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll 23:12:56.0522 2312 KtmRm - ok 23:12:56.0569 2312 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll 23:12:56.0600 2312 LanmanServer - ok 23:12:56.0631 2312 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:12:56.0709 2312 LanmanWorkstation - ok 23:12:56.0771 2312 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:12:56.0849 2312 lltdio - ok 23:12:56.0881 2312 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:12:56.0959 2312 lltdsvc - ok 23:12:56.0974 2312 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll 23:12:57.0037 2312 lmhosts - ok 23:12:57.0068 2312 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 23:12:57.0083 2312 LSI_FC - ok 23:12:57.0099 2312 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 23:12:57.0115 2312 LSI_SAS - ok 23:12:57.0130 2312 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 23:12:57.0130 2312 LSI_SAS2 - ok 23:12:57.0146 2312 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 23:12:57.0161 2312 LSI_SCSI - ok 23:12:57.0224 2312 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys 23:12:57.0286 2312 luafv - ok 23:12:57.0349 2312 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:12:57.0380 2312 Mcx2Svc - ok 23:12:57.0395 2312 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 23:12:57.0395 2312 megasas - ok 23:12:57.0442 2312 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 23:12:57.0458 2312 MegaSR - ok 23:12:57.0489 2312 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll 23:12:57.0536 2312 MMCSS - ok 23:12:57.0567 2312 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys 23:12:57.0598 2312 Modem - ok 23:12:57.0645 2312 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:12:57.0692 2312 monitor - ok 23:12:57.0739 2312 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys 23:12:57.0770 2312 mouclass - ok 23:12:57.0817 2312 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:12:57.0863 2312 mouhid - ok 23:12:57.0895 2312 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:12:57.0910 2312 mountmgr - ok 23:12:57.0926 2312 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys 23:12:57.0941 2312 mpio - ok 23:12:57.0973 2312 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:12:58.0019 2312 mpsdrv - ok 23:12:58.0066 2312 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:12:58.0144 2312 MpsSvc - ok 23:12:58.0160 2312 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:12:58.0191 2312 MRxDAV - ok 23:12:58.0238 2312 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:12:58.0253 2312 mrxsmb - ok 23:12:58.0269 2312 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:12:58.0285 2312 mrxsmb10 - ok 23:12:58.0300 2312 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:12:58.0331 2312 mrxsmb20 - ok 23:12:58.0347 2312 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys 23:12:58.0363 2312 msahci - ok 23:12:58.0394 2312 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:12:58.0394 2312 msdsm - ok 23:12:58.0409 2312 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe 23:12:58.0425 2312 MSDTC - ok 23:12:58.0456 2312 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:12:58.0534 2312 Msfs - ok 23:12:58.0550 2312 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:12:58.0597 2312 mshidkmdf - ok 23:12:58.0628 2312 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:12:58.0643 2312 msisadrv - ok 23:12:58.0690 2312 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:12:58.0768 2312 MSiSCSI - ok 23:12:58.0768 2312 msiserver - ok 23:12:58.0799 2312 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:12:58.0862 2312 MSKSSRV - ok 23:12:58.0893 2312 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:12:58.0955 2312 MSPCLOCK - ok 23:12:58.0971 2312 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:12:59.0002 2312 MSPQM - ok 23:12:59.0018 2312 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:12:59.0049 2312 MsRPC - ok 23:12:59.0080 2312 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 23:12:59.0096 2312 mssmbios - ok 23:12:59.0158 2312 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:12:59.0189 2312 MSTEE - ok 23:12:59.0221 2312 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 23:12:59.0252 2312 MTConfig - ok 23:12:59.0283 2312 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys 23:12:59.0314 2312 Mup - ok 23:12:59.0345 2312 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll 23:12:59.0408 2312 napagent - ok 23:12:59.0439 2312 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:12:59.0470 2312 NativeWifiP - ok 23:12:59.0533 2312 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys 23:12:59.0564 2312 NDIS - ok 23:12:59.0579 2312 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:12:59.0611 2312 NdisCap - ok 23:12:59.0642 2312 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:12:59.0704 2312 NdisTapi - ok 23:12:59.0751 2312 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:12:59.0813 2312 Ndisuio - ok 23:12:59.0845 2312 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:12:59.0876 2312 NdisWan - ok 23:12:59.0907 2312 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:12:59.0923 2312 NDProxy - ok 23:12:59.0954 2312 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:13:00.0016 2312 NetBIOS - ok 23:13:00.0047 2312 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:13:00.0110 2312 NetBT - ok 23:13:00.0141 2312 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe 23:13:00.0141 2312 Netlogon - ok 23:13:00.0203 2312 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll 23:13:00.0281 2312 Netman - ok 23:13:00.0297 2312 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll 23:13:00.0344 2312 netprofm - ok 23:13:00.0375 2312 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 23:13:00.0391 2312 NetTcpPortSharing - ok 23:13:00.0453 2312 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 23:13:00.0484 2312 nfrd960 - ok 23:13:00.0500 2312 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll 23:13:00.0531 2312 NlaSvc - ok 23:13:00.0562 2312 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:13:00.0578 2312 Npfs - ok 23:13:00.0593 2312 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll 23:13:00.0609 2312 nsi - ok 23:13:00.0625 2312 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:13:00.0687 2312 nsiproxy - ok 23:13:00.0734 2312 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:13:00.0781 2312 Ntfs - ok 23:13:00.0796 2312 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys 23:13:00.0843 2312 Null - ok 23:13:00.0874 2312 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:13:00.0890 2312 nvraid - ok 23:13:00.0890 2312 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:13:00.0905 2312 nvstor - ok 23:13:00.0921 2312 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:13:00.0937 2312 nv_agp - ok 23:13:00.0952 2312 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 23:13:00.0983 2312 ohci1394 - ok 23:13:01.0030 2312 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 23:13:01.0061 2312 ose - ok 23:13:01.0139 2312 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 23:13:01.0233 2312 osppsvc - ok 23:13:01.0295 2312 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:13:01.0342 2312 p2pimsvc - ok 23:13:01.0405 2312 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll 23:13:01.0420 2312 p2psvc - ok 23:13:01.0451 2312 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys 23:13:01.0483 2312 Parport - ok 23:13:01.0514 2312 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:13:01.0529 2312 partmgr - ok 23:13:01.0545 2312 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys 23:13:01.0576 2312 Parvdm - ok 23:13:01.0607 2312 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:13:01.0654 2312 PcaSvc - ok 23:13:01.0685 2312 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys 23:13:01.0685 2312 pci - ok 23:13:01.0701 2312 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys 23:13:01.0717 2312 pciide - ok 23:13:01.0732 2312 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 23:13:01.0748 2312 pcmcia - ok 23:13:01.0763 2312 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys 23:13:01.0779 2312 pcw - ok 23:13:01.0826 2312 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:13:01.0919 2312 PEAUTH - ok 23:13:01.0966 2312 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll 23:13:02.0029 2312 pla - ok 23:13:02.0075 2312 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:13:02.0153 2312 PlugPlay - ok 23:13:02.0185 2312 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:13:02.0231 2312 PNRPAutoReg - ok 23:13:02.0247 2312 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:13:02.0278 2312 PNRPsvc - ok 23:13:02.0294 2312 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:13:02.0341 2312 PolicyAgent - ok 23:13:02.0372 2312 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll 23:13:02.0434 2312 Power - ok 23:13:02.0465 2312 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:13:02.0528 2312 PptpMiniport - ok 23:13:02.0559 2312 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys 23:13:02.0606 2312 Processor - ok 23:13:02.0637 2312 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll 23:13:02.0699 2312 ProfSvc - ok 23:13:02.0715 2312 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:13:02.0731 2312 ProtectedStorage - ok 23:13:02.0793 2312 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:13:02.0855 2312 Psched - ok 23:13:02.0902 2312 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe 23:13:02.0933 2312 PSI_SVC_2 - ok 23:13:02.0965 2312 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 23:13:02.0996 2312 ql2300 - ok 23:13:03.0011 2312 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 23:13:03.0027 2312 ql40xx - ok 23:13:03.0058 2312 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll 23:13:03.0105 2312 QWAVE - ok 23:13:03.0121 2312 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:13:03.0167 2312 QWAVEdrv - ok 23:13:03.0230 2312 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll 23:13:03.0261 2312 RapiMgr - ok 23:13:03.0261 2312 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:13:03.0308 2312 RasAcd - ok 23:13:03.0339 2312 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:13:03.0401 2312 RasAgileVpn - ok 23:13:03.0433 2312 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll 23:13:03.0479 2312 RasAuto - ok 23:13:03.0495 2312 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:13:03.0542 2312 Rasl2tp - ok 23:13:03.0573 2312 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll 23:13:03.0620 2312 RasMan - ok 23:13:03.0635 2312 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:13:03.0698 2312 RasPppoe - ok 23:13:03.0729 2312 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:13:03.0776 2312 RasSstp - ok 23:13:03.0823 2312 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:13:03.0869 2312 rdbss - ok 23:13:03.0901 2312 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 23:13:03.0947 2312 rdpbus - ok 23:13:03.0994 2312 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:13:04.0057 2312 RDPCDD - ok 23:13:04.0088 2312 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:13:04.0150 2312 RDPENCDD - ok 23:13:04.0150 2312 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:13:04.0181 2312 RDPREFMP - ok 23:13:04.0228 2312 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:13:04.0337 2312 RDPWD - ok 23:13:04.0400 2312 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:13:04.0431 2312 rdyboost - ok 23:13:04.0462 2312 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll 23:13:04.0509 2312 RemoteAccess - ok 23:13:04.0556 2312 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:13:04.0618 2312 RemoteRegistry - ok 23:13:04.0649 2312 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:13:04.0712 2312 RpcEptMapper - ok 23:13:04.0743 2312 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe 23:13:04.0759 2312 RpcLocator - ok 23:13:04.0774 2312 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll 23:13:04.0805 2312 RpcSs - ok 23:13:04.0852 2312 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:13:04.0930 2312 rspndr - ok 23:13:04.0993 2312 [ BCEBD5D1AABCE4EFB7597635E347C44B ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys 23:13:05.0055 2312 RTL8167 - ok 23:13:05.0102 2312 [ 51ADEF77E4C929535FD50DA153774E79 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 23:13:05.0180 2312 RTL8192su - ok 23:13:05.0180 2312 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe 23:13:05.0195 2312 SamSs - ok 23:13:05.0258 2312 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:13:05.0273 2312 sbp2port - ok 23:13:05.0305 2312 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:13:05.0336 2312 SCardSvr - ok 23:13:05.0351 2312 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:13:05.0383 2312 scfilter - ok 23:13:05.0429 2312 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll 23:13:05.0492 2312 Schedule - ok 23:13:05.0539 2312 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll 23:13:05.0554 2312 SCPolicySvc - ok 23:13:05.0570 2312 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:13:05.0648 2312 SDRSVC - ok 23:13:05.0695 2312 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:13:05.0773 2312 secdrv - ok 23:13:05.0804 2312 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll 23:13:05.0851 2312 seclogon - ok 23:13:05.0897 2312 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll 23:13:05.0929 2312 SENS - ok 23:13:05.0960 2312 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:13:06.0022 2312 SensrSvc - ok 23:13:06.0038 2312 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:13:06.0085 2312 Serenum - ok 23:13:06.0100 2312 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys 23:13:06.0163 2312 Serial - ok 23:13:06.0194 2312 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 23:13:06.0256 2312 sermouse - ok 23:13:06.0303 2312 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll 23:13:06.0365 2312 SessionEnv - ok 23:13:06.0397 2312 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:13:06.0443 2312 sffdisk - ok 23:13:06.0475 2312 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:13:06.0521 2312 sffp_mmc - ok 23:13:06.0553 2312 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:13:06.0599 2312 sffp_sd - ok 23:13:06.0631 2312 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 23:13:06.0677 2312 sfloppy - ok 23:13:06.0724 2312 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 23:13:06.0740 2312 Sftfs - ok 23:13:06.0802 2312 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe 23:13:06.0833 2312 sftlist - ok 23:13:06.0849 2312 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 23:13:06.0865 2312 Sftplay - ok 23:13:06.0880 2312 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 23:13:06.0896 2312 Sftredir - ok 23:13:06.0911 2312 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 23:13:06.0911 2312 Sftvol - ok 23:13:06.0927 2312 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe 23:13:06.0943 2312 sftvsa - ok 23:13:06.0974 2312 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:13:07.0021 2312 SharedAccess - ok 23:13:07.0067 2312 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:13:07.0083 2312 ShellHWDetection - ok 23:13:07.0114 2312 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys 23:13:07.0130 2312 sisagp - ok 23:13:07.0177 2312 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 23:13:07.0208 2312 SiSRaid2 - ok 23:13:07.0223 2312 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 23:13:07.0239 2312 SiSRaid4 - ok 23:13:07.0286 2312 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:13:07.0348 2312 Smb - ok 23:13:07.0395 2312 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:13:07.0426 2312 SNMPTRAP - ok 23:13:07.0426 2312 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys 23:13:07.0442 2312 spldr - ok 23:13:07.0504 2312 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe 23:13:07.0551 2312 Spooler - ok 23:13:07.0629 2312 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe 23:13:07.0691 2312 sppsvc - ok 23:13:07.0707 2312 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:13:07.0723 2312 sppuinotify - ok 23:13:07.0738 2312 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys 23:13:07.0785 2312 srv - ok 23:13:07.0816 2312 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:13:07.0863 2312 srv2 - ok 23:13:07.0879 2312 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:13:07.0910 2312 srvnet - ok 23:13:07.0957 2312 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:13:08.0019 2312 SSDPSRV - ok 23:13:08.0066 2312 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 23:13:08.0097 2312 ssmdrv - ok 23:13:08.0113 2312 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:13:08.0175 2312 SstpSvc - ok 23:13:08.0206 2312 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 23:13:08.0222 2312 stexstor - ok 23:13:08.0284 2312 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll 23:13:08.0331 2312 StiSvc - ok 23:13:08.0362 2312 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys 23:13:08.0393 2312 swenum - ok 23:13:08.0425 2312 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll 23:13:08.0456 2312 swprv - ok 23:13:08.0487 2312 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll 23:13:08.0534 2312 SysMain - ok 23:13:08.0565 2312 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:13:08.0596 2312 TabletInputService - ok 23:13:08.0643 2312 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll 23:13:08.0705 2312 TapiSrv - ok 23:13:08.0737 2312 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll 23:13:08.0783 2312 TBS - ok 23:13:08.0846 2312 [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:13:08.0877 2312 Tcpip - ok 23:13:08.0924 2312 [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:13:08.0955 2312 TCPIP6 - ok 23:13:09.0002 2312 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:13:09.0017 2312 tcpipreg - ok 23:13:09.0033 2312 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:13:09.0049 2312 TDPIPE - ok 23:13:09.0064 2312 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:13:09.0095 2312 TDTCP - ok 23:13:09.0127 2312 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:13:09.0189 2312 tdx - ok 23:13:09.0205 2312 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys 23:13:09.0220 2312 TermDD - ok 23:13:09.0251 2312 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll 23:13:09.0298 2312 TermService - ok 23:13:09.0345 2312 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll 23:13:09.0407 2312 Themes - ok 23:13:09.0439 2312 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll 23:13:09.0454 2312 THREADORDER - ok 23:13:09.0579 2312 [ A21E58F345F337316A98C5121CBE17E8 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe 23:13:09.0595 2312 TomTomHOMEService - ok 23:13:09.0641 2312 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll 23:13:09.0688 2312 TrkWks - ok 23:13:09.0735 2312 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:13:09.0766 2312 TrustedInstaller - ok 23:13:09.0782 2312 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:13:09.0813 2312 tssecsrv - ok 23:13:09.0844 2312 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 23:13:09.0907 2312 TsUsbFlt - ok 23:13:09.0969 2312 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:13:10.0016 2312 tunnel - ok 23:13:10.0047 2312 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 23:13:10.0063 2312 uagp35 - ok 23:13:10.0094 2312 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:13:10.0125 2312 udfs - ok 23:13:10.0172 2312 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:13:10.0219 2312 UI0Detect - ok 23:13:10.0250 2312 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:13:10.0265 2312 uliagpkx - ok 23:13:10.0343 2312 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys 23:13:10.0390 2312 umbus - ok 23:13:10.0421 2312 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 23:13:10.0468 2312 UmPass - ok 23:13:10.0499 2312 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll 23:13:10.0531 2312 upnphost - ok 23:13:10.0546 2312 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:13:10.0562 2312 usbccgp - ok 23:13:10.0593 2312 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:13:10.0624 2312 usbcir - ok 23:13:10.0640 2312 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:13:10.0655 2312 usbehci - ok 23:13:10.0671 2312 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:13:10.0702 2312 usbhub - ok 23:13:10.0733 2312 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys 23:13:10.0780 2312 usbohci - ok 23:13:10.0811 2312 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 23:13:10.0843 2312 usbprint - ok 23:13:10.0905 2312 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 23:13:10.0936 2312 usbscan - ok 23:13:10.0967 2312 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:13:11.0030 2312 USBSTOR - ok 23:13:11.0045 2312 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 23:13:11.0092 2312 usbuhci - ok 23:13:11.0123 2312 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll 23:13:11.0186 2312 UxSms - ok 23:13:11.0217 2312 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe 23:13:11.0217 2312 VaultSvc - ok 23:13:11.0248 2312 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 23:13:11.0264 2312 vdrvroot - ok 23:13:11.0295 2312 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe 23:13:11.0342 2312 vds - ok 23:13:11.0373 2312 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:13:11.0389 2312 vga - ok 23:13:11.0404 2312 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys 23:13:11.0420 2312 VgaSave - ok 23:13:11.0451 2312 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 23:13:11.0467 2312 vhdmp - ok 23:13:11.0498 2312 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys 23:13:11.0513 2312 viaagp - ok 23:13:11.0545 2312 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys 23:13:11.0576 2312 ViaC7 - ok 23:13:11.0607 2312 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys 23:13:11.0623 2312 viaide - ok 23:13:11.0638 2312 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:13:11.0638 2312 volmgr - ok 23:13:11.0654 2312 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:13:11.0669 2312 volmgrx - ok 23:13:11.0685 2312 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:13:11.0701 2312 volsnap - ok 23:13:11.0763 2312 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 23:13:11.0794 2312 vsmraid - ok 23:13:11.0825 2312 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe 23:13:11.0857 2312 VSS - ok 23:13:11.0872 2312 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 23:13:11.0888 2312 vwifibus - ok 23:13:11.0935 2312 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 23:13:11.0981 2312 vwififlt - ok 23:13:12.0013 2312 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 23:13:12.0028 2312 vwifimp - ok 23:13:12.0059 2312 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll 23:13:12.0122 2312 W32Time - ok 23:13:12.0153 2312 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 23:13:12.0169 2312 WacomPen - ok 23:13:12.0215 2312 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:13:12.0262 2312 WANARP - ok 23:13:12.0262 2312 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:13:12.0278 2312 Wanarpv6 - ok 23:13:12.0309 2312 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe 23:13:12.0356 2312 wbengine - ok 23:13:12.0371 2312 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:13:12.0418 2312 WbioSrvc - ok 23:13:12.0465 2312 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll 23:13:12.0481 2312 WcesComm - ok 23:13:12.0496 2312 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:13:12.0527 2312 wcncsvc - ok 23:13:12.0559 2312 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:13:12.0621 2312 WcsPlugInService - ok 23:13:12.0652 2312 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys 23:13:12.0668 2312 Wd - ok 23:13:12.0683 2312 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:13:12.0715 2312 Wdf01000 - ok 23:13:12.0730 2312 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:13:12.0808 2312 WdiServiceHost - ok 23:13:12.0824 2312 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:13:12.0839 2312 WdiSystemHost - ok 23:13:12.0871 2312 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll 23:13:12.0917 2312 WebClient - ok 23:13:12.0949 2312 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:13:12.0980 2312 Wecsvc - ok 23:13:12.0995 2312 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:13:13.0042 2312 wercplsupport - ok 23:13:13.0058 2312 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll 23:13:13.0136 2312 WerSvc - ok 23:13:13.0167 2312 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:13:13.0229 2312 WfpLwf - ok 23:13:13.0261 2312 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:13:13.0261 2312 WIMMount - ok 23:13:13.0323 2312 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 23:13:13.0354 2312 WinDefend - ok 23:13:13.0354 2312 WinHttpAutoProxySvc - ok 23:13:13.0401 2312 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:13:13.0479 2312 Winmgmt - ok 23:13:13.0526 2312 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll 23:13:13.0588 2312 WinRM - ok 23:13:13.0651 2312 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 23:13:13.0713 2312 WinUsb - ok 23:13:13.0760 2312 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll 23:13:13.0807 2312 Wlansvc - ok 23:13:13.0885 2312 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 23:13:13.0900 2312 wlcrasvc - ok 23:13:13.0994 2312 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 23:13:14.0041 2312 wlidsvc - ok 23:13:14.0072 2312 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 23:13:14.0119 2312 WmiAcpi - ok 23:13:14.0165 2312 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:13:14.0212 2312 wmiApSrv - ok 23:13:14.0290 2312 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 23:13:14.0353 2312 WMPNetworkSvc - ok 23:13:14.0384 2312 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:13:14.0446 2312 WPCSvc - ok 23:13:14.0477 2312 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:13:14.0555 2312 WPDBusEnum - ok 23:13:14.0633 2312 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:13:14.0680 2312 ws2ifsl - ok 23:13:14.0680 2312 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll 23:13:14.0743 2312 wscsvc - ok 23:13:14.0743 2312 WSearch - ok 23:13:14.0805 2312 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 23:13:14.0852 2312 wuauserv - ok 23:13:14.0867 2312 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:13:14.0945 2312 WudfPf - ok 23:13:14.0992 2312 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:13:15.0023 2312 WUDFRd - ok 23:13:15.0070 2312 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:13:15.0086 2312 wudfsvc - ok 23:13:15.0117 2312 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll 23:13:15.0195 2312 WwanSvc - ok 23:13:15.0257 2312 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe 23:13:15.0289 2312 YahooAUService - ok 23:13:15.0289 2312 ================ Scan global =============================== 23:13:15.0351 2312 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll 23:13:15.0367 2312 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 23:13:15.0382 2312 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll 23:13:15.0429 2312 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll 23:13:15.0460 2312 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe 23:13:15.0476 2312 [Global] - ok 23:13:15.0476 2312 ================ Scan MBR ================================== 23:13:15.0491 2312 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:13:16.0427 2312 \Device\Harddisk0\DR0 - ok 23:13:16.0427 2312 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 23:13:22.0371 2312 \Device\Harddisk1\DR1 - ok 23:13:22.0371 2312 ================ Scan VBR ================================== 23:13:22.0371 2312 [ A96290B5401C2DA5A08BB9471D76D503 ] \Device\Harddisk0\DR0\Partition1 23:13:22.0371 2312 \Device\Harddisk0\DR0\Partition1 - ok 23:13:22.0387 2312 [ 046BBD7303F14EB983A3F0C302651470 ] \Device\Harddisk0\DR0\Partition2 23:13:22.0387 2312 \Device\Harddisk0\DR0\Partition2 - ok 23:13:22.0418 2312 [ 376B50B18DD730F4A63E4B8227F4638C ] \Device\Harddisk0\DR0\Partition3 23:13:22.0418 2312 \Device\Harddisk0\DR0\Partition3 - ok 23:13:22.0433 2312 [ C63C0C92F43797AD576ADAC2FE17B860 ] \Device\Harddisk1\DR1\Partition1 23:13:22.0433 2312 \Device\Harddisk1\DR1\Partition1 - ok 23:13:22.0433 2312 ============================================================ 23:13:22.0433 2312 Scan finished 23:13:22.0433 2312 ============================================================ 23:13:22.0449 1964 Detected object count: 2 23:13:22.0449 1964 Actual detected object count: 2 |
|
13.06.2013, 22:33
| #14 |
| /// Malware-holic | delta search Hi, passt Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
14.06.2013, 08:23
| #15 |
| | delta search Guten Morgen, Gestern ist es spät geworden und es hat auch nicht richtig funktioniert. Hier die heutigen Daten und noch einmal vielen Dank. Combofix Logfile: Code:
ATTFilter ComboFix 13-06-13.01 - Karola 4.Jun.2013 7:44.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3071.1978 [GMT 2:00]
ausgeführt von:: c:\users\Karola\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\windows\system32\roboot.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_BrowserDefendert
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-14 bis 2013-06-14 ))))))))))))))))))))))))))))))
.
.
2013-06-14 05:50 . 2013-06-14 05:50 -------- d-----w- c:\users\Rolf\AppData\Local\temp
2013-06-14 05:50 . 2013-06-14 05:50 -------- d-----w- c:\users\Jana\AppData\Local\temp
2013-06-14 05:50 . 2013-06-14 05:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-14 05:25 . 2013-06-14 07:16 -------- d-----w- c:\users\Karola\AppData\Local\temp
2013-06-13 20:50 . 2013-06-13 20:50 -------- d-----w- c:\users\Karola\AppData\Roaming\holasearch
2013-06-13 20:50 . 2013-06-13 20:50 -------- d-----w- c:\program files\holasearch
2013-06-13 20:50 . 2013-06-14 05:42 -------- d-----w- c:\users\Karola\AppData\Roaming\PerformerSoft
2013-06-13 20:50 . 2013-06-13 20:50 -------- d-----w- c:\programdata\IBUpdaterService
2013-06-13 20:50 . 2013-06-13 20:50 -------- d-----w- c:\users\Karola\AppData\Roaming\File Scout
2013-06-13 20:39 . 2013-06-13 20:39 -------- d-----w- c:\program files\7-Zip
2013-06-13 20:39 . 2013-06-13 21:51 -------- d-----w- c:\program files\XingHaoLyrics
2013-06-13 20:39 . 2013-06-13 20:39 -------- d-----w- c:\users\Karola\AppData\Roaming\Delta
2013-06-13 20:39 . 2013-06-13 20:39 -------- d-----w- c:\program files\Delta
2013-06-13 20:38 . 2013-06-13 20:38 -------- d-----w- c:\program files\FilesFrog Update Checker
2013-06-13 16:47 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\system32\d3d11.dll
2013-06-13 16:47 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-13 16:47 . 2013-04-26 04:55 492544 ----a-w- c:\windows\system32\win32spl.dll
2013-06-13 16:47 . 2013-05-13 04:45 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-13 16:47 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\system32\crypt32.dll
2013-06-13 16:47 . 2013-05-13 04:45 103936 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-13 16:47 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2013-06-13 16:47 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2013-06-13 16:47 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-13 16:46 . 2013-05-06 05:06 3968872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-06-13 16:46 . 2013-05-06 05:06 3913576 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-06-13 16:46 . 2013-05-08 05:38 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-13 16:43 . 2013-06-08 11:41 218112 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-06-13 16:43 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-11 15:32 . 2013-06-11 15:32 -------- d-----w- c:\programdata\EA Core
2013-06-11 15:27 . 2013-06-11 15:27 -------- d-----w- c:\program files\Origin Games
2013-06-11 15:23 . 2013-06-11 15:23 -------- d-----w- c:\users\Karola\AppData\Local\Origin
2013-06-11 15:23 . 2013-06-11 15:23 -------- d-----w- c:\users\Karola\AppData\Roaming\Origin
2013-06-11 15:23 . 2013-06-13 15:29 -------- d-----w- c:\programdata\Origin
2013-06-11 15:23 . 2013-06-13 15:29 -------- d-----w- c:\program files\Origin
2013-06-11 15:21 . 2013-06-11 15:23 -------- d-----w- c:\programdata\Electronic Arts
2013-06-11 15:18 . 2013-06-11 15:18 -------- d-----w- c:\program files\Microsoft WSE
2013-06-11 15:05 . 2013-06-11 15:23 -------- d-----w- c:\program files\Electronic Arts
2013-06-10 18:12 . 2013-06-13 16:35 -------- d-----w- c:\program files\VideoSaver
2013-06-10 18:12 . 2013-06-13 15:29 -------- d-----w- c:\programdata\BrowserDefender
2013-06-10 18:11 . 2013-06-13 16:35 -------- d-----w- c:\users\Karola\AppData\Roaming\WebCake
2013-06-10 18:11 . 2013-06-13 16:35 -------- d-----w- c:\program files\WebCake
2013-06-10 18:11 . 2013-06-13 15:29 -------- d-----w- c:\programdata\Tarma Installer
2013-05-28 21:08 . 2013-05-28 21:08 -------- d-----w- c:\users\Karola\AppData\Roaming\UClick
2013-05-28 21:08 . 2013-05-28 21:08 -------- d-----w- c:\programdata\UClick
2013-05-28 17:49 . 2013-05-28 17:49 -------- d-----w- c:\programdata\Visan
2013-05-28 17:49 . 2013-05-28 17:49 -------- d-----w- c:\programdata\HP Photo Creations
2013-05-28 17:49 . 2013-05-28 17:49 -------- d-----w- c:\program files\HP Photo Creations
2013-05-28 17:19 . 2013-05-28 17:19 -------- d-----w- c:\programdata\Fugazo
2013-05-27 17:51 . 2013-05-27 17:51 -------- d-----w- c:\users\Karola\AppData\Roaming\casanova
2013-05-15 13:08 . 2013-03-19 04:53 186368 ----a-w- c:\windows\system32\wwansvc.dll
2013-05-15 13:08 . 2013-03-19 03:33 40960 ----a-w- c:\windows\system32\wwanprotdim.dll
2013-05-15 13:08 . 2013-04-10 03:14 2347520 ----a-w- c:\windows\system32\win32k.sys
2013-05-15 13:08 . 2013-04-10 05:18 728424 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-15 13:08 . 2013-04-10 05:18 218984 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-15 13:08 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
2013-05-15 13:08 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\system32\authui.dll
2013-05-15 13:08 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 15:12 . 2011-03-28 16:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-07 14:52 . 2013-05-07 14:52 66656 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2013-04-30 05:41 . 2013-04-30 05:41 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-04-30 05:41 . 2013-04-30 05:41 523264 ----a-w- c:\windows\system32\vbscript.dll
2013-04-30 05:41 . 2013-04-30 05:41 185344 ----a-w- c:\windows\system32\elshyph.dll
2013-04-30 05:41 . 2013-04-30 05:41 158720 ----a-w- c:\windows\system32\msls31.dll
2013-04-30 05:41 . 2013-04-30 05:41 150528 ----a-w- c:\windows\system32\iexpress.exe
2013-04-30 05:41 . 2013-04-30 05:41 138752 ----a-w- c:\windows\system32\wextract.exe
2013-04-30 05:41 . 2013-04-30 05:41 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2013-04-30 05:41 . 2013-04-30 05:41 12800 ----a-w- c:\windows\system32\mshta.exe
2013-04-30 05:41 . 2013-04-30 05:41 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-04-30 05:41 . 2013-04-30 05:41 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-04-30 05:41 . 2013-04-30 05:41 61952 ----a-w- c:\windows\system32\tdc.ocx
2013-04-30 05:41 . 2013-04-30 05:41 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-04-30 05:41 . 2013-04-30 05:41 38400 ----a-w- c:\windows\system32\imgutil.dll
2013-04-30 05:41 . 2013-04-30 05:41 361984 ----a-w- c:\windows\system32\html.iec
2013-04-30 05:41 . 2013-04-30 05:41 23040 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-30 05:41 . 2013-04-30 05:41 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2013-04-30 05:41 . 2013-04-30 05:41 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-04-30 05:40 . 2013-04-30 05:40 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 906240 ----a-w- c:\windows\system32\FntCache.dll
2013-04-30 05:40 . 2013-04-30 05:40 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2013-04-30 05:40 . 2013-04-30 05:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-04-30 05:40 . 2013-04-30 05:40 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-04-30 05:40 . 2013-04-30 05:40 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 3419136 ----a-w- c:\windows\system32\d2d1.dll
2013-04-30 05:40 . 2013-04-30 05:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 293376 ----a-w- c:\windows\system32\dxgi.dll
2013-04-30 05:40 . 2013-04-30 05:40 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-04-30 05:40 . 2013-04-30 05:40 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-04-30 05:40 . 2013-04-30 05:40 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-04-30 05:40 . 2013-04-30 05:40 220160 ----a-w- c:\windows\system32\d3d10core.dll
2013-04-30 05:40 . 2013-04-30 05:40 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-04-30 05:40 . 2013-04-30 05:40 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2013-04-30 05:40 . 2013-04-30 05:40 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2013-04-30 05:40 . 2013-04-30 05:40 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2013-04-30 05:40 . 2013-04-30 05:40 1247744 ----a-w- c:\windows\system32\DWrite.dll
2013-04-30 05:40 . 2013-04-30 05:40 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2013-04-30 05:40 . 2013-04-30 05:40 1080832 ----a-w- c:\windows\system32\d3d10.dll
2013-04-30 05:40 . 2013-04-30 05:40 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-04-13 04:45 . 2013-05-15 13:08 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 13:08 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-23 17:44 1211752 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-30 08:37 . 2013-02-24 09:13 84744 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-30 08:37 . 2013-02-24 09:13 37352 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-30 08:37 . 2013-02-24 09:13 135136 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-19 04:48 . 2013-04-10 09:54 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:49 . 2013-04-10 09:54 69632 ----a-w- c:\windows\system32\smss.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1492456]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn2\yt.dll" [2012-01-12 1517368]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"MyPhoneExplorer"="c:\program files\MyPhoneExplorer\MyPhoneExplorer.exe" [2012-08-10 4853464]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-12 39408]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-02-12 248208]
"SDP"="c:\program files\FilesFrog Update Checker\update_checker.exe" [2013-01-31 201808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-04-07 8555040]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395240]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-02-16 114992]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"MediaSyncAgent"="c:\program files\CyberLink\MediaSync\MediaSyncAgent.exe" [2012-12-27 375168]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
.
c:\users\Karola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
phase-6 Reminder.lnk - c:\program files\phase-6\phase-6\reminder\reminder.exe [2012-7-17 724992]
WISO Bewerbung-Reminder.lnk - c:\program files\WISO\Bewerbung\KCReminder.exe [2009-4-28 1241944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\BROWSE~2\261339~1.144\{C16C1~1\BrowserDefender.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\setup\disabledrunkeys]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
.
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-05-26 191752]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [2009-09-22 579072]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-30 37352]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 176128]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2013-03-30 86752]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [2011-03-10 249648]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2013-02-12 93072]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 579944]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 194408]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 21864]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 19304]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - BdSpy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-14 05:58 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:40]
.
2013-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-10-12 18:40]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?affID=110231&tt=5212_2&babsrc=HP_ss&mntrId=5ef7949100000000000074f06d53fe49
IE: An OneNote s&enden - c:\progra~1\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
Trusted Zone: pytalhost.de\www.tc-sepia-re
Trusted Zone: tc-sepia-re.de\www
TCP: DhcpNameServer = 192.168.0.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-Spiele Post - c:\program files\OXXOGames\GPlayer\GameCenterNotifier.exe
HKCU-Run-Alamandi tray notifier - c:\program files\DEUTSCHLAND SPIELT\Alamandi\TaskBarNotifier.exe
AddRemove-PricePeep - c:\program files\PricePeep\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.alb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FotoManager10Deluxe.8.alb"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Microsoft Office\Office14\ONENOTEM.EXE
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-14 09:17:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-06-14 07:17
.
Vor Suchlauf: 17 Verzeichnis(se), 868.305.494.016 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 868.171.251.712 Bytes frei
.
- - End Of File - - 9F6DAA7AA686260FD7F4B1C746F4ABBD
A36C5E4F47E84449FF07ED3517B43A31 |
|
| Themen zu delta search |
| anfänger, betriebssystem, deinstallieren, delta, delta search entfernen, film, google, helft, interne, internet, loswerden, löschen, neues, nicht mehr, outlook, rechner, richtig, search, systems, systemsteuerung, thema, virus, virus?, window, window 7, youtube, öffnen |
WARNUNG an die MITLESER: 
Linear-Darstellung
