| |
| |||||||
Log-Analyse und Auswertung: GVU Win7 64 Bit JS Agent 480412Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.06.2013, 17:18
| #1 |
 |  GVU Win7 64 Bit JS Agent 480412 Hallo, wer kann mir helfen? Win7 64 bit habe mir JS Agent 480412 eingefangen. PC fährt bis zur Anmeldung hoch. Nach erfolgreicher Anmeldung ist der PC gesperrt. Habe den Netzstecker gezogen und im abgesicherten Modus gestartet. Habe Antivir laufen lassen und den Virus gefunden, in Quarantäne gesetzt und gelöscht. Ein Neustart hat keine Freigabe ergeben. Habe erneut im abgesicherten Modus über USB-Stick OTL auf dem Desktop installiert und laufen lassen. Ergebnis setze ich rein. Habe hier auch schon im Forum ein paar Dinge gelesen, aber das sind alles für mich böhmische Dörfer. was muss ich tun? |
|
16.06.2013, 17:21
| #2 |
| | GVU Win7 64 Bit JS Agent 480412 Dateianhänge
__________________Extras von OTL hängt an. OTL ist zu groß also so:OTL Logfile: Code:
ATTFilter OTL logfile created on: 6/16/2013 5:43:48 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4.00 Gb Total Physical Memory | 3.29 Gb Available Physical Memory | 82.31% Memory free 8.00 Gb Paging File | 7.44 Gb Available in Paging File | 93.04% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 1366.17 Gb Total Space | 1187.50 Gb Free Space | 86.92% Space Free | Partition Type: NTFS Drive D: | 30.00 Gb Total Space | 10.38 Gb Free Space | 34.59% Space Free | Partition Type: NTFS Drive I: | 242.78 Mb Total Space | 242.00 Mb Free Space | 99.68% Space Free | Partition Type: FAT32 Computer Name: THOMAS-PC | User Name: Thomas | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/06/16 17:41:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2010/11/11 04:51:20 | 000,203,264 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/09/23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/05/20 16:26:28 | 000,199,536 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc) SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV - [2013/06/15 13:25:23 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013/05/10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013/03/29 12:46:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013/03/29 12:45:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013/02/15 20:08:42 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013/02/05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService) SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2007/07/24 12:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013/03/29 12:46:14 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2013/03/29 12:46:14 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2013/03/29 12:46:14 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012/12/13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/11/25 07:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su) DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/19 20:34:00 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010/11/19 20:34:00 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010/11/11 06:23:44 | 008,123,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010/11/11 04:16:24 | 000,288,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/09/24 14:46:32 | 000,116,752 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2010/06/17 11:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) DRV:64bit: - [2010/06/14 11:41:10 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2010/05/20 16:26:28 | 002,060,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VX1000.sys -- (VX1000) DRV:64bit: - [2010/05/15 00:04:16 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010/05/15 00:04:16 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{3D26BA28-805B-4F8D-A50A-F168F70987A6}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=41c8a23b-203d-11e1-af70-6c626db757f8&q={searchTerms} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.kicker.de/ IE - HKCU\..\SearchScopes,DefaultScope = {3D26BA28-805B-4F8D-A50A-F168F70987A6} IE - HKCU\..\SearchScopes\{0CB1FEAF-38CD-4FB3-A35C-C4513A6E29C1}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{16F024D2-0157-4667-93ED-391A1E29AC97}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=ba2af5b4-f7d2-4fc2-963c-d82bdd8aff2a&apn_sauid=E89EC699-0108-4812-A723-C20D34A7F756 IE - HKCU\..\SearchScopes\{2402FBF3-B685-4D0B-9840-3373593CCE08}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_de IE - HKCU\..\SearchScopes\{38A500A6-68E9-4B6E-BE4B-8E7D1508DDC5}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{3D26BA28-805B-4F8D-A50A-F168F70987A6}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_de IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{B904E805-4FAF-465B-BB0A-3A95232C1ACE}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} IE - HKCU\..\SearchScopes\{C1DA689F-69BB-426F-AF75-05FD44BF9A54}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Ask.com" FF - prefs.js..browser.startup.homepage: "hxxp://startsear.ch/?aff=1&cf=41c8a23b-203d-11e1-af70-6c626db757f8" FF - prefs.js..extensions.enabledAddons: %7B3697b17c-b572-4862-a5e6-7f922c0f3403%7D:1.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF - prefs.js..keyword.URL: "hxxp://startsear.ch/?aff=1&src=sp&cf=41c8a23b-203d-11e1-af70-6c626db757f8&q=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/06/15 18:16:26 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/06/15 18:16:26 | 000,000,000 | ---D | M] [2011/02/04 11:58:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions [2013/02/17 13:12:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\muatpvud.default\extensions [2011/12/06 21:05:48 | 000,000,000 | ---D | M] (VshareComplete - Speed up your search with your personal search suggestions tool) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\muatpvud.default\extensions\{3697b17c-b572-4862-a5e6-7f922c0f3403} [2011/10/13 17:19:44 | 000,000,855 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\1und1-suche.xml [2011/10/10 15:27:30 | 000,001,281 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\amazondotcom-de.xml [2012/01/03 17:27:44 | 000,002,333 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\askcom.xml [2011/10/10 14:59:22 | 000,002,364 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\eBay-de.xml [2011/10/13 17:01:56 | 000,010,507 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\gmx-suche.xml [2011/10/10 15:12:38 | 000,002,385 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\lastminute.xml [2011/10/13 17:34:10 | 000,002,248 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\mailcom-search.xml [2011/07/11 20:04:02 | 000,000,633 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\startsear.xml [2011/10/13 15:07:08 | 000,005,490 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\muatpvud.default\searchplugins\webde-suche.xml [2013/02/15 20:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013/06/09 18:31:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions [2013/06/09 18:31:35 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/06/09 18:31:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions [2013/06/09 18:31:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013/02/15 20:08:42 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/10/03 11:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll [2012/07/06 08:43:39 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012/09/23 17:58:15 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012/07/06 08:43:39 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012/07/06 08:43:39 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012/07/06 08:43:39 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012/07/06 08:43:39 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://startsear.ch/?aff=1&cf=41c8a23b-203d-11e1-af70-6c626db757f8 O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (VshareComplete) - {08337871-0e50-4031-9110-3bd21ca3c065} - C:\Users\Thomas\AppData\Roaming\VshareComplete\64\VshareComplete64.dll (SimplyGen) O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.) O4:64bit: - HKLM..\Run: [JAVA] C:\Windows\java.vbs () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation) O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe /systray File not found O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKCU..\Run: [ctfmon.exe] C:\ProgramData\do3bo.dat () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1FC4AE18-1088-4A4E-A5C3-01A88EF86339}: DhcpNameServer = 192.168.2.1 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{968D1D2D-689F-407A-9952-71D7A2706EF2}: NameServer = 192.168.1.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/06/16 17:43:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe [2013/06/16 09:54:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{97DD285F-B02C-4733-A0FF-0A63A153B4CB} [2013/06/15 20:34:56 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/06/15 20:34:55 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/06/15 18:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013/06/15 18:16:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013/06/15 18:16:01 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013/06/15 13:06:42 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe [2013/06/13 06:52:49 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{06D7CB6E-43EF-4F80-8F13-A3F5CA61D29F} [2013/06/12 07:04:05 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/06/12 07:04:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/06/12 07:04:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/06/12 07:04:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/06/12 07:04:05 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/06/12 07:04:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/06/12 07:04:05 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/06/12 07:04:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/06/12 07:04:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/06/12 07:04:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/06/12 07:04:03 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/06/12 07:04:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/06/12 07:04:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/06/12 06:51:34 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013/06/12 06:51:34 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013/06/12 06:51:27 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013/06/12 06:51:27 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013/06/12 06:51:23 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013/06/12 06:51:21 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013/06/12 06:51:21 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013/06/12 06:51:21 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013/06/12 06:51:20 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013/06/12 06:51:20 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013/06/12 06:51:20 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013/06/12 06:51:17 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013/06/12 06:51:17 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013/06/11 06:41:39 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{37911CA9-5F0F-4580-8CF9-E6FAC55EAD08} [2013/06/09 11:46:16 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{17761DB9-1A27-4542-8A76-6A84F461CDAC} [2013/06/09 10:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013/06/09 10:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013/06/09 10:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013/06/09 10:01:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013/06/09 10:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013/06/09 09:45:12 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{DAD18636-F15B-4C97-B740-7C3CB7DB0009} [2013/06/02 19:36:36 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{17568C77-2B1B-49B4-87C6-DB61D995362B} [2013/06/02 10:25:33 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{8650BA22-13E0-4A5C-95E7-CA37B084309F} [2013/05/30 13:56:00 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{031E4B7B-C6FD-4C9E-B015-F497CF85E8AD} [2013/05/26 18:23:12 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{DEC882C7-6E3F-4434-8F28-6FE07758EC5C} [2013/05/25 15:19:42 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{5F11BB7C-FBB8-4947-B562-16F57511654B} [2013/05/25 15:09:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013/05/25 15:09:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013/05/25 15:09:52 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013/05/25 15:09:49 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013/05/25 15:09:49 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013/05/25 15:09:43 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013/05/25 15:09:43 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013/05/25 15:09:43 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013/05/25 15:09:43 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013/05/25 15:09:43 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013/05/25 15:09:43 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013/05/25 15:09:43 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013/05/25 15:09:43 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013/05/25 15:09:43 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013/05/25 15:09:43 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013/05/25 15:09:43 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013/05/25 15:09:43 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013/05/25 15:09:43 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013/05/25 15:09:43 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013/05/25 15:09:42 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013/05/25 15:09:42 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013/05/25 15:09:42 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013/05/25 15:09:42 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013/05/25 15:09:42 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013/05/25 15:08:41 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013/05/25 14:46:27 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/05/25 14:46:27 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/05/25 14:46:27 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/05/25 14:46:26 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/05/25 14:46:26 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/05/25 14:46:26 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/05/25 14:46:26 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/05/25 14:46:26 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/05/25 14:46:26 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/05/25 14:46:26 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/05/25 14:46:26 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/05/25 14:46:26 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/05/25 14:46:26 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/05/25 14:46:26 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/05/25 14:46:26 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/05/25 14:46:26 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/05/25 14:46:26 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/05/25 14:46:26 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/05/25 14:46:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/05/25 14:46:26 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/05/25 14:46:26 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/05/25 14:46:26 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/05/25 14:46:26 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/05/25 14:46:26 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/05/25 14:46:26 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/05/25 14:46:26 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/05/25 14:46:26 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/05/25 14:46:26 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/05/25 14:46:26 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/05/25 14:46:26 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/05/25 14:46:26 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/05/25 14:46:26 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/05/25 14:46:26 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/05/25 14:46:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/05/25 14:46:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/05/25 14:46:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/05/25 14:46:26 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/05/25 14:46:26 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/05/25 14:46:26 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/05/25 14:46:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/05/25 14:46:26 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/05/25 14:46:25 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/05/25 14:46:25 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/05/25 14:46:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/05/25 14:46:25 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/05/25 14:46:25 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/05/25 14:46:25 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/05/25 14:46:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/05/25 14:46:25 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/05/25 14:46:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/05/25 14:46:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/05/25 14:46:25 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/05/25 14:46:25 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/05/25 14:44:56 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/05/25 14:44:56 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/05/25 14:44:56 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/05/25 14:44:56 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/05/25 14:44:56 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/05/25 14:44:56 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/05/25 14:44:56 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/05/25 14:44:56 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/05/25 14:44:56 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/05/25 14:44:56 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/05/25 14:44:56 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/05/25 14:44:56 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/05/25 14:44:56 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/25 14:44:56 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/25 14:44:56 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/25 14:44:56 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/25 14:44:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/25 14:44:56 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/25 14:44:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/25 14:44:56 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/25 14:44:56 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/25 14:44:55 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/05/25 14:44:55 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/05/25 14:44:55 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/05/25 14:44:55 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/05/25 14:44:55 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/05/25 14:44:55 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/05/25 14:44:55 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/05/25 14:44:55 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/05/25 14:23:19 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013/05/25 14:23:19 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013/05/25 14:23:08 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013/05/25 14:23:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013/05/25 14:23:07 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013/05/25 14:23:07 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013/05/25 14:23:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013/05/25 14:19:48 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013/05/25 14:13:54 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\{D7F27CDD-21A8-49B6-BC09-B8F9374AD3B7} [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/06/16 17:46:07 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/06/16 17:46:07 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/06/16 17:46:07 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/06/16 17:46:07 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/06/16 17:46:07 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/06/16 17:41:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe [2013/06/16 17:31:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/16 17:30:55 | 3220,664,320 | -HS- | M] () -- C:\hiberfil.sys [2013/06/16 17:29:47 | 095,023,320 | ---- | M] () -- C:\ProgramData\ob3od.pad [2013/06/16 17:29:36 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/06/16 17:15:21 | 000,002,608 | ---- | M] () -- C:\ProgramData\ob3od.js [2013/06/16 14:40:36 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat [2013/06/16 10:00:03 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/16 10:00:03 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/15 20:25:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/06/15 20:20:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/15 13:25:23 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/06/15 13:25:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/06/15 13:11:12 | 000,000,032 | ---- | M] () -- C:\Windows\Menu.INI [2013/06/15 13:06:51 | 000,001,027 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk [2013/06/15 13:06:47 | 000,000,151 | ---- | M] () -- C:\ProgramData\ob3od.reg [2013/06/15 13:06:47 | 000,000,055 | ---- | M] () -- C:\ProgramData\ob3od.bat [2013/06/15 13:06:42 | 000,167,936 | ---- | M] () -- C:\ProgramData\do3bo.dat [2013/06/15 13:06:42 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\ProgramData\rundll32.exe [2013/06/09 10:02:13 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/06/08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/06/08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/05/25 15:10:38 | 000,362,029 | ---- | M] () -- C:\Windows\SysWow64\sqlite3.dll [2013/05/25 14:59:48 | 000,322,288 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/25 14:46:27 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/05/25 14:46:27 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/05/25 14:46:27 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/05/25 14:46:27 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/05/25 14:46:26 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/05/25 14:46:26 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/05/25 14:46:26 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/05/25 14:46:26 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/05/25 14:46:26 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/05/25 14:46:26 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/05/25 14:46:26 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/05/25 14:46:26 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/05/25 14:46:26 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/05/25 14:46:26 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/05/25 14:46:26 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/05/25 14:46:26 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/05/25 14:46:26 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/05/25 14:46:26 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/05/25 14:46:26 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/05/25 14:46:26 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/05/25 14:46:26 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/05/25 14:46:26 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/05/25 14:46:26 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/05/25 14:46:26 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/05/25 14:46:26 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/05/25 14:46:26 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/05/25 14:46:26 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/05/25 14:46:26 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/05/25 14:46:26 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/05/25 14:46:26 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/05/25 14:46:26 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/05/25 14:46:26 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/05/25 14:46:26 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/05/25 14:46:26 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/05/25 14:46:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/05/25 14:46:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/05/25 14:46:26 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/05/25 14:46:26 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/05/25 14:46:26 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/05/25 14:46:26 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/25 14:46:26 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/05/25 14:46:26 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/05/25 14:46:26 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/05/25 14:46:25 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/05/25 14:46:25 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/05/25 14:46:25 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/05/25 14:46:25 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/05/25 14:46:25 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/05/25 14:46:25 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/05/25 14:46:25 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/05/25 14:46:25 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/05/25 14:46:25 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/05/25 14:46:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/05/25 14:46:25 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/05/25 14:46:25 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/05/25 14:44:56 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013/05/25 14:44:56 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013/05/25 14:44:56 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013/05/25 14:44:56 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013/05/25 14:44:56 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013/05/25 14:44:56 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013/05/25 14:44:56 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013/05/25 14:44:56 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013/05/25 14:44:56 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013/05/25 14:44:56 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013/05/25 14:44:56 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013/05/25 14:44:56 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013/05/25 14:44:56 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/25 14:44:56 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013/05/25 14:44:56 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/25 14:44:56 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/25 14:44:56 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013/05/25 14:44:56 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/25 14:44:56 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/25 14:44:56 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/25 14:44:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013/05/25 14:44:56 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/25 14:44:56 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013/05/25 14:44:55 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013/05/25 14:44:55 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013/05/25 14:44:55 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013/05/25 14:44:55 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013/05/25 14:44:55 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013/05/25 14:44:55 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013/05/25 14:44:55 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013/05/25 14:44:55 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013/05/25 14:19:31 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/06/16 17:15:21 | 000,002,608 | ---- | C] () -- C:\ProgramData\ob3od.js [2013/06/16 14:40:36 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat [2013/06/15 13:11:12 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI [2013/06/15 13:06:51 | 000,001,027 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk [2013/06/15 13:06:47 | 000,000,151 | ---- | C] () -- C:\ProgramData\ob3od.reg [2013/06/15 13:06:47 | 000,000,055 | ---- | C] () -- C:\ProgramData\ob3od.bat [2013/06/15 13:06:46 | 095,023,320 | ---- | C] () -- C:\ProgramData\ob3od.pad [2013/06/15 13:06:42 | 000,167,936 | ---- | C] () -- C:\ProgramData\do3bo.dat [2013/06/09 10:02:13 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013/05/25 15:10:38 | 000,362,029 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll [2013/05/25 14:46:26 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/25 14:46:26 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012/01/22 15:03:15 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012/01/22 15:03:15 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011/07/09 15:37:39 | 000,107,900 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat [2011/05/04 20:15:10 | 000,007,612 | ---- | C] () -- C:\Users\Thomas\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2013/06/02 10:38:41 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R6WYQ64.132\Deutsche Pokale\DFB-Pokal\L [2013/06/02 10:44:45 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R6WYQ64.132\Nationalmannschaft\Spieler\Deutschland\L [2013/06/02 10:44:45 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R6WYQ64.132\Nationalmannschaft\Spieler\Deutschland\N [2013/06/02 10:44:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R6WYQ64.132\Nationalmannschaft\Spieler\Frankreich\L [2013/06/02 10:44:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R6WYQ64.132\Nationalmannschaft\Spieler\Polen\L [2013/01/06 12:16:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R8714Z4.13\Deutsche Pokale\DFB-Pokal\L [2013/01/06 12:22:51 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R8714Z4.13\Nationalmannschaft\Spieler\Deutschland\L [2013/01/06 12:22:51 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R8714Z4.13\Nationalmannschaft\Spieler\Deutschland\N [2013/01/06 12:22:51 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R8714Z4.13\Nationalmannschaft\Spieler\Frankreich\L [2013/01/06 12:22:52 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R8714Z4.13\Nationalmannschaft\Spieler\Polen\L [2012/01/22 18:32:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R9TQPB8.12\Deutsche Pokale\DFB-Pokal\L [2012/01/22 18:37:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R9TQPB8.12\Nationalmannschaft\Spieler\Deutschland\L [2012/01/22 18:37:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R9TQPB8.12\Nationalmannschaft\Spieler\Deutschland\N [2012/01/22 18:37:39 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R9TQPB8.12\Nationalmannschaft\Spieler\Frankreich\L [2012/01/22 18:37:40 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$R9TQPB8.12\Nationalmannschaft\Spieler\Polen\L [2012/12/02 13:41:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RA87IH9.12\Deutsche Pokale\DFB-Pokal\L [2012/12/02 13:46:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RA87IH9.12\Nationalmannschaft\Spieler\Deutschland\L [2012/12/02 13:46:59 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RA87IH9.12\Nationalmannschaft\Spieler\Deutschland\N [2012/12/02 13:47:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RA87IH9.12\Nationalmannschaft\Spieler\Frankreich\L [2012/12/02 13:47:00 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RA87IH9.12\Nationalmannschaft\Spieler\Polen\L [2011/03/16 21:33:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBBWMZY.2011\Deutsche Pokale\DFB-Pokal\L [2011/03/16 21:38:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBBWMZY.2011\Nationalmannschaft\Spieler\Deutschland\L [2011/03/16 21:38:48 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBBWMZY.2011\Nationalmannschaft\Spieler\Deutschland\N [2011/03/16 21:38:49 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBBWMZY.2011\Nationalmannschaft\Spieler\Frankreich\L [2011/03/16 21:38:49 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBBWMZY.2011\Nationalmannschaft\Spieler\Polen\L [2012/06/10 17:31:16 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBC1KNU.12\Deutsche Pokale\DFB-Pokal\L [2012/06/10 17:37:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBC1KNU.12\Nationalmannschaft\Spieler\Deutschland\L [2012/06/10 17:37:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBC1KNU.12\Nationalmannschaft\Spieler\Deutschland\N [2012/06/10 17:37:23 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBC1KNU.12\Nationalmannschaft\Spieler\Frankreich\L [2012/06/10 17:37:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RBC1KNU.12\Nationalmannschaft\Spieler\Polen\L [2011/08/28 12:27:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHELV7S.2011\Deutsche Pokale\DFB-Pokal\L [2011/08/28 12:32:53 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHELV7S.2011\Nationalmannschaft\Spieler\Deutschland\L [2011/08/28 12:32:53 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHELV7S.2011\Nationalmannschaft\Spieler\Deutschland\N [2011/08/28 12:32:53 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHELV7S.2011\Nationalmannschaft\Spieler\Frankreich\L [2011/08/28 12:32:54 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHELV7S.2011\Nationalmannschaft\Spieler\Polen\L [2012/04/07 08:28:57 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHUF4DA.12\Deutsche Pokale\DFB-Pokal\L [2012/04/07 08:35:06 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHUF4DA.12\Nationalmannschaft\Spieler\Deutschland\L [2012/04/07 08:35:06 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHUF4DA.12\Nationalmannschaft\Spieler\Deutschland\N [2012/04/07 08:35:06 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHUF4DA.12\Nationalmannschaft\Spieler\Frankreich\L [2012/04/07 08:35:07 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RHUF4DA.12\Nationalmannschaft\Spieler\Polen\L [2011/06/14 21:37:56 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RKRK8XR.2011\Deutsche Pokale\DFB-Pokal\L [2011/06/14 21:42:42 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RKRK8XR.2011\Nationalmannschaft\Spieler\Deutschland\L [2011/06/14 21:42:42 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RKRK8XR.2011\Nationalmannschaft\Spieler\Deutschland\N [2011/06/14 21:42:42 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RKRK8XR.2011\Nationalmannschaft\Spieler\Frankreich\L [2011/06/14 21:42:43 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RKRK8XR.2011\Nationalmannschaft\Spieler\Polen\L [2013/02/12 09:14:44 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RN1RFKL.13\Deutsche Pokale\DFB-Pokal\L [2013/02/12 09:20:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RN1RFKL.13\Nationalmannschaft\Spieler\Deutschland\L [2013/02/12 09:20:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RN1RFKL.13\Nationalmannschaft\Spieler\Deutschland\N [2013/02/12 09:20:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RN1RFKL.13\Nationalmannschaft\Spieler\Frankreich\L [2013/02/12 09:20:37 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RN1RFKL.13\Nationalmannschaft\Spieler\Polen\L [2011/04/30 12:25:24 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RO1QA6P.2011\Deutsche Pokale\DFB-Pokal\L [2011/04/30 12:37:34 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RO1QA6P.2011\Nationalmannschaft\Spieler\Deutschland\L [2011/04/30 12:37:34 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RO1QA6P.2011\Nationalmannschaft\Spieler\Deutschland\N [2011/04/30 12:37:35 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RO1QA6P.2011\Nationalmannschaft\Spieler\Frankreich\L [2011/04/30 12:37:36 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RO1QA6P.2011\Nationalmannschaft\Spieler\Polen\L [2012/02/20 12:14:27 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RP7395E.12\Deutsche Pokale\DFB-Pokal\L [2012/02/20 12:19:35 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RP7395E.12\Nationalmannschaft\Spieler\Deutschland\L [2012/02/20 12:19:35 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RP7395E.12\Nationalmannschaft\Spieler\Deutschland\N [2012/02/20 12:19:36 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RP7395E.12\Nationalmannschaft\Spieler\Frankreich\L [2012/02/20 12:19:36 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RP7395E.12\Nationalmannschaft\Spieler\Polen\L [2011/10/23 17:44:04 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RU78IPW.2011\Deutsche Pokale\DFB-Pokal\L [2011/10/23 17:49:09 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RU78IPW.2011\Nationalmannschaft\Spieler\Deutschland\L [2011/10/23 17:49:09 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RU78IPW.2011\Nationalmannschaft\Spieler\Deutschland\N [2011/10/23 17:49:09 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RU78IPW.2011\Nationalmannschaft\Spieler\Frankreich\L [2011/10/23 17:49:10 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RU78IPW.2011\Nationalmannschaft\Spieler\Polen\L [2012/09/16 14:39:33 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RVQHMNJ.12\Deutsche Pokale\DFB-Pokal\L [2012/09/16 14:45:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RVQHMNJ.12\Nationalmannschaft\Spieler\Deutschland\L [2012/09/16 14:45:46 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RVQHMNJ.12\Nationalmannschaft\Spieler\Deutschland\N [2012/09/16 14:45:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RVQHMNJ.12\Nationalmannschaft\Spieler\Frankreich\L [2012/09/16 14:45:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RVQHMNJ.12\Nationalmannschaft\Spieler\Polen\L [2012/10/31 09:13:47 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RWY5QH3.12\Deutsche Pokale\DFB-Pokal\L [2012/10/31 09:21:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RWY5QH3.12\Nationalmannschaft\Spieler\Deutschland\L [2012/10/31 09:21:01 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RWY5QH3.12\Nationalmannschaft\Spieler\Deutschland\N [2012/10/31 09:21:02 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RWY5QH3.12\Nationalmannschaft\Spieler\Frankreich\L [2012/10/31 09:21:03 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RWY5QH3.12\Nationalmannschaft\Spieler\Polen\L [2013/03/24 13:19:13 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RZ4X2VM.13\Deutsche Pokale\DFB-Pokal\L [2013/03/24 13:25:31 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RZ4X2VM.13\Nationalmannschaft\Spieler\Deutschland\L [2013/03/24 13:25:31 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RZ4X2VM.13\Nationalmannschaft\Spieler\Deutschland\N [2013/03/24 13:25:31 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RZ4X2VM.13\Nationalmannschaft\Spieler\Frankreich\L [2013/03/24 13:25:33 | 000,000,000 | ---D | M] -- C:\$Recycle.bin\S-1-5-21-218085402-662046344-3996529434-1001\$RZ4X2VM.13\Nationalmannschaft\Spieler\Polen\L [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
|
16.06.2013, 17:38
| #3 |
| /// Malware-holic   | GVU Win7 64 Bit JS Agent 480412 Hi,
__________________otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O4 - HKCU..\Run: [ctfmon.exe] C:\ProgramData\do3bo.dat ()
[2013/06/15 13:06:51 | 000,001,027 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk
[2013/06/15 13:06:47 | 000,000,151 | ---- | M] () -- C:\ProgramData\ob3od.reg
[2013/06/15 13:06:47 | 000,000,055 | ---- | M] () -- C:\ProgramData\ob3od.bat
[2013/06/15 13:06:42 | 000,167,936 | ---- | M] () -- C:\ProgramData\do3bo.dat
:files
:Commands
[emptytemp]
starte in den normalen modus. falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ |
|
16.06.2013, 18:13
| #4 |
| | GVU Win7 64 Bit JS Agent 480412 Hallo otl fix Fixen mit OTL Starte bitte die OTL.exe. Kopiere nun den Inhalt aus der Codebox in die Textbox. Code:Alles auswählenAufklappen :OTL O4 - HKCU..\Run: [ctfmon.exe] C:\ProgramData\do3bo.dat () [2013/06/15 13:06:51 | 000,001,027 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk [2013/06/15 13:06:47 | 000,000,151 | ---- | M] () -- C:\ProgramData\ob3od.reg [2013/06/15 13:06:47 | 000,000,055 | ---- | M] () -- C:\ProgramData\ob3od.bat [2013/06/15 13:06:42 | 000,167,936 | ---- | M] () -- C:\ProgramData\do3bo.dat :files :Commands [emptytemp] Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren. Schließe bitte nun alle Programme. Klicke nun bitte auf den Fix Button. OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen. Nach dem Neustart findest Du ein Textdokument auf deinem Desktop. ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt) Kopiere nun den Inhalt hier in Deinen Thread hier das Ergebnis All processes killed Error: Unable to interpret <O4 - HKCU..\Run: [ctfmon.exe] C:\ProgramData\do3bo.dat ()> in the current context! Error: Unable to interpret <[2013/06/15 13:06:51 | 000,001,027 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk> in the current context! Error: Unable to interpret <[2013/06/15 13:06:47 | 000,000,151 | ---- | M] () -- C:\ProgramData\ob3od.reg> in the current context! Error: Unable to interpret <[2013/06/15 13:06:47 | 000,000,055 | ---- | M] () -- C:\ProgramData\ob3od.bat> in the current context! Error: Unable to interpret <[2013/06/15 13:06:42 | 000,167,936 | ---- | M] () -- C:\ProgramData\do3bo.dat> in the current context! ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56502 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Thomas ->Temp folder emptied: 459520557 bytes ->Temporary Internet Files folder emptied: 207621598 bytes ->Java cache emptied: 1846979 bytes ->FireFox cache emptied: 103122251 bytes ->Google Chrome cache emptied: 6322593 bytes ->Flash cache emptied: 57050 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 190933389 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50562 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes RecycleBin emptied: 623038 bytes Total Files Cleaned = 925.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 06162013_190216 Files\Folders moved on Reboot... C:\Users\Thomas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Thomas\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... ABER im normalen Modus gestartet, nach Anmeldung erfolgt wieder die Sperre der GVU also der Rest ist derzeit nicht möglich |
|
16.06.2013, 18:15
| #5 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 hi, 1. ist es nicht nötig meinen text zu kopieren, ich weis ja was ich geschrieben hab. 2. ab :OTL den fix kopieren und noch mal ausführen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2013, 18:23
| #6 |
| | GVU Win7 64 Bit JS Agent 480412 1. verstanden :-) 2. das Ergebnis All processes killed ========== OTL ========== Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ctfmon.exe deleted successfully. C:\ProgramData\do3bo.dat moved successfully. C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk moved successfully. C:\ProgramData\ob3od.reg moved successfully. C:\ProgramData\ob3od.bat moved successfully. File C:\ProgramData\do3bo.dat not found. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Public User: Thomas ->Temp folder emptied: 1404 bytes ->Temporary Internet Files folder emptied: 6064778 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 492 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 7032 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 6.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 06162013_191846 |
|
16.06.2013, 18:26
| #7 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 sehr gut, weiter mit Upload bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2013, 18:27
| #8 |
| | GVU Win7 64 Bit JS Agent 480412 sollte jetzt auch da sein |
|
16.06.2013, 18:28
| #9 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 Gut. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2013, 18:32
| #10 |
| | GVU Win7 64 Bit JS Agent 480412 19:30:13.0581 0676 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:30:13.0861 0676 ============================================================ 19:30:13.0861 0676 Current date / time: 2013/06/16 19:30:13.0861 19:30:13.0861 0676 SystemInfo: 19:30:13.0861 0676 19:30:13.0861 0676 OS Version: 6.1.7601 ServicePack: 1.0 19:30:13.0861 0676 Product type: Workstation 19:30:13.0861 0676 ComputerName: THOMAS-PC 19:30:13.0861 0676 UserName: Thomas 19:30:13.0861 0676 Windows directory: C:\Windows 19:30:13.0861 0676 System windows directory: C:\Windows 19:30:13.0861 0676 Running under WOW64 19:30:13.0861 0676 Processor architecture: Intel x64 19:30:13.0861 0676 Number of processors: 4 19:30:13.0861 0676 Page size: 0x1000 19:30:13.0861 0676 Boot type: Normal boot 19:30:13.0861 0676 ============================================================ 19:30:17.0309 0676 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:30:17.0309 0676 ============================================================ 19:30:17.0309 0676 \Device\Harddisk0\DR0: 19:30:17.0340 0676 MBR partitions: 19:30:17.0340 0676 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:30:17.0340 0676 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAAC54800 19:30:17.0340 0676 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAAC87000, BlocksNum 0x3C00000 19:30:17.0340 0676 ============================================================ 19:30:17.0340 0676 C: <-> \Device\Harddisk0\DR0\Partition2 19:30:17.0465 0676 D: <-> \Device\Harddisk0\DR0\Partition3 19:30:17.0465 0676 ============================================================ 19:30:17.0465 0676 Initialize success 19:30:17.0465 0676 ============================================================ 19:30:22.0285 1520 ============================================================ 19:30:22.0285 1520 Scan started 19:30:22.0285 1520 Mode: Manual; 19:30:22.0285 1520 ============================================================ 19:30:24.0844 1520 ================ Scan system memory ======================== 19:30:24.0844 1520 System memory - ok 19:30:24.0844 1520 ================ Scan services ============================= 19:30:25.0530 1520 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:30:25.0608 1520 1394ohci - ok 19:30:25.0717 1520 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:30:25.0733 1520 ACPI - ok 19:30:25.0780 1520 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:30:25.0827 1520 AcpiPmi - ok 19:30:26.0076 1520 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:30:26.0092 1520 AdobeARMservice - ok 19:30:26.0357 1520 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:30:26.0388 1520 AdobeFlashPlayerUpdateSvc - ok 19:30:26.0466 1520 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:30:26.0591 1520 adp94xx - ok 19:30:26.0700 1520 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:30:26.0763 1520 adpahci - ok 19:30:26.0794 1520 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:30:26.0841 1520 adpu320 - ok 19:30:26.0919 1520 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:30:26.0934 1520 AeLookupSvc - ok 19:30:27.0137 1520 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:30:27.0324 1520 AFD - ok 19:30:27.0402 1520 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:30:27.0418 1520 agp440 - ok 19:30:27.0480 1520 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:30:27.0480 1520 ALG - ok 19:30:27.0511 1520 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:30:27.0511 1520 aliide - ok 19:30:27.0621 1520 [ 3562D7B2C40D6862623A3044E77D7A89 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:30:27.0652 1520 AMD External Events Utility - ok 19:30:27.0667 1520 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:30:27.0683 1520 amdide - ok 19:30:27.0792 1520 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:30:27.0855 1520 AmdK8 - ok 19:30:28.0510 1520 [ 82C2B429EF87CD3C40B2355FA86E26F7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:30:28.0791 1520 amdkmdag - ok 19:30:28.0993 1520 [ 53431E0ED701DE33D322E039C8A4E0BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:30:29.0009 1520 amdkmdap - ok 19:30:29.0118 1520 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:30:29.0118 1520 AmdPPM - ok 19:30:29.0196 1520 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:30:29.0196 1520 amdsata - ok 19:30:29.0305 1520 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:30:29.0337 1520 amdsbs - ok 19:30:29.0352 1520 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:30:29.0352 1520 amdxata - ok 19:30:29.0430 1520 [ 08E8A4172C57ABD7693A6915CF1E7A99 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys 19:30:29.0430 1520 amd_sata - ok 19:30:29.0477 1520 [ 9866AF4E4AD7F16E810B6C0B8473F9CD ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys 19:30:29.0477 1520 amd_xata - ok 19:30:29.0742 1520 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 19:30:29.0742 1520 AntiVirSchedulerService - ok 19:30:30.0101 1520 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 19:30:30.0117 1520 AntiVirService - ok 19:30:30.0288 1520 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:30:30.0288 1520 AppID - ok 19:30:30.0351 1520 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:30:30.0351 1520 AppIDSvc - ok 19:30:30.0397 1520 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 19:30:30.0413 1520 Appinfo - ok 19:30:30.0600 1520 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:30:30.0616 1520 Apple Mobile Device - ok 19:30:30.0819 1520 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 19:30:30.0959 1520 arc - ok 19:30:31.0006 1520 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:30:31.0068 1520 arcsas - ok 19:30:31.0287 1520 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:30:31.0287 1520 AsyncMac - ok 19:30:31.0349 1520 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:30:31.0365 1520 atapi - ok 19:30:31.0443 1520 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 19:30:31.0458 1520 AtiHDAudioService - ok 19:30:31.0645 1520 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys 19:30:31.0661 1520 AtiPcie - ok 19:30:31.0942 1520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:30:31.0989 1520 AudioEndpointBuilder - ok 19:30:32.0035 1520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:30:32.0051 1520 AudioSrv - ok 19:30:32.0145 1520 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 19:30:32.0160 1520 avgntflt - ok 19:30:32.0269 1520 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 19:30:32.0285 1520 avipbb - ok 19:30:32.0363 1520 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 19:30:32.0379 1520 avkmgr - ok 19:30:32.0597 1520 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:30:32.0628 1520 AxInstSV - ok 19:30:32.0815 1520 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 19:30:32.0893 1520 b06bdrv - ok 19:30:32.0925 1520 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:30:32.0956 1520 b57nd60a - ok 19:30:33.0003 1520 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:30:33.0018 1520 BDESVC - ok 19:30:33.0049 1520 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:30:33.0096 1520 Beep - ok 19:30:33.0252 1520 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:30:33.0268 1520 BFE - ok 19:30:33.0439 1520 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 19:30:33.0471 1520 BITS - ok 19:30:33.0533 1520 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:30:33.0549 1520 blbdrive - ok 19:30:33.0705 1520 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:30:33.0720 1520 Bonjour Service - ok 19:30:33.0783 1520 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:30:33.0798 1520 bowser - ok 19:30:33.0845 1520 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:30:33.0861 1520 BrFiltLo - ok 19:30:33.0892 1520 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:30:33.0939 1520 BrFiltUp - ok 19:30:33.0985 1520 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:30:33.0985 1520 Browser - ok 19:30:34.0048 1520 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:30:34.0079 1520 Brserid - ok 19:30:34.0079 1520 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:30:34.0095 1520 BrSerWdm - ok 19:30:34.0126 1520 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:30:34.0141 1520 BrUsbMdm - ok 19:30:34.0188 1520 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:30:34.0204 1520 BrUsbSer - ok 19:30:34.0235 1520 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:30:34.0251 1520 BTHMODEM - ok 19:30:34.0282 1520 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:30:34.0282 1520 bthserv - ok 19:30:34.0329 1520 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:30:34.0344 1520 cdfs - ok 19:30:34.0422 1520 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\drivers\cdrom.sys 19:30:34.0500 1520 cdrom - ok 19:30:34.0609 1520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:30:34.0625 1520 CertPropSvc - ok 19:30:34.0656 1520 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:30:34.0734 1520 circlass - ok 19:30:34.0765 1520 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:30:34.0781 1520 CLFS - ok 19:30:35.0077 1520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:30:35.0109 1520 clr_optimization_v2.0.50727_32 - ok 19:30:35.0296 1520 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:30:35.0311 1520 clr_optimization_v2.0.50727_64 - ok 19:30:35.0514 1520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:30:35.0608 1520 clr_optimization_v4.0.30319_32 - ok 19:30:35.0670 1520 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:30:35.0670 1520 clr_optimization_v4.0.30319_64 - ok 19:30:35.0717 1520 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:30:35.0748 1520 CmBatt - ok 19:30:35.0795 1520 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:30:35.0857 1520 cmdide - ok 19:30:35.0904 1520 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 19:30:35.0935 1520 CNG - ok 19:30:35.0967 1520 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:30:35.0982 1520 Compbatt - ok 19:30:36.0029 1520 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 19:30:36.0045 1520 CompositeBus - ok 19:30:36.0045 1520 COMSysApp - ok 19:30:36.0076 1520 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:30:36.0076 1520 crcdisk - ok 19:30:36.0123 1520 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:30:36.0123 1520 CryptSvc - ok 19:30:36.0169 1520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:30:36.0185 1520 DcomLaunch - ok 19:30:36.0232 1520 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:30:36.0247 1520 defragsvc - ok 19:30:36.0294 1520 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:30:36.0310 1520 DfsC - ok 19:30:36.0325 1520 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:30:36.0341 1520 Dhcp - ok 19:30:36.0372 1520 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:30:36.0403 1520 discache - ok 19:30:36.0435 1520 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:30:36.0450 1520 Disk - ok 19:30:36.0497 1520 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:30:36.0497 1520 Dnscache - ok 19:30:36.0591 1520 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:30:36.0622 1520 dot3svc - ok 19:30:36.0669 1520 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:30:36.0669 1520 DPS - ok 19:30:36.0715 1520 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:30:36.0731 1520 drmkaud - ok 19:30:36.0793 1520 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:30:36.0825 1520 DXGKrnl - ok 19:30:36.0887 1520 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:30:36.0887 1520 EapHost - ok 19:30:37.0324 1520 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 19:30:37.0402 1520 ebdrv - ok 19:30:37.0433 1520 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:30:37.0433 1520 EFS - ok 19:30:37.0667 1520 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:30:37.0729 1520 ehRecvr - ok 19:30:37.0776 1520 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:30:37.0839 1520 ehSched - ok 19:30:37.0870 1520 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:30:37.0885 1520 elxstor - ok 19:30:37.0932 1520 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:30:37.0932 1520 ErrDev - ok 19:30:37.0979 1520 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:30:38.0010 1520 EventSystem - ok 19:30:38.0057 1520 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:30:38.0088 1520 exfat - ok 19:30:38.0119 1520 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:30:38.0151 1520 fastfat - ok 19:30:38.0197 1520 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:30:38.0260 1520 Fax - ok 19:30:38.0291 1520 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:30:38.0307 1520 fdc - ok 19:30:38.0338 1520 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:30:38.0353 1520 fdPHost - ok 19:30:38.0369 1520 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:30:38.0385 1520 FDResPub - ok 19:30:38.0385 1520 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:30:38.0400 1520 FileInfo - ok 19:30:38.0416 1520 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:30:38.0416 1520 Filetrace - ok 19:30:38.0431 1520 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:30:38.0447 1520 flpydisk - ok 19:30:38.0478 1520 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:30:38.0494 1520 FltMgr - ok 19:30:38.0634 1520 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 19:30:38.0697 1520 FontCache - ok 19:30:38.0775 1520 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:30:38.0790 1520 FontCache3.0.0.0 - ok 19:30:38.0821 1520 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:30:38.0837 1520 FsDepends - ok 19:30:38.0868 1520 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:30:38.0868 1520 Fs_Rec - ok 19:30:38.0915 1520 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:30:38.0931 1520 fvevol - ok 19:30:38.0962 1520 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:30:38.0977 1520 gagp30kx - ok 19:30:38.0993 1520 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:30:39.0009 1520 GEARAspiWDM - ok 19:30:39.0055 1520 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:30:39.0071 1520 gpsvc - ok 19:30:39.0133 1520 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:30:39.0133 1520 gupdate - ok 19:30:39.0149 1520 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:30:39.0149 1520 gupdatem - ok 19:30:39.0180 1520 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:30:39.0180 1520 hcw85cir - ok 19:30:39.0227 1520 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:30:39.0243 1520 HdAudAddService - ok 19:30:39.0289 1520 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 19:30:39.0289 1520 HDAudBus - ok 19:30:39.0321 1520 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:30:39.0336 1520 HidBatt - ok 19:30:39.0352 1520 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:30:39.0367 1520 HidBth - ok 19:30:39.0399 1520 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:30:39.0399 1520 HidIr - ok 19:30:39.0430 1520 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 19:30:39.0430 1520 hidserv - ok 19:30:39.0461 1520 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:30:39.0461 1520 HidUsb - ok 19:30:39.0508 1520 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:30:39.0508 1520 hkmsvc - ok 19:30:39.0539 1520 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:30:39.0555 1520 HomeGroupListener - ok 19:30:39.0601 1520 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:30:39.0617 1520 HomeGroupProvider - ok 19:30:39.0633 1520 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:30:39.0648 1520 HpSAMD - ok 19:30:39.0695 1520 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:30:39.0711 1520 HTTP - ok 19:30:39.0742 1520 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:30:39.0742 1520 hwpolicy - ok 19:30:39.0773 1520 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:30:39.0789 1520 i8042prt - ok 19:30:39.0804 1520 iaStor - ok 19:30:39.0867 1520 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:30:39.0882 1520 iaStorV - ok 19:30:39.0945 1520 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:30:40.0007 1520 idsvc - ok 19:30:40.0023 1520 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:30:40.0023 1520 iirsp - ok 19:30:40.0054 1520 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:30:40.0069 1520 IKEEXT - ok 19:30:40.0179 1520 [ CDB772F707AC24B43A20C821852CA61F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 19:30:40.0210 1520 IntcAzAudAddService - ok 19:30:40.0241 1520 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:30:40.0257 1520 intelide - ok 19:30:40.0272 1520 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:30:40.0272 1520 intelppm - ok 19:30:40.0303 1520 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:30:40.0303 1520 IPBusEnum - ok 19:30:40.0335 1520 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:30:40.0335 1520 IpFilterDriver - ok 19:30:40.0381 1520 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:30:40.0381 1520 iphlpsvc - ok 19:30:40.0413 1520 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:30:40.0428 1520 IPMIDRV - ok 19:30:40.0444 1520 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:30:40.0459 1520 IPNAT - ok 19:30:40.0537 1520 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:30:40.0537 1520 iPod Service - ok 19:30:40.0553 1520 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:30:40.0569 1520 IRENUM - ok 19:30:40.0584 1520 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:30:40.0584 1520 isapnp - ok 19:30:40.0631 1520 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:30:40.0662 1520 iScsiPrt - ok 19:30:40.0678 1520 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 19:30:40.0693 1520 kbdclass - ok 19:30:40.0709 1520 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 19:30:40.0725 1520 kbdhid - ok 19:30:40.0740 1520 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:30:40.0740 1520 KeyIso - ok 19:30:40.0818 1520 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:30:40.0849 1520 KSecDD - ok 19:30:40.0896 1520 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:30:40.0912 1520 KSecPkg - ok 19:30:40.0927 1520 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:30:40.0943 1520 ksthunk - ok 19:30:40.0974 1520 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:30:41.0005 1520 KtmRm - ok 19:30:41.0052 1520 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:30:41.0068 1520 LanmanServer - ok 19:30:41.0099 1520 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:30:41.0115 1520 LanmanWorkstation - ok 19:30:41.0146 1520 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:30:41.0161 1520 lltdio - ok 19:30:41.0193 1520 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:30:41.0208 1520 lltdsvc - ok 19:30:41.0224 1520 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:30:41.0224 1520 lmhosts - ok 19:30:41.0271 1520 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:30:41.0271 1520 LSI_FC - ok 19:30:41.0302 1520 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:30:41.0302 1520 LSI_SAS - ok 19:30:41.0333 1520 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:30:41.0349 1520 LSI_SAS2 - ok 19:30:41.0380 1520 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:30:41.0380 1520 LSI_SCSI - ok 19:30:41.0411 1520 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:30:41.0411 1520 luafv - ok 19:30:41.0458 1520 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe 19:30:41.0505 1520 McComponentHostService - ok 19:30:41.0551 1520 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:30:41.0567 1520 Mcx2Svc - ok 19:30:41.0598 1520 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:30:41.0598 1520 megasas - ok 19:30:41.0629 1520 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:30:41.0661 1520 MegaSR - ok 19:30:41.0676 1520 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:30:41.0692 1520 MMCSS - ok 19:30:41.0707 1520 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:30:41.0723 1520 Modem - ok 19:30:41.0739 1520 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:30:41.0754 1520 monitor - ok 19:30:41.0785 1520 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:30:41.0801 1520 mouclass - ok 19:30:41.0895 1520 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:30:41.0910 1520 mouhid - ok 19:30:41.0941 1520 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:30:41.0957 1520 mountmgr - ok 19:30:42.0004 1520 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:30:42.0051 1520 MozillaMaintenance - ok 19:30:42.0097 1520 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:30:42.0175 1520 mpio - ok 19:30:42.0207 1520 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:30:42.0207 1520 mpsdrv - ok 19:30:42.0269 1520 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:30:42.0316 1520 MpsSvc - ok 19:30:42.0363 1520 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:30:42.0378 1520 MRxDAV - ok 19:30:42.0472 1520 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:30:42.0487 1520 mrxsmb - ok 19:30:42.0550 1520 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:30:42.0581 1520 mrxsmb10 - ok 19:30:42.0597 1520 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:30:42.0612 1520 mrxsmb20 - ok 19:30:42.0628 1520 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:30:42.0643 1520 msahci - ok 19:30:42.0690 1520 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 19:30:42.0706 1520 MSCamSvc - ok 19:30:42.0737 1520 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:30:42.0753 1520 msdsm - ok 19:30:42.0768 1520 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:30:42.0799 1520 MSDTC - ok 19:30:42.0815 1520 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:30:42.0831 1520 Msfs - ok 19:30:42.0846 1520 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:30:42.0846 1520 mshidkmdf - ok 19:30:42.0877 1520 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:30:42.0877 1520 msisadrv - ok 19:30:42.0909 1520 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:30:42.0924 1520 MSiSCSI - ok 19:30:42.0940 1520 msiserver - ok 19:30:42.0971 1520 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:30:42.0971 1520 MSKSSRV - ok 19:30:42.0987 1520 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:30:42.0987 1520 MSPCLOCK - ok 19:30:42.0987 1520 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:30:42.0987 1520 MSPQM - ok 19:30:43.0018 1520 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:30:43.0049 1520 MsRPC - ok 19:30:43.0065 1520 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 19:30:43.0065 1520 mssmbios - ok 19:30:43.0080 1520 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:30:43.0096 1520 MSTEE - ok 19:30:43.0111 1520 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:30:43.0111 1520 MTConfig - ok 19:30:43.0127 1520 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:30:43.0143 1520 Mup - ok 19:30:43.0189 1520 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:30:43.0205 1520 napagent - ok 19:30:43.0252 1520 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:30:43.0267 1520 NativeWifiP - ok 19:30:43.0330 1520 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:30:43.0345 1520 NDIS - ok 19:30:43.0361 1520 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:30:43.0377 1520 NdisCap - ok 19:30:43.0392 1520 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:30:43.0392 1520 NdisTapi - ok 19:30:43.0439 1520 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:30:43.0439 1520 Ndisuio - ok 19:30:43.0486 1520 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:30:43.0501 1520 NdisWan - ok 19:30:43.0533 1520 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:30:43.0548 1520 NDProxy - ok 19:30:43.0564 1520 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:30:43.0579 1520 NetBIOS - ok 19:30:43.0595 1520 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:30:43.0626 1520 NetBT - ok 19:30:43.0642 1520 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:30:43.0642 1520 Netlogon - ok 19:30:43.0673 1520 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:30:43.0689 1520 Netman - ok 19:30:43.0720 1520 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:30:43.0720 1520 netprofm - ok 19:30:43.0767 1520 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:30:43.0798 1520 NetTcpPortSharing - ok 19:30:43.0829 1520 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:30:43.0845 1520 nfrd960 - ok 19:30:43.0876 1520 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:30:43.0891 1520 NlaSvc - ok 19:30:43.0907 1520 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:30:43.0923 1520 Npfs - ok 19:30:43.0938 1520 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:30:43.0938 1520 nsi - ok 19:30:43.0969 1520 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:30:43.0985 1520 nsiproxy - ok 19:30:44.0094 1520 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:30:44.0188 1520 Ntfs - ok 19:30:44.0203 1520 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:30:44.0203 1520 Null - ok 19:30:44.0235 1520 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 19:30:44.0250 1520 nusb3hub - ok 19:30:44.0266 1520 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 19:30:44.0281 1520 nusb3xhc - ok 19:30:44.0656 1520 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:30:44.0874 1520 nvlddmkm - ok 19:30:44.0905 1520 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:30:44.0905 1520 nvraid - ok 19:30:44.0921 1520 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:30:44.0921 1520 nvstor - ok 19:30:44.0968 1520 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:30:44.0983 1520 nv_agp - ok 19:30:45.0061 1520 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:30:45.0108 1520 odserv - ok 19:30:45.0124 1520 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:30:45.0155 1520 ohci1394 - ok 19:30:45.0171 1520 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:30:45.0202 1520 ose - ok 19:30:45.0217 1520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:30:45.0233 1520 p2pimsvc - ok 19:30:45.0264 1520 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:30:45.0280 1520 p2psvc - ok 19:30:45.0295 1520 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:30:45.0295 1520 Parport - ok 19:30:45.0311 1520 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:30:45.0311 1520 partmgr - ok 19:30:45.0342 1520 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:30:45.0342 1520 PcaSvc - ok 19:30:45.0358 1520 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:30:45.0373 1520 pci - ok 19:30:45.0373 1520 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:30:45.0389 1520 pciide - ok 19:30:45.0436 1520 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:30:45.0467 1520 pcmcia - ok 19:30:45.0498 1520 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:30:45.0498 1520 pcw - ok 19:30:45.0545 1520 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:30:45.0592 1520 PEAUTH - ok 19:30:45.0639 1520 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:30:45.0670 1520 PerfHost - ok 19:30:45.0779 1520 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:30:45.0888 1520 pla - ok 19:30:45.0919 1520 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:30:45.0935 1520 PlugPlay - ok 19:30:45.0951 1520 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:30:45.0951 1520 PNRPAutoReg - ok 19:30:45.0982 1520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:30:45.0982 1520 PNRPsvc - ok 19:30:46.0013 1520 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:30:46.0029 1520 PolicyAgent - ok 19:30:46.0060 1520 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:30:46.0075 1520 Power - ok 19:30:46.0107 1520 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:30:46.0122 1520 PptpMiniport - ok 19:30:46.0122 1520 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:30:46.0138 1520 Processor - ok 19:30:46.0169 1520 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:30:46.0169 1520 ProfSvc - ok 19:30:46.0185 1520 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:30:46.0185 1520 ProtectedStorage - ok 19:30:46.0216 1520 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:30:46.0216 1520 Psched - ok 19:30:46.0263 1520 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 19:30:46.0294 1520 PSI_SVC_2 - ok 19:30:46.0372 1520 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:30:46.0434 1520 ql2300 - ok 19:30:46.0465 1520 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:30:46.0481 1520 ql40xx - ok 19:30:46.0481 1520 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:30:46.0497 1520 QWAVE - ok 19:30:46.0512 1520 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:30:46.0528 1520 QWAVEdrv - ok 19:30:46.0543 1520 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:30:46.0543 1520 RasAcd - ok 19:30:46.0606 1520 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:30:46.0637 1520 RasAgileVpn - ok 19:30:46.0653 1520 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:30:46.0668 1520 RasAuto - ok 19:30:46.0699 1520 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:30:46.0715 1520 Rasl2tp - ok 19:30:46.0746 1520 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:30:46.0809 1520 RasMan - ok 19:30:46.0824 1520 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:30:46.0840 1520 RasPppoe - ok 19:30:46.0840 1520 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:30:46.0855 1520 RasSstp - ok 19:30:46.0871 1520 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:30:46.0887 1520 rdbss - ok 19:30:46.0902 1520 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:30:46.0918 1520 rdpbus - ok 19:30:46.0933 1520 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:30:46.0933 1520 RDPCDD - ok 19:30:46.0965 1520 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:30:46.0965 1520 RDPENCDD - ok 19:30:46.0965 1520 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:30:46.0980 1520 RDPREFMP - ok 19:30:47.0027 1520 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:30:47.0043 1520 RdpVideoMiniport - ok 19:30:47.0074 1520 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:30:47.0105 1520 RDPWD - ok 19:30:47.0152 1520 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:30:47.0167 1520 rdyboost - ok 19:30:47.0199 1520 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:30:47.0214 1520 RemoteAccess - ok 19:30:47.0230 1520 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:30:47.0261 1520 RemoteRegistry - ok 19:30:47.0277 1520 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:30:47.0292 1520 RpcEptMapper - ok 19:30:47.0292 1520 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:30:47.0308 1520 RpcLocator - ok 19:30:47.0339 1520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:30:47.0355 1520 RpcSs - ok 19:30:47.0370 1520 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:30:47.0370 1520 rspndr - ok 19:30:47.0401 1520 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 19:30:47.0417 1520 RTL8167 - ok 19:30:47.0448 1520 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 19:30:47.0464 1520 RTL8192su - ok 19:30:47.0479 1520 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:30:47.0479 1520 SamSs - ok 19:30:47.0526 1520 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:30:47.0557 1520 sbp2port - ok 19:30:47.0635 1520 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:30:47.0651 1520 SCardSvr - ok 19:30:47.0729 1520 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:30:47.0745 1520 scfilter - ok 19:30:47.0932 1520 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:30:47.0963 1520 Schedule - ok 19:30:47.0979 1520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:30:47.0979 1520 SCPolicySvc - ok 19:30:48.0088 1520 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:30:48.0135 1520 SDRSVC - ok 19:30:48.0150 1520 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:30:48.0150 1520 secdrv - ok 19:30:48.0181 1520 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:30:48.0197 1520 seclogon - ok 19:30:48.0213 1520 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 19:30:48.0244 1520 SENS - ok 19:30:48.0275 1520 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:30:48.0291 1520 SensrSvc - ok 19:30:48.0337 1520 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:30:48.0353 1520 Serenum - ok 19:30:48.0384 1520 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:30:48.0400 1520 Serial - ok 19:30:48.0431 1520 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:30:48.0431 1520 sermouse - ok 19:30:48.0478 1520 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:30:48.0478 1520 SessionEnv - ok 19:30:48.0509 1520 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:30:48.0525 1520 sffdisk - ok 19:30:48.0540 1520 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:30:48.0540 1520 sffp_mmc - ok 19:30:48.0587 1520 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:30:48.0618 1520 sffp_sd - ok 19:30:48.0634 1520 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:30:48.0649 1520 sfloppy - ok 19:30:48.0696 1520 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:30:48.0712 1520 SharedAccess - ok 19:30:48.0759 1520 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:30:48.0774 1520 ShellHWDetection - ok 19:30:48.0805 1520 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:30:48.0805 1520 SiSRaid2 - ok 19:30:48.0837 1520 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:30:48.0852 1520 SiSRaid4 - ok 19:30:48.0883 1520 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:30:48.0899 1520 Smb - ok 19:30:48.0930 1520 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:30:48.0946 1520 SNMPTRAP - ok 19:30:48.0961 1520 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:30:48.0977 1520 spldr - ok 19:30:49.0008 1520 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:30:49.0055 1520 Spooler - ok 19:30:49.0164 1520 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:30:49.0211 1520 sppsvc - ok 19:30:49.0227 1520 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:30:49.0242 1520 sppuinotify - ok 19:30:49.0289 1520 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:30:49.0336 1520 srv - ok 19:30:49.0351 1520 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:30:49.0383 1520 srv2 - ok 19:30:49.0414 1520 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:30:49.0429 1520 srvnet - ok 19:30:49.0461 1520 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:30:49.0476 1520 SSDPSRV - ok 19:30:49.0492 1520 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:30:49.0507 1520 SstpSvc - ok 19:30:49.0523 1520 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:30:49.0539 1520 stexstor - ok 19:30:49.0585 1520 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:30:49.0617 1520 stisvc - ok 19:30:49.0648 1520 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 19:30:49.0663 1520 swenum - ok 19:30:49.0679 1520 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:30:49.0710 1520 swprv - ok 19:30:49.0929 1520 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:30:49.0991 1520 SysMain - ok 19:30:50.0022 1520 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:30:50.0022 1520 TabletInputService - ok 19:30:50.0038 1520 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:30:50.0053 1520 TapiSrv - ok 19:30:50.0069 1520 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:30:50.0069 1520 TBS - ok 19:30:50.0194 1520 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:30:50.0272 1520 Tcpip - ok 19:30:50.0365 1520 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:30:50.0381 1520 TCPIP6 - ok 19:30:50.0412 1520 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:30:50.0412 1520 tcpipreg - ok 19:30:50.0443 1520 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:30:50.0443 1520 TDPIPE - ok 19:30:50.0475 1520 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:30:50.0475 1520 TDTCP - ok 19:30:50.0521 1520 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:30:50.0537 1520 tdx - ok 19:30:50.0615 1520 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 19:30:50.0631 1520 TermDD - ok 19:30:50.0677 1520 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:30:50.0724 1520 TermService - ok 19:30:50.0724 1520 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:30:50.0724 1520 Themes - ok 19:30:50.0755 1520 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:30:50.0755 1520 THREADORDER - ok 19:30:50.0771 1520 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:30:50.0787 1520 TrkWks - ok 19:30:50.0849 1520 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:30:50.0880 1520 TrustedInstaller - ok 19:30:50.0927 1520 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:30:50.0989 1520 tssecsrv - ok 19:30:51.0021 1520 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:30:51.0036 1520 TsUsbFlt - ok 19:30:51.0083 1520 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:30:51.0083 1520 tunnel - ok 19:30:51.0099 1520 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:30:51.0114 1520 uagp35 - ok 19:30:51.0145 1520 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:30:51.0161 1520 udfs - ok 19:30:51.0177 1520 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:30:51.0192 1520 UI0Detect - ok 19:30:51.0239 1520 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:30:51.0239 1520 uliagpkx - ok 19:30:51.0286 1520 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 19:30:51.0301 1520 umbus - ok 19:30:51.0317 1520 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:30:51.0333 1520 UmPass - ok 19:30:51.0348 1520 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:30:51.0379 1520 upnphost - ok 19:30:51.0395 1520 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:30:51.0411 1520 USBAAPL64 - ok 19:30:51.0442 1520 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:30:51.0442 1520 usbaudio - ok 19:30:51.0473 1520 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:30:51.0473 1520 usbccgp - ok 19:30:51.0489 1520 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:30:51.0504 1520 usbcir - ok 19:30:51.0535 1520 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:30:51.0551 1520 usbehci - ok 19:30:51.0645 1520 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 19:30:51.0645 1520 usbfilter - ok 19:30:51.0660 1520 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:30:51.0691 1520 usbhub - ok 19:30:51.0707 1520 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 19:30:51.0723 1520 usbohci - ok 19:30:51.0738 1520 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:30:51.0754 1520 usbprint - ok 19:30:51.0785 1520 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:30:51.0785 1520 usbscan - ok 19:30:51.0801 1520 [ A60E7E0FA88FF067D049D525547CD5E9 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:30:51.0816 1520 USBSTOR - ok 19:30:51.0847 1520 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:30:51.0847 1520 usbuhci - ok 19:30:51.0863 1520 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:30:51.0879 1520 UxSms - ok 19:30:51.0894 1520 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:30:51.0894 1520 VaultSvc - ok 19:30:51.0925 1520 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:30:51.0941 1520 vdrvroot - ok 19:30:51.0988 1520 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:30:52.0035 1520 vds - ok 19:30:52.0050 1520 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:30:52.0066 1520 vga - ok 19:30:52.0097 1520 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:30:52.0097 1520 VgaSave - ok 19:30:52.0144 1520 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:30:52.0175 1520 vhdmp - ok 19:30:52.0191 1520 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:30:52.0206 1520 viaide - ok 19:30:52.0222 1520 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:30:52.0222 1520 volmgr - ok 19:30:52.0269 1520 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:30:52.0300 1520 volmgrx - ok 19:30:52.0300 1520 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:30:52.0315 1520 volsnap - ok 19:30:52.0347 1520 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:30:52.0362 1520 vsmraid - ok 19:30:52.0440 1520 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:30:52.0487 1520 VSS - ok 19:30:52.0503 1520 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:30:52.0503 1520 vwifibus - ok 19:30:52.0534 1520 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:30:52.0534 1520 vwififlt - ok 19:30:52.0549 1520 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 19:30:52.0549 1520 vwifimp - ok 19:30:52.0659 1520 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys 19:30:52.0705 1520 VX1000 - ok 19:30:52.0737 1520 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:30:52.0737 1520 W32Time - ok 19:30:52.0783 1520 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:30:52.0799 1520 WacomPen - ok 19:30:52.0815 1520 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:30:52.0830 1520 WANARP - ok 19:30:52.0830 1520 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:30:52.0830 1520 Wanarpv6 - ok 19:30:52.0924 1520 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 19:30:53.0002 1520 WatAdminSvc - ok 19:30:53.0049 1520 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:30:53.0095 1520 wbengine - ok 19:30:53.0127 1520 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:30:53.0142 1520 WbioSrvc - ok 19:30:53.0158 1520 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:30:53.0173 1520 wcncsvc - ok 19:30:53.0189 1520 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:30:53.0189 1520 WcsPlugInService - ok 19:30:53.0220 1520 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:30:53.0220 1520 Wd - ok 19:30:53.0267 1520 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:30:53.0298 1520 Wdf01000 - ok 19:30:53.0298 1520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:30:53.0314 1520 WdiServiceHost - ok 19:30:53.0314 1520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:30:53.0329 1520 WdiSystemHost - ok 19:30:53.0329 1520 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:30:53.0345 1520 WebClient - ok 19:30:53.0361 1520 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:30:53.0376 1520 Wecsvc - ok 19:30:53.0392 1520 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:30:53.0392 1520 wercplsupport - ok 19:30:53.0407 1520 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:30:53.0423 1520 WerSvc - ok 19:30:53.0439 1520 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:30:53.0439 1520 WfpLwf - ok 19:30:53.0454 1520 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:30:53.0470 1520 WIMMount - ok 19:30:53.0485 1520 WinDefend - ok 19:30:53.0485 1520 WinHttpAutoProxySvc - ok 19:30:53.0548 1520 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:30:53.0548 1520 Winmgmt - ok 19:30:53.0735 1520 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:30:53.0813 1520 WinRM - ok 19:30:53.0829 1520 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:30:53.0844 1520 WinUsb - ok 19:30:53.0860 1520 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:30:53.0875 1520 Wlansvc - ok 19:30:53.0969 1520 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:30:53.0985 1520 wlcrasvc - ok 19:30:54.0063 1520 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:30:54.0109 1520 wlidsvc - ok 19:30:54.0141 1520 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 19:30:54.0156 1520 WmiAcpi - ok 19:30:54.0172 1520 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:30:54.0187 1520 wmiApSrv - ok 19:30:54.0203 1520 WMPNetworkSvc - ok 19:30:54.0219 1520 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:30:54.0219 1520 WPCSvc - ok 19:30:54.0250 1520 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:30:54.0281 1520 WPDBusEnum - ok 19:30:54.0328 1520 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:30:54.0343 1520 ws2ifsl - ok 19:30:54.0359 1520 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 19:30:54.0375 1520 wscsvc - ok 19:30:54.0375 1520 WSearch - ok 19:30:54.0468 1520 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:30:54.0531 1520 wuauserv - ok 19:30:54.0562 1520 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:30:54.0562 1520 WudfPf - ok 19:30:54.0593 1520 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:30:54.0593 1520 WUDFRd - ok 19:30:54.0640 1520 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:30:54.0640 1520 wudfsvc - ok 19:30:54.0687 1520 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 19:30:54.0687 1520 WwanSvc - ok 19:30:54.0718 1520 ================ Scan global =============================== 19:30:54.0733 1520 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:30:54.0811 1520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:30:54.0858 1520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:30:54.0889 1520 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:30:54.0936 1520 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:30:54.0983 1520 [Global] - ok 19:30:54.0983 1520 ================ Scan MBR ================================== 19:30:54.0983 1520 [ 5D949EEA3BEEC2DF38A2D7900AD89A60 ] \Device\Harddisk0\DR0 19:30:57.0151 1520 \Device\Harddisk0\DR0 - ok 19:30:57.0151 1520 ================ Scan VBR ================================== 19:30:57.0151 1520 [ BB4EE181A3C3FB6FBA2D635B5D34CAE4 ] \Device\Harddisk0\DR0\Partition1 19:30:57.0167 1520 \Device\Harddisk0\DR0\Partition1 - ok 19:30:57.0183 1520 [ 4CB0A14ADB05C81F03E6366A728495D6 ] \Device\Harddisk0\DR0\Partition2 19:30:57.0214 1520 \Device\Harddisk0\DR0\Partition2 - ok 19:30:57.0261 1520 [ BB651F9BAC2C393879A04366C83F8A97 ] \Device\Harddisk0\DR0\Partition3 19:30:57.0292 1520 \Device\Harddisk0\DR0\Partition3 - ok 19:30:57.0292 1520 ============================================================ 19:30:57.0292 1520 Scan finished 19:30:57.0292 1520 ============================================================ 19:30:57.0323 4400 Detected object count: 0 19:30:57.0323 4400 Actual detected object count: 0 19:31:12.0658 3168 Deinitialize success |
|
16.06.2013, 18:33
| #11 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 nach anleitung bitte noch mal
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.06.2013, 18:39
| #12 |
| | GVU Win7 64 Bit JS Agent 480412 19:38:49.0708 3240 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 19:38:49.0910 3240 ============================================================ 19:38:49.0910 3240 Current date / time: 2013/06/16 19:38:49.0910 19:38:49.0910 3240 SystemInfo: 19:38:49.0910 3240 19:38:49.0910 3240 OS Version: 6.1.7601 ServicePack: 1.0 19:38:49.0910 3240 Product type: Workstation 19:38:49.0910 3240 ComputerName: THOMAS-PC 19:38:49.0910 3240 UserName: Thomas 19:38:49.0910 3240 Windows directory: C:\Windows 19:38:49.0910 3240 System windows directory: C:\Windows 19:38:49.0910 3240 Running under WOW64 19:38:49.0910 3240 Processor architecture: Intel x64 19:38:49.0910 3240 Number of processors: 4 19:38:49.0910 3240 Page size: 0x1000 19:38:49.0910 3240 Boot type: Normal boot 19:38:49.0910 3240 ============================================================ 19:38:50.0924 3240 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:38:50.0940 3240 ============================================================ 19:38:50.0940 3240 \Device\Harddisk0\DR0: 19:38:50.0940 3240 MBR partitions: 19:38:50.0940 3240 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 19:38:50.0940 3240 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAAC54800 19:38:50.0940 3240 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAAC87000, BlocksNum 0x3C00000 19:38:50.0940 3240 ============================================================ 19:38:50.0956 3240 C: <-> \Device\Harddisk0\DR0\Partition2 19:38:50.0987 3240 D: <-> \Device\Harddisk0\DR0\Partition3 19:38:50.0987 3240 ============================================================ 19:38:50.0987 3240 Initialize success 19:38:50.0987 3240 ============================================================ 19:38:58.0943 1788 ============================================================ 19:38:58.0943 1788 Scan started 19:38:58.0943 1788 Mode: Manual; SigCheck; TDLFS; 19:38:58.0943 1788 ============================================================ 19:38:59.0224 1788 ================ Scan system memory ======================== 19:38:59.0224 1788 System memory - ok 19:38:59.0224 1788 ================ Scan services ============================= 19:38:59.0364 1788 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 19:38:59.0489 1788 1394ohci - ok 19:38:59.0520 1788 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys 19:38:59.0536 1788 ACPI - ok 19:38:59.0598 1788 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 19:38:59.0676 1788 AcpiPmi - ok 19:38:59.0785 1788 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:38:59.0816 1788 AdobeARMservice - ok 19:38:59.0941 1788 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:38:59.0988 1788 AdobeFlashPlayerUpdateSvc - ok 19:39:00.0004 1788 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 19:39:00.0019 1788 adp94xx - ok 19:39:00.0066 1788 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 19:39:00.0082 1788 adpahci - ok 19:39:00.0097 1788 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 19:39:00.0113 1788 adpu320 - ok 19:39:00.0128 1788 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 19:39:00.0253 1788 AeLookupSvc - ok 19:39:00.0331 1788 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys 19:39:00.0456 1788 AFD - ok 19:39:00.0581 1788 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys 19:39:00.0612 1788 agp440 - ok 19:39:00.0659 1788 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 19:39:00.0721 1788 ALG - ok 19:39:00.0752 1788 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys 19:39:00.0784 1788 aliide - ok 19:39:00.0815 1788 [ 3562D7B2C40D6862623A3044E77D7A89 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 19:39:00.0893 1788 AMD External Events Utility - ok 19:39:00.0893 1788 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys 19:39:00.0908 1788 amdide - ok 19:39:00.0924 1788 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 19:39:00.0955 1788 AmdK8 - ok 19:39:01.0142 1788 [ 82C2B429EF87CD3C40B2355FA86E26F7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 19:39:01.0220 1788 amdkmdag - ok 19:39:01.0252 1788 [ 53431E0ED701DE33D322E039C8A4E0BA ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 19:39:01.0314 1788 amdkmdap - ok 19:39:01.0345 1788 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 19:39:01.0361 1788 AmdPPM - ok 19:39:01.0392 1788 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys 19:39:01.0408 1788 amdsata - ok 19:39:01.0439 1788 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 19:39:01.0454 1788 amdsbs - ok 19:39:01.0470 1788 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys 19:39:01.0470 1788 amdxata - ok 19:39:01.0501 1788 [ 08E8A4172C57ABD7693A6915CF1E7A99 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys 19:39:01.0517 1788 amd_sata - ok 19:39:01.0517 1788 [ 9866AF4E4AD7F16E810B6C0B8473F9CD ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys 19:39:01.0532 1788 amd_xata - ok 19:39:01.0595 1788 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 19:39:01.0626 1788 AntiVirSchedulerService - ok 19:39:01.0657 1788 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 19:39:01.0688 1788 AntiVirService - ok 19:39:01.0735 1788 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys 19:39:01.0891 1788 AppID - ok 19:39:01.0922 1788 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 19:39:01.0969 1788 AppIDSvc - ok 19:39:01.0985 1788 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll 19:39:02.0016 1788 Appinfo - ok 19:39:02.0063 1788 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:39:02.0094 1788 Apple Mobile Device - ok 19:39:02.0125 1788 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 19:39:02.0141 1788 arc - ok 19:39:02.0156 1788 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 19:39:02.0172 1788 arcsas - ok 19:39:02.0188 1788 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 19:39:02.0250 1788 AsyncMac - ok 19:39:02.0266 1788 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys 19:39:02.0266 1788 atapi - ok 19:39:02.0312 1788 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys 19:39:02.0312 1788 AtiHDAudioService - ok 19:39:02.0344 1788 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys 19:39:02.0359 1788 AtiPcie - ok 19:39:02.0390 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 19:39:02.0437 1788 AudioEndpointBuilder - ok 19:39:02.0453 1788 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll 19:39:02.0484 1788 AudioSrv - ok 19:39:02.0531 1788 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 19:39:02.0562 1788 avgntflt - ok 19:39:02.0578 1788 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 19:39:02.0593 1788 avipbb - ok 19:39:02.0609 1788 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 19:39:02.0624 1788 avkmgr - ok 19:39:02.0640 1788 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll 19:39:02.0718 1788 AxInstSV - ok 19:39:02.0734 1788 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 19:39:02.0765 1788 b06bdrv - ok 19:39:02.0796 1788 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 19:39:02.0812 1788 b57nd60a - ok 19:39:02.0827 1788 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 19:39:02.0843 1788 BDESVC - ok 19:39:02.0858 1788 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 19:39:02.0890 1788 Beep - ok 19:39:02.0952 1788 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll 19:39:03.0030 1788 BFE - ok 19:39:03.0077 1788 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll 19:39:03.0155 1788 BITS - ok 19:39:03.0186 1788 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 19:39:03.0217 1788 blbdrive - ok 19:39:03.0280 1788 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:39:03.0311 1788 Bonjour Service - ok 19:39:03.0326 1788 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 19:39:03.0358 1788 bowser - ok 19:39:03.0373 1788 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:39:03.0451 1788 BrFiltLo - ok 19:39:03.0482 1788 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:39:03.0514 1788 BrFiltUp - ok 19:39:03.0545 1788 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll 19:39:03.0592 1788 Browser - ok 19:39:03.0607 1788 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 19:39:03.0670 1788 Brserid - ok 19:39:03.0670 1788 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 19:39:03.0701 1788 BrSerWdm - ok 19:39:03.0732 1788 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 19:39:03.0779 1788 BrUsbMdm - ok 19:39:03.0810 1788 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 19:39:03.0841 1788 BrUsbSer - ok 19:39:03.0841 1788 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 19:39:03.0872 1788 BTHMODEM - ok 19:39:03.0904 1788 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 19:39:03.0950 1788 bthserv - ok 19:39:03.0982 1788 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 19:39:04.0013 1788 cdfs - ok 19:39:04.0044 1788 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\drivers\cdrom.sys 19:39:04.0075 1788 cdrom - ok 19:39:04.0091 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll 19:39:04.0122 1788 CertPropSvc - ok 19:39:04.0153 1788 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 19:39:04.0153 1788 circlass - ok 19:39:04.0169 1788 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 19:39:04.0184 1788 CLFS - ok 19:39:04.0231 1788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:39:04.0262 1788 clr_optimization_v2.0.50727_32 - ok 19:39:04.0325 1788 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:39:04.0340 1788 clr_optimization_v2.0.50727_64 - ok 19:39:04.0434 1788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:39:04.0465 1788 clr_optimization_v4.0.30319_32 - ok 19:39:04.0512 1788 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:39:04.0543 1788 clr_optimization_v4.0.30319_64 - ok 19:39:04.0559 1788 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 19:39:04.0574 1788 CmBatt - ok 19:39:04.0606 1788 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys 19:39:04.0621 1788 cmdide - ok 19:39:04.0652 1788 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys 19:39:04.0684 1788 CNG - ok 19:39:04.0699 1788 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 19:39:04.0699 1788 Compbatt - ok 19:39:04.0746 1788 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 19:39:04.0777 1788 CompositeBus - ok 19:39:04.0793 1788 COMSysApp - ok 19:39:04.0824 1788 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 19:39:04.0840 1788 crcdisk - ok 19:39:04.0871 1788 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll 19:39:04.0918 1788 CryptSvc - ok 19:39:04.0964 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll 19:39:05.0027 1788 DcomLaunch - ok 19:39:05.0042 1788 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 19:39:05.0089 1788 defragsvc - ok 19:39:05.0120 1788 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 19:39:05.0183 1788 DfsC - ok 19:39:05.0230 1788 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll 19:39:05.0292 1788 Dhcp - ok 19:39:05.0323 1788 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 19:39:05.0401 1788 discache - ok 19:39:05.0432 1788 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 19:39:05.0448 1788 Disk - ok 19:39:05.0464 1788 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll 19:39:05.0495 1788 Dnscache - ok 19:39:05.0542 1788 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll 19:39:05.0604 1788 dot3svc - ok 19:39:05.0635 1788 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll 19:39:05.0666 1788 DPS - ok 19:39:05.0698 1788 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 19:39:05.0744 1788 drmkaud - ok 19:39:05.0807 1788 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 19:39:05.0838 1788 DXGKrnl - ok 19:39:05.0885 1788 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 19:39:05.0947 1788 EapHost - ok 19:39:06.0041 1788 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 19:39:06.0088 1788 ebdrv - ok 19:39:06.0103 1788 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe 19:39:06.0134 1788 EFS - ok 19:39:06.0197 1788 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 19:39:06.0259 1788 ehRecvr - ok 19:39:06.0275 1788 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 19:39:06.0306 1788 ehSched - ok 19:39:06.0337 1788 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 19:39:06.0353 1788 elxstor - ok 19:39:06.0384 1788 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys 19:39:06.0400 1788 ErrDev - ok 19:39:06.0431 1788 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 19:39:06.0478 1788 EventSystem - ok 19:39:06.0509 1788 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 19:39:06.0571 1788 exfat - ok 19:39:06.0587 1788 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 19:39:06.0618 1788 fastfat - ok 19:39:06.0665 1788 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe 19:39:06.0696 1788 Fax - ok 19:39:06.0727 1788 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 19:39:06.0727 1788 fdc - ok 19:39:06.0758 1788 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 19:39:06.0805 1788 fdPHost - ok 19:39:06.0821 1788 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 19:39:06.0868 1788 FDResPub - ok 19:39:06.0883 1788 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 19:39:06.0883 1788 FileInfo - ok 19:39:06.0899 1788 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 19:39:06.0930 1788 Filetrace - ok 19:39:06.0961 1788 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 19:39:06.0992 1788 flpydisk - ok 19:39:07.0008 1788 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 19:39:07.0024 1788 FltMgr - ok 19:39:07.0086 1788 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll 19:39:07.0133 1788 FontCache - ok 19:39:07.0180 1788 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:39:07.0195 1788 FontCache3.0.0.0 - ok 19:39:07.0195 1788 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 19:39:07.0211 1788 FsDepends - ok 19:39:07.0226 1788 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 19:39:07.0242 1788 Fs_Rec - ok 19:39:07.0289 1788 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 19:39:07.0304 1788 fvevol - ok 19:39:07.0336 1788 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 19:39:07.0351 1788 gagp30kx - ok 19:39:07.0382 1788 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:39:07.0398 1788 GEARAspiWDM - ok 19:39:07.0445 1788 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll 19:39:07.0507 1788 gpsvc - ok 19:39:07.0585 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:39:07.0616 1788 gupdate - ok 19:39:07.0616 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:39:07.0632 1788 gupdatem - ok 19:39:07.0648 1788 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 19:39:07.0679 1788 hcw85cir - ok 19:39:07.0726 1788 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 19:39:07.0757 1788 HdAudAddService - ok 19:39:07.0788 1788 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 19:39:07.0819 1788 HDAudBus - ok 19:39:07.0850 1788 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 19:39:07.0866 1788 HidBatt - ok 19:39:07.0882 1788 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 19:39:07.0913 1788 HidBth - ok 19:39:07.0944 1788 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 19:39:07.0975 1788 HidIr - ok 19:39:07.0991 1788 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll 19:39:08.0022 1788 hidserv - ok 19:39:08.0053 1788 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 19:39:08.0069 1788 HidUsb - ok 19:39:08.0100 1788 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll 19:39:08.0162 1788 hkmsvc - ok 19:39:08.0178 1788 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll 19:39:08.0209 1788 HomeGroupListener - ok 19:39:08.0240 1788 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 19:39:08.0256 1788 HomeGroupProvider - ok 19:39:08.0287 1788 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 19:39:08.0318 1788 HpSAMD - ok 19:39:08.0350 1788 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys 19:39:08.0412 1788 HTTP - ok 19:39:08.0412 1788 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 19:39:08.0428 1788 hwpolicy - ok 19:39:08.0459 1788 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 19:39:08.0459 1788 i8042prt - ok 19:39:08.0474 1788 iaStor - ok 19:39:08.0506 1788 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 19:39:08.0521 1788 iaStorV - ok 19:39:08.0552 1788 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:39:08.0568 1788 idsvc - ok 19:39:08.0584 1788 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 19:39:08.0599 1788 iirsp - ok 19:39:08.0630 1788 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll 19:39:08.0662 1788 IKEEXT - ok 19:39:08.0755 1788 [ CDB772F707AC24B43A20C821852CA61F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 19:39:08.0802 1788 IntcAzAudAddService - ok 19:39:08.0818 1788 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys 19:39:08.0833 1788 intelide - ok 19:39:08.0833 1788 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 19:39:08.0849 1788 intelppm - ok 19:39:08.0864 1788 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 19:39:08.0911 1788 IPBusEnum - ok 19:39:08.0927 1788 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:39:08.0989 1788 IpFilterDriver - ok 19:39:09.0036 1788 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 19:39:09.0067 1788 iphlpsvc - ok 19:39:09.0098 1788 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 19:39:09.0145 1788 IPMIDRV - ok 19:39:09.0176 1788 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 19:39:09.0223 1788 IPNAT - ok 19:39:09.0301 1788 [ 0FF335D687C85097725A53458160E81E ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:39:09.0332 1788 iPod Service - ok 19:39:09.0348 1788 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 19:39:09.0426 1788 IRENUM - ok 19:39:09.0457 1788 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys 19:39:09.0457 1788 isapnp - ok 19:39:09.0473 1788 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 19:39:09.0488 1788 iScsiPrt - ok 19:39:09.0520 1788 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys 19:39:09.0520 1788 kbdclass - ok 19:39:09.0535 1788 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys 19:39:09.0551 1788 kbdhid - ok 19:39:09.0566 1788 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe 19:39:09.0582 1788 KeyIso - ok 19:39:09.0598 1788 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 19:39:09.0613 1788 KSecDD - ok 19:39:09.0644 1788 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 19:39:09.0644 1788 KSecPkg - ok 19:39:09.0660 1788 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 19:39:09.0707 1788 ksthunk - ok 19:39:09.0738 1788 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 19:39:09.0785 1788 KtmRm - ok 19:39:09.0816 1788 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll 19:39:09.0847 1788 LanmanServer - ok 19:39:09.0910 1788 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 19:39:09.0972 1788 LanmanWorkstation - ok 19:39:09.0988 1788 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 19:39:10.0081 1788 lltdio - ok 19:39:10.0097 1788 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 19:39:10.0144 1788 lltdsvc - ok 19:39:10.0144 1788 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 19:39:10.0190 1788 lmhosts - ok 19:39:10.0222 1788 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 19:39:10.0237 1788 LSI_FC - ok 19:39:10.0253 1788 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 19:39:10.0268 1788 LSI_SAS - ok 19:39:10.0284 1788 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:39:10.0284 1788 LSI_SAS2 - ok 19:39:10.0315 1788 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:39:10.0315 1788 LSI_SCSI - ok 19:39:10.0331 1788 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 19:39:10.0378 1788 luafv - ok 19:39:10.0440 1788 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe 19:39:10.0440 1788 McComponentHostService - ok 19:39:10.0471 1788 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 19:39:10.0487 1788 Mcx2Svc - ok 19:39:10.0502 1788 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 19:39:10.0518 1788 megasas - ok 19:39:10.0534 1788 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 19:39:10.0549 1788 MegaSR - ok 19:39:10.0580 1788 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 19:39:10.0612 1788 MMCSS - ok 19:39:10.0627 1788 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 19:39:10.0658 1788 Modem - ok 19:39:10.0690 1788 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 19:39:10.0705 1788 monitor - ok 19:39:10.0736 1788 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 19:39:10.0736 1788 mouclass - ok 19:39:10.0783 1788 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 19:39:10.0814 1788 mouhid - ok 19:39:10.0846 1788 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 19:39:10.0877 1788 mountmgr - ok 19:39:10.0924 1788 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:39:10.0939 1788 MozillaMaintenance - ok 19:39:10.0955 1788 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys 19:39:10.0970 1788 mpio - ok 19:39:10.0986 1788 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 19:39:11.0033 1788 mpsdrv - ok 19:39:11.0080 1788 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll 19:39:11.0126 1788 MpsSvc - ok 19:39:11.0158 1788 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 19:39:11.0204 1788 MRxDAV - ok 19:39:11.0220 1788 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 19:39:11.0251 1788 mrxsmb - ok 19:39:11.0282 1788 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:39:11.0298 1788 mrxsmb10 - ok 19:39:11.0314 1788 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:39:11.0345 1788 mrxsmb20 - ok 19:39:11.0360 1788 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys 19:39:11.0360 1788 msahci - ok 19:39:11.0423 1788 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe 19:39:11.0438 1788 MSCamSvc - ok 19:39:11.0454 1788 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys 19:39:11.0454 1788 msdsm - ok 19:39:11.0485 1788 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 19:39:11.0501 1788 MSDTC - ok 19:39:11.0516 1788 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 19:39:11.0563 1788 Msfs - ok 19:39:11.0563 1788 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 19:39:11.0594 1788 mshidkmdf - ok 19:39:11.0610 1788 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 19:39:11.0610 1788 msisadrv - ok 19:39:11.0626 1788 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 19:39:11.0672 1788 MSiSCSI - ok 19:39:11.0672 1788 msiserver - ok 19:39:11.0704 1788 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 19:39:11.0719 1788 MSKSSRV - ok 19:39:11.0735 1788 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 19:39:11.0766 1788 MSPCLOCK - ok 19:39:11.0766 1788 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 19:39:11.0813 1788 MSPQM - ok 19:39:11.0844 1788 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 19:39:11.0860 1788 MsRPC - ok 19:39:11.0875 1788 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 19:39:11.0875 1788 mssmbios - ok 19:39:11.0891 1788 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 19:39:11.0922 1788 MSTEE - ok 19:39:11.0938 1788 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 19:39:11.0953 1788 MTConfig - ok 19:39:11.0953 1788 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 19:39:11.0969 1788 Mup - ok 19:39:11.0984 1788 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll 19:39:12.0016 1788 napagent - ok 19:39:12.0047 1788 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 19:39:12.0078 1788 NativeWifiP - ok 19:39:12.0125 1788 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys 19:39:12.0156 1788 NDIS - ok 19:39:12.0172 1788 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 19:39:12.0203 1788 NdisCap - ok 19:39:12.0218 1788 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 19:39:12.0250 1788 NdisTapi - ok 19:39:12.0281 1788 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 19:39:12.0312 1788 Ndisuio - ok 19:39:12.0328 1788 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 19:39:12.0359 1788 NdisWan - ok 19:39:12.0390 1788 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 19:39:12.0421 1788 NDProxy - ok 19:39:12.0421 1788 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 19:39:12.0452 1788 NetBIOS - ok 19:39:12.0468 1788 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 19:39:12.0499 1788 NetBT - ok 19:39:12.0515 1788 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe 19:39:12.0530 1788 Netlogon - ok 19:39:12.0562 1788 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 19:39:12.0608 1788 Netman - ok 19:39:12.0624 1788 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 19:39:12.0671 1788 netprofm - ok 19:39:12.0686 1788 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:39:12.0702 1788 NetTcpPortSharing - ok 19:39:12.0718 1788 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 19:39:12.0733 1788 nfrd960 - ok 19:39:12.0733 1788 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll 19:39:12.0749 1788 NlaSvc - ok 19:39:12.0764 1788 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 19:39:12.0796 1788 Npfs - ok 19:39:12.0811 1788 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 19:39:12.0842 1788 nsi - ok 19:39:12.0858 1788 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 19:39:12.0889 1788 nsiproxy - ok 19:39:12.0936 1788 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 19:39:12.0967 1788 Ntfs - ok 19:39:12.0983 1788 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 19:39:13.0014 1788 Null - ok 19:39:13.0030 1788 [ A7127E86F9FFE2A53E271B56B2C4CEDF ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 19:39:13.0061 1788 nusb3hub - ok 19:39:13.0076 1788 [ 49BBEC6F48D5F9284B03ABF3A959B19B ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 19:39:13.0092 1788 nusb3xhc - ok 19:39:13.0295 1788 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 19:39:13.0451 1788 nvlddmkm - ok 19:39:13.0466 1788 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys 19:39:13.0466 1788 nvraid - ok 19:39:13.0482 1788 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys 19:39:13.0498 1788 nvstor - ok 19:39:13.0529 1788 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 19:39:13.0544 1788 nv_agp - ok 19:39:13.0607 1788 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:39:13.0638 1788 odserv - ok 19:39:13.0669 1788 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 19:39:13.0700 1788 ohci1394 - ok 19:39:13.0716 1788 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:39:13.0732 1788 ose - ok 19:39:13.0747 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 19:39:13.0794 1788 p2pimsvc - ok 19:39:13.0810 1788 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 19:39:13.0825 1788 p2psvc - ok 19:39:13.0841 1788 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 19:39:13.0856 1788 Parport - ok 19:39:13.0872 1788 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys 19:39:13.0872 1788 partmgr - ok 19:39:13.0903 1788 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 19:39:13.0934 1788 PcaSvc - ok 19:39:13.0950 1788 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys 19:39:13.0950 1788 pci - ok 19:39:13.0966 1788 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys 19:39:13.0981 1788 pciide - ok 19:39:14.0012 1788 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 19:39:14.0012 1788 pcmcia - ok 19:39:14.0028 1788 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 19:39:14.0044 1788 pcw - ok 19:39:14.0059 1788 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 19:39:14.0090 1788 PEAUTH - ok 19:39:14.0168 1788 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 19:39:14.0168 1788 PerfHost - ok 19:39:14.0231 1788 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll 19:39:14.0293 1788 pla - ok 19:39:14.0324 1788 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 19:39:14.0356 1788 PlugPlay - ok 19:39:14.0356 1788 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 19:39:14.0371 1788 PNRPAutoReg - ok 19:39:14.0387 1788 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 19:39:14.0402 1788 PNRPsvc - ok 19:39:14.0434 1788 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 19:39:14.0465 1788 PolicyAgent - ok 19:39:14.0480 1788 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 19:39:14.0512 1788 Power - ok 19:39:14.0543 1788 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 19:39:14.0574 1788 PptpMiniport - ok 19:39:14.0605 1788 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 19:39:14.0621 1788 Processor - ok 19:39:14.0652 1788 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll 19:39:14.0668 1788 ProfSvc - ok 19:39:14.0683 1788 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe 19:39:14.0699 1788 ProtectedStorage - ok 19:39:14.0730 1788 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys 19:39:14.0761 1788 Psched - ok 19:39:14.0808 1788 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 19:39:14.0824 1788 PSI_SVC_2 - ok 19:39:14.0855 1788 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 19:39:14.0886 1788 ql2300 - ok 19:39:14.0902 1788 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 19:39:14.0917 1788 ql40xx - ok 19:39:14.0933 1788 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 19:39:14.0948 1788 QWAVE - ok 19:39:14.0964 1788 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 19:39:14.0980 1788 QWAVEdrv - ok 19:39:14.0995 1788 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 19:39:15.0026 1788 RasAcd - ok 19:39:15.0073 1788 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 19:39:15.0151 1788 RasAgileVpn - ok 19:39:15.0151 1788 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 19:39:15.0198 1788 RasAuto - ok 19:39:15.0229 1788 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 19:39:15.0260 1788 Rasl2tp - ok 19:39:15.0292 1788 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll 19:39:15.0338 1788 RasMan - ok 19:39:15.0354 1788 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 19:39:15.0401 1788 RasPppoe - ok 19:39:15.0401 1788 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 19:39:15.0479 1788 RasSstp - ok 19:39:15.0541 1788 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 19:39:15.0572 1788 rdbss - ok 19:39:15.0619 1788 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 19:39:15.0697 1788 rdpbus - ok 19:39:15.0728 1788 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 19:39:15.0760 1788 RDPCDD - ok 19:39:15.0791 1788 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 19:39:15.0822 1788 RDPENCDD - ok 19:39:15.0822 1788 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 19:39:15.0853 1788 RDPREFMP - ok 19:39:15.0926 1788 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 19:39:15.0952 1788 RdpVideoMiniport - ok 19:39:15.0967 1788 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 19:39:16.0030 1788 RDPWD - ok 19:39:16.0077 1788 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 19:39:16.0092 1788 rdyboost - ok 19:39:16.0108 1788 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 19:39:16.0155 1788 RemoteAccess - ok 19:39:16.0170 1788 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 19:39:16.0217 1788 RemoteRegistry - ok 19:39:16.0217 1788 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 19:39:16.0264 1788 RpcEptMapper - ok 19:39:16.0279 1788 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 19:39:16.0295 1788 RpcLocator - ok 19:39:16.0342 1788 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll 19:39:16.0404 1788 RpcSs - ok 19:39:16.0420 1788 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 19:39:16.0451 1788 rspndr - ok 19:39:16.0482 1788 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 19:39:16.0498 1788 RTL8167 - ok 19:39:16.0529 1788 [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys 19:39:16.0545 1788 RTL8192su - ok 19:39:16.0560 1788 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe 19:39:16.0560 1788 SamSs - ok 19:39:16.0591 1788 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 19:39:16.0591 1788 sbp2port - ok 19:39:16.0607 1788 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 19:39:16.0638 1788 SCardSvr - ok 19:39:16.0685 1788 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 19:39:16.0732 1788 scfilter - ok 19:39:16.0779 1788 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll 19:39:16.0825 1788 Schedule - ok 19:39:16.0857 1788 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll 19:39:16.0872 1788 SCPolicySvc - ok 19:39:16.0919 1788 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll 19:39:16.0935 1788 SDRSVC - ok 19:39:16.0950 1788 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 19:39:16.0981 1788 secdrv - ok 19:39:17.0013 1788 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll 19:39:17.0075 1788 seclogon - ok 19:39:17.0091 1788 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll 19:39:17.0122 1788 SENS - ok 19:39:17.0137 1788 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 19:39:17.0169 1788 SensrSvc - ok 19:39:17.0184 1788 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 19:39:17.0200 1788 Serenum - ok 19:39:17.0215 1788 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 19:39:17.0231 1788 Serial - ok 19:39:17.0247 1788 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 19:39:17.0262 1788 sermouse - ok 19:39:17.0293 1788 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll 19:39:17.0325 1788 SessionEnv - ok 19:39:17.0356 1788 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 19:39:17.0387 1788 sffdisk - ok 19:39:17.0418 1788 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 19:39:17.0449 1788 sffp_mmc - ok 19:39:17.0465 1788 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 19:39:17.0512 1788 sffp_sd - ok 19:39:17.0527 1788 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 19:39:17.0527 1788 sfloppy - ok 19:39:17.0574 1788 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 19:39:17.0652 1788 SharedAccess - ok 19:39:17.0668 1788 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll 19:39:17.0699 1788 ShellHWDetection - ok 19:39:17.0730 1788 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:39:17.0730 1788 SiSRaid2 - ok 19:39:17.0746 1788 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 19:39:17.0761 1788 SiSRaid4 - ok 19:39:17.0793 1788 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 19:39:17.0824 1788 Smb - ok 19:39:17.0855 1788 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 19:39:17.0886 1788 SNMPTRAP - ok 19:39:17.0902 1788 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 19:39:17.0917 1788 spldr - ok 19:39:18.0978 1788 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe 19:39:19.0009 1788 Spooler - ok 19:39:19.0103 1788 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe 19:39:19.0165 1788 sppsvc - ok 19:39:19.0181 1788 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 19:39:19.0228 1788 sppuinotify - ok 19:39:19.0259 1788 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys 19:39:19.0290 1788 srv - ok 19:39:19.0290 1788 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 19:39:19.0306 1788 srv2 - ok 19:39:19.0321 1788 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 19:39:19.0337 1788 srvnet - ok 19:39:19.0353 1788 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 19:39:19.0384 1788 SSDPSRV - ok 19:39:19.0399 1788 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 19:39:19.0477 1788 SstpSvc - ok 19:39:19.0493 1788 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 19:39:19.0509 1788 stexstor - ok 19:39:19.0555 1788 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll 19:39:19.0587 1788 stisvc - ok 19:39:19.0618 1788 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys 19:39:19.0649 1788 swenum - ok 19:39:19.0680 1788 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 19:39:19.0727 1788 swprv - ok 19:39:19.0821 1788 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll 19:39:19.0867 1788 SysMain - ok 19:39:19.0930 1788 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll 19:39:19.0977 1788 TabletInputService - ok 19:39:20.0023 1788 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll 19:39:20.0070 1788 TapiSrv - ok 19:39:20.0086 1788 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 19:39:20.0117 1788 TBS - ok 19:39:20.0195 1788 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys 19:39:20.0242 1788 Tcpip - ok 19:39:20.0289 1788 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 19:39:20.0320 1788 TCPIP6 - ok 19:39:20.0351 1788 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 19:39:20.0367 1788 tcpipreg - ok 19:39:20.0398 1788 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 19:39:20.0413 1788 TDPIPE - ok 19:39:20.0429 1788 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 19:39:20.0445 1788 TDTCP - ok 19:39:20.0476 1788 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 19:39:20.0507 1788 tdx - ok 19:39:20.0538 1788 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys 19:39:20.0554 1788 TermDD - ok 19:39:20.0585 1788 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll 19:39:20.0616 1788 TermService - ok 19:39:20.0632 1788 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 19:39:20.0663 1788 Themes - ok 19:39:20.0679 1788 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 19:39:20.0710 1788 THREADORDER - ok 19:39:20.0741 1788 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 19:39:20.0772 1788 TrkWks - ok 19:39:20.0819 1788 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 19:39:20.0897 1788 TrustedInstaller - ok 19:39:20.0928 1788 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 19:39:20.0975 1788 tssecsrv - ok 19:39:21.0006 1788 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 19:39:21.0053 1788 TsUsbFlt - ok 19:39:21.0100 1788 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 19:39:21.0162 1788 tunnel - ok 19:39:21.0193 1788 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 19:39:21.0209 1788 uagp35 - ok 19:39:21.0225 1788 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 19:39:21.0271 1788 udfs - ok 19:39:21.0287 1788 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 19:39:21.0303 1788 UI0Detect - ok 19:39:21.0334 1788 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 19:39:21.0334 1788 uliagpkx - ok 19:39:21.0365 1788 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys 19:39:21.0396 1788 umbus - ok 19:39:21.0427 1788 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 19:39:21.0459 1788 UmPass - ok 19:39:21.0474 1788 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 19:39:21.0521 1788 upnphost - ok 19:39:21.0552 1788 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 19:39:21.0568 1788 USBAAPL64 - ok 19:39:21.0599 1788 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 19:39:21.0599 1788 usbaudio - ok 19:39:21.0630 1788 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 19:39:21.0661 1788 usbccgp - ok 19:39:21.0708 1788 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys 19:39:21.0739 1788 usbcir - ok 19:39:21.0771 1788 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 19:39:21.0802 1788 usbehci - ok 19:39:21.0864 1788 [ DC2B306861F42EEEB92EF525F4119F08 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys 19:39:21.0895 1788 usbfilter - ok 19:39:21.0927 1788 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 19:39:21.0973 1788 usbhub - ok 19:39:21.0973 1788 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 19:39:22.0005 1788 usbohci - ok 19:39:22.0020 1788 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 19:39:22.0051 1788 usbprint - ok 19:39:22.0067 1788 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 19:39:22.0083 1788 usbscan - ok 19:39:22.0098 1788 [ A60E7E0FA88FF067D049D525547CD5E9 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 19:39:22.0114 1788 USBSTOR - ok 19:39:22.0129 1788 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 19:39:22.0145 1788 usbuhci - ok 19:39:22.0176 1788 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 19:39:22.0207 1788 UxSms - ok 19:39:22.0207 1788 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe 19:39:22.0223 1788 VaultSvc - ok 19:39:22.0254 1788 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 19:39:22.0254 1788 vdrvroot - ok 19:39:22.0301 1788 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe 19:39:22.0348 1788 vds - ok 19:39:22.0379 1788 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 19:39:22.0379 1788 vga - ok 19:39:22.0395 1788 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 19:39:22.0426 1788 VgaSave - ok 19:39:22.0457 1788 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 19:39:22.0473 1788 vhdmp - ok 19:39:22.0488 1788 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys 19:39:22.0488 1788 viaide - ok 19:39:22.0504 1788 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys 19:39:22.0519 1788 volmgr - ok 19:39:22.0551 1788 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 19:39:22.0566 1788 volmgrx - ok 19:39:22.0566 1788 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys 19:39:22.0582 1788 volsnap - ok 19:39:22.0613 1788 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 19:39:22.0613 1788 vsmraid - ok 19:39:22.0691 1788 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe 19:39:22.0753 1788 VSS - ok 19:39:22.0769 1788 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 19:39:22.0800 1788 vwifibus - ok 19:39:22.0816 1788 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 19:39:22.0863 1788 vwififlt - ok 19:39:22.0894 1788 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 19:39:22.0925 1788 vwifimp - ok 19:39:23.0003 1788 [ CE6C085771812D5EE863CC7EF93CAEF2 ] VX1000 C:\Windows\system32\DRIVERS\VX1000.sys 19:39:23.0034 1788 VX1000 - ok 19:39:23.0065 1788 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 19:39:23.0112 1788 W32Time - ok 19:39:23.0128 1788 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 19:39:23.0143 1788 WacomPen - ok 19:39:23.0175 1788 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 19:39:23.0253 1788 WANARP - ok 19:39:23.0253 1788 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 19:39:23.0284 1788 Wanarpv6 - ok 19:39:23.0346 1788 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 19:39:23.0393 1788 WatAdminSvc - ok 19:39:23.0455 1788 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe 19:39:23.0502 1788 wbengine - ok 19:39:23.0518 1788 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 19:39:23.0549 1788 WbioSrvc - ok 19:39:23.0565 1788 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll 19:39:23.0580 1788 wcncsvc - ok 19:39:23.0596 1788 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 19:39:23.0643 1788 WcsPlugInService - ok 19:39:23.0658 1788 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 19:39:23.0674 1788 Wd - ok 19:39:23.0705 1788 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 19:39:23.0752 1788 Wdf01000 - ok 19:39:23.0752 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 19:39:23.0830 1788 WdiServiceHost - ok 19:39:23.0830 1788 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 19:39:23.0845 1788 WdiSystemHost - ok 19:39:23.0861 1788 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll 19:39:23.0892 1788 WebClient - ok 19:39:23.0908 1788 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 19:39:23.0939 1788 Wecsvc - ok 19:39:23.0955 1788 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 19:39:23.0986 1788 wercplsupport - ok 19:39:24.0017 1788 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 19:39:24.0048 1788 WerSvc - ok 19:39:24.0079 1788 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 19:39:24.0111 1788 WfpLwf - ok 19:39:24.0111 1788 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 19:39:24.0126 1788 WIMMount - ok 19:39:24.0142 1788 WinDefend - ok 19:39:24.0157 1788 WinHttpAutoProxySvc - ok 19:39:24.0204 1788 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 19:39:24.0282 1788 Winmgmt - ok 19:39:24.0329 1788 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll 19:39:24.0376 1788 WinRM - ok 19:39:24.0391 1788 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 19:39:24.0407 1788 WinUsb - ok 19:39:24.0423 1788 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 19:39:24.0454 1788 Wlansvc - ok 19:39:24.0501 1788 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 19:39:24.0532 1788 wlcrasvc - ok 19:39:24.0594 1788 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 19:39:24.0625 1788 wlidsvc - ok 19:39:24.0657 1788 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 19:39:24.0688 1788 WmiAcpi - ok 19:39:24.0703 1788 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 19:39:24.0735 1788 wmiApSrv - ok 19:39:24.0766 1788 WMPNetworkSvc - ok 19:39:24.0766 1788 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 19:39:24.0797 1788 WPCSvc - ok 19:39:24.0813 1788 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 19:39:24.0844 1788 WPDBusEnum - ok 19:39:24.0859 1788 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 19:39:24.0906 1788 ws2ifsl - ok 19:39:24.0922 1788 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll 19:39:24.0937 1788 wscsvc - ok 19:39:24.0953 1788 WSearch - ok 19:39:25.0031 1788 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 19:39:25.0078 1788 wuauserv - ok 19:39:25.0093 1788 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 19:39:25.0109 1788 WudfPf - ok 19:39:25.0140 1788 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 19:39:25.0140 1788 WUDFRd - ok 19:39:25.0171 1788 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 19:39:25.0203 1788 wudfsvc - ok 19:39:25.0249 1788 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll 19:39:25.0281 1788 WwanSvc - ok 19:39:25.0296 1788 ================ Scan global =============================== 19:39:25.0359 1788 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 19:39:25.0390 1788 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:39:25.0390 1788 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll 19:39:25.0421 1788 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 19:39:25.0452 1788 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 19:39:25.0452 1788 [Global] - ok 19:39:25.0452 1788 ================ Scan MBR ================================== 19:39:25.0468 1788 [ 5D949EEA3BEEC2DF38A2D7900AD89A60 ] \Device\Harddisk0\DR0 19:39:27.0667 1788 \Device\Harddisk0\DR0 - ok 19:39:27.0667 1788 ================ Scan VBR ================================== 19:39:27.0667 1788 [ BB4EE181A3C3FB6FBA2D635B5D34CAE4 ] \Device\Harddisk0\DR0\Partition1 19:39:27.0667 1788 \Device\Harddisk0\DR0\Partition1 - ok 19:39:27.0699 1788 [ 4CB0A14ADB05C81F03E6366A728495D6 ] \Device\Harddisk0\DR0\Partition2 19:39:27.0714 1788 \Device\Harddisk0\DR0\Partition2 - ok 19:39:27.0730 1788 [ BB651F9BAC2C393879A04366C83F8A97 ] \Device\Harddisk0\DR0\Partition3 19:39:27.0745 1788 \Device\Harddisk0\DR0\Partition3 - ok 19:39:27.0745 1788 ============================================================ 19:39:27.0745 1788 Scan finished 19:39:27.0745 1788 ============================================================ 19:39:27.0745 3328 Detected object count: 0 19:39:27.0745 3328 Actual detected object count: 0 19:39:30.0491 4172 Deinitialize success Hallo Markus, erst mal ein großes Danke bis jetzt! Muss ich noch etwas machen? Gruß Thomas |
|
17.06.2013, 11:34
| #13 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 Hi, Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.06.2013, 19:43
| #14 |
| | GVU Win7 64 Bit JS Agent 480412 Hallo Markus, Combofix läuft durch, aber es wird keine Combofix.txt erzeugt? Es existiert auch kein Ordner. Combofix auf Desktop installiert, geöffnet und durchlaufen lassen. Wo liegt der Haken in meiner Benutzung? Danke und Gruß Thomas ich hoffe das hat funktioniert... Combofix Logfile: Code:
ATTFilter ComboFix 13-06-17.01 - Thomas 17.06.2013 21:05:43.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4095.2360 [GMT 2:00]
ausgeführt von:: c:\users\Thomas\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ob3od.pad
c:\programdata\rundll32.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-17 bis 2013-06-17 ))))))))))))))))))))))))))))))
.
.
2013-06-17 19:09 . 2013-06-17 19:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-17 19:08 . 2013-06-17 19:08 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3BF48011-6D22-423E-9491-333088EF62EE}\offreg.dll
2013-06-17 18:49 . 2013-06-10 22:58 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3BF48011-6D22-423E-9491-333088EF62EE}\mpengine.dll
2013-06-16 17:02 . 2013-06-16 17:25 -------- d-----w- C:\_OTL
2013-06-16 15:15 . 2013-06-16 15:15 2608 ----a-w- c:\programdata\ob3od.js
2013-06-15 18:35 . 2013-06-08 12:28 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-12 04:51 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-09 08:01 . 2013-06-09 08:02 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-09 08:01 . 2013-06-09 08:02 -------- d-----w- c:\program files\iTunes
2013-06-09 08:01 . 2013-06-09 08:02 -------- d-----w- c:\program files (x86)\iTunes
2013-06-09 08:01 . 2013-06-09 08:01 -------- d-----w- c:\program files\iPod
2013-05-25 13:10 . 2013-05-25 13:10 362029 ----a-w- c:\windows\SysWow64\sqlite3.dll
2013-05-25 13:08 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-05-25 13:08 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-05-25 13:08 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-05-25 13:08 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-05-25 13:08 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-05-25 13:08 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-05-25 13:08 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-05-25 12:44 . 2013-05-25 12:44 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-25 12:23 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-15 11:25 . 2012-04-06 07:16 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-15 11:25 . 2011-05-14 10:24 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 05:04 . 2010-07-07 15:49 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-25 12:13 . 2011-10-30 12:53 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06 . 2010-07-07 15:48 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-13 05:49 . 2013-05-25 12:23 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-25 12:23 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-25 12:23 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-25 12:23 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-25 12:23 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-25 12:23 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-26 06:05 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
2011-09-22 16:58 177712 ----a-w- c:\program files (x86)\vShare.tv plugin\BarLcher.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-09-22 177712]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-10-14 98304]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-12-12 163000]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Audible Download Manager.lnk - c:\program files (x86)\Audible\Bin\AudibleDownloadHelper.exe /Startup [2011-3-14 2125472]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe;c:\program files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-09 08:20 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 11:25]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 20:21]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 20:21]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{08337871-0e50-4031-9110-3bd21ca3c065}]
2011-11-09 01:54 167416 ----a-w- c:\users\Thomas\AppData\Roaming\VshareComplete\64\VshareComplete64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-22 11490408]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.kicker.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{968D1D2D-689F-407A-9952-71D7A2706EF2}: NameServer = 192.168.1.1
FF - ProfilePath - c:\users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\muatpvud.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://startsear.ch/?aff=1&cf=41c8a23b-203d-11e1-af70-6c626db757f8
FF - prefs.js: keyword.URL - hxxp://startsear.ch/?aff=1&src=sp&cf=41c8a23b-203d-11e1-af70-6c626db757f8&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NapsterShell - c:\program files (x86)\Napster\napster.exe
SafeBoot-BsScanner
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-17 21:11:03
ComboFix-quarantined-files.txt 2013-06-17 19:11
.
Vor Suchlauf: 6 Verzeichnis(se), 1.328.051.253.248 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 1.331.185.639.424 Bytes frei
.
- - End Of File - - EBDAE8C49A1AAD82DA92FB53D3468E5A
5D949EEA3BEEC2DF38A2D7900AD89A60 |
|
18.06.2013, 16:43
| #15 |
| /// Malware-holic | GVU Win7 64 Bit JS Agent 480412 passt doch. malwarebytes: Downloade Dir bitte Malwarebytes
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu GVU Win7 64 Bit JS Agent 480412 |
| abgesicherte, abgesicherten, agent, anmeldung, antivir, desktop, dinge, erfolgreicher, erneut, forum, freigabe, gefunde, gesetzt, installier, installiert, laufe, laufen, meldung, modus, neustart, quarantäne, usb-stick, virus, win, win7, win7 64 |
Textbox. 
WARNUNG an die MITLESER: 
Linear-Darstellung
